Monday, December 08, 2008

Whisky, Tango, Foxtrot, over?

From U.S. is Losing Global CyberWar. '

What the hell does that even mean?

To compile the report, which is entitled "Securing Cyberspace in the 44th Presidency," commission members say they reviewed tens of thousands of pages of undisclosed documentation, visited forensics labs and the National Security Agency, and were briefed in closed-door sessions by top officials from Pentagon, CIA, and British spy agency MI5. From their research, they concluded that the U.S. badly needs a comprehensive cybersecurity policy to replace an outdated checklist of security requirements for government agencies under the existing Federal Information Security Management Act.

The report calls for the creation of a Center for Cybersecurity Operations that would act as a new regulator of computer security in both the public and private sector. Active policing of government and corporate networks would include new rules and a "red team" to test computers for vulnerabilities now being exploited with increasing sophistication and frequency by identity and credit card thieves, bank fraudsters, crime rings, and electronic spies. "We're playing a giant game of chess now and we're losing badly," says commission member Tom Kellermann, a former World Bank security official who now is vice-president of Security Awareness at Core Security.

So the need to replace their old checklists with new checklists and start testing for vulnerabilities.

Which genius thought that up?

Chess? Win vs. Lose?

If only they knew about the Petraeus doctrine

Define the problem in these terms, and winning battles becomes less urgent than pacifying populations and establishing effective governance.

War in this context implies not only coercion but also social engineering. As Nagl puts it, the security challenges of the 21st century will require the U.S. military “not just to dominate land operations, but to change entire societies.”

If you can't even define victory in Iraq (conventionally or unconventionally) how can you define victory in "Cyberspace?"

(And of course over on ElasticVapor they think this is a great article which confirms my suspicions)

Please tell me what all this is going to accomplish or attempt that has not already been tried in the last decade?

No comments: