Responding Strategically to Cyber Attacks

The last 12 months has seen a significant amount of progress in our nation’s awareness of cyber threats and in our collective actions to address the security of our IT systems.  However, a huge amount of work remains to be done.

In a cyber context, the situation is a little like the one Winston Churchill described when he said: “This is not the end.  It is not even the beginning of the end.  But it is, perhaps, the end of the beginning.” We in the cyber world have taken some serious blows, and we are shoring up our defenses.  But there is a long long way to go before our objectives are met.

With this post I want to provide a snapshot of some of the progress of late.

1) CNCI: The Comprehensive National Cybersecurity Initiative provided a kickstart to many elements of the federal enterprise and facilitated coordination action by multiple agencies.  It was also an important evolution for Congress.  The changes to the federal budget and the intentions of agencies was very positive.  It is my opinion that the CNCI made a lasting positive difference in reducing unauthorized access into the federal enterprise and in enhancing resiliency of our systems. For more info see:

2) The CSIS report and related actions/studies: This 8 Dec 2008 report is the result of hard work and collective study by some of the best brains in the cyber security world.  Commissioners on the study are a who’s-who of security and the quality of this report is a direct reflection of this fact.  The report offers recommendations on multiple hard areas and should be referenced by anyone making decisions in the IT arena.  A recent related development is the posting by SANS of the Common Audit Guidelines.  This is a fantastic step towards providing guidelines to enhancing security and functionality. For more info see:

3) GAO Reports: Never in my life have I been so pleased with the quality of GAO reporting.  They have been doing fantastic work pulling together information on a wide range of technology issues.  Key among them is reporting on cyber security.  For example, the 10 March 2009 report on “National Cybersecurity Strategy.” This report captures a statement by David Powner, Director of Information Technology Management Issues for GAO. The report recommends twelve key strategy improvements needed now, most of which are in total consonance with the CSIS report.

4) The Obama Administration Review: Being true to promises during the campaign, the Obama administration began a review of cyber in a way that is open and is proactively seeking out inputs from all quarters.   Great work in liaison with industry, academia and internal in the federal government is underway.   This type of liaison has immediate benefit in building bridges with large teams of people who need to work well together to engineer enduring solutions, so it has already delivered benefits. For more info see:

The four topics above are all things that are translating to real action to improve the security posture of both the federal IT enterprise and the critical infrastructures of the nation.  In my opinion, great progress is being made.

But now is not the time to rest on our laurels.  The battle has just begun.

“This is not the end.  It is not even the beginning of the end.  But it is, perhaps, the end of the beginning.”
Connect Here

What do you think?

A Proposal Regarding High Tech Immigrants to the US

Widespread Cyber Espionage: More evidence and what to do about it