Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Digg this story   Add to del.icio.us  
Bob Blakely on the Cybersecurity Conversation
adam, Emergent Chaos 2009-07-06
Bob Blakely has a thought-provoking blog post which starts:
The Cyberspace Policy Review says "The national dialog on cyber-security must begin today." I agree. Let's start the dialog with a conversation about what sacrifices we're willing to make to get to an acceptable worst-case performance. Here are four questions to get the ball rolling:

Question 1: Are we willing to give anything up?
Question 2: Are we willing to do anything different?
Question 3: Are we willing to take any blame?
Question 4: Are we willing to give any guarantees?

I'd trade 3 & 4 (today) for are we willing to broadly share information about outcomes? I understand that the review (which I've yet to read) calls for effective information sharing, which is a goal I support. Will the government lead, and share its own information?

Before we can get to blame and guarantees, we have to have something beyond "best practices" to work from. Without knowing which practices work and which don't, it makes little sense to distribute blame or to offer a guarantee.




The information, views, and opinions contained on this page are those of the author and do not necessarily reflect the views and opinions of SecurityFocus.






 

Privacy Statement
Copyright 2008, SecurityFocus