Archive for April, 2012

From: The Atlantic

by Patrick Lin

Though problematic, authorizing industry victims to counterattack may prove a good stop-gap measure to remove the political risk of government intervention while still creating deterrence.

With the Cyber Intelligence Sharing and Protection Act (CISPA), we’re in a political tug-of-war over who should lead the security of our digital borders: should it be a civilian organization such as the Department of Homeland Security (DHS), or a military organization such as the Department of Defense (DoD)? I want to suggest a third option that government need not be involved–a solution that would avoid very difficult issues related to international humanitarian law (IHL) and therefore reduce the risk of an accidental cyberwar or worse. This option models itself on the (admittedly controversial) “Stand Your Ground” law that’s rooted in our basic right to self-defense, and it authorizes counter-cyberattacks by private companies, which have been the main victims of harmful cyberactivities by foreign actors to date.

From: SkyNews.com.au

The extension of the ANZUS alliance into cyberspace in 2011 was aimed at cyber attacks from China, a new study says.

The Australia-US Ministerial (AUSMIN) meeting in San Francisco last September agreed to extend the ANZUS alliance into cyberspace, to address the threat of cyber attacks.

Under these new arrangements, Australia and the US will consult and determine appropriate options to address the threat of any cyber-attack that threatened the territorial integrity, political independence or security of either nation.

But just how that would work remains unclear, said Australian Strategic Policy Institute (ASPI) analyst Andrew Davies in one of a series of papers on the Australia-US cybersecurity agreement.

Cybersecurity education is essential for national security.  In response to this need, NICE has been established.  As NIST explains,

The National Initiative for Cybersecurity Education (NICE) has evolved from the Comprehensive National Cybersecurity Initiative, and extends its scope beyond the federal workplace to include civilians and students in kindergarten through post-graduate school. The goal of NICE is to establish an operational, sustainable and continually improving cybersecurity education program for the nation to use sound cyber practices that will enhance the nation’s security. 

From: ComputerWorld

As much as we don’t like to hear about it, America is not winning the cyberwar. Malicious hackers are winning and China has penetrated “every major U.S. company.” But there are elite cyber warriors who protect the world from cybercrime and the USA desperately needs more Cyber Guardians. In advance of the second annual Cyber Guardian information security training event in Baltimore next week, April 30 – May 7, 2012, I had an opportunity to interview Ed Skoudis about the SANS Cyber Guardian program.

From: RIA Novosti

Estonia has urged Japan to deepen its collaboration with NATO on cyber defense and to take part in joint cyber defense exercises, the Estonian Defense Ministry said.

Estonia’s Permanent Secretary of the Ministry of Defense Mikk Marran, who is on a visit to Japan, met on Monday with Japan’s Vice Minister of Defense Hironori Kanazawa. The sides discussed various issues of military cooperation between Japan and NATO-member Estonia, focusing on cyber security.

“The structure of the Estonian and Japanese agencies involved in cyber defense is very similar; however, contacts between Estonian and Japanese cyber specialists to date have been few,” Marran said, inviting Japan to contribute to the work of NATO’s Cyber Defense Centre in Tallinn.