Why are computer systems being attacked? Because the attackers believe that their attacks will succeed and succeed with little risk of retribution. This is the current dynamic.
From a strategy perspective, it often looks like the attackers have the upper hand; for a given target, the attackers need to only succeed once, while the defenders must successfully defend and protect their system every time. A single failure in the defense of a computer system allows an attacker in. This certainly looks grim for the defender, especially with the resources that are available to attackers.
But this model only holds when the protections of the systems under attack are static, and the risk of retribution is small. The attacks made against a system are based on what is known about the system. Just as a defender is challenged to anticipate a new form of cyber-attack, an attacker has an even greater challenge in anticipating new forms of cyber defense. It is in the introduction of new forms of cyber defense that the defenders have the advantage.
New forms of cyber defense render previously successful attack methods impotent. Attackers have to develop new attacks against these new defenses, until the new attacks are successful. Organizations employing these new defenses will be much better protected than the rest of the cyber community, effectively granting them immunity from some existing forms of attack. This changes the dynamic by reducing the overall number of cyber-attacks on organizations employing the new defenses because the chance of success has been greatly reduced. The focus can shift from defending against attacks to the forensic work of identifying the perpetrators and holding them accountable.
It is time to take seriously the new cyber defense technologies that are becoming available and not rely solely on our current generation of failing defense solutions. We must accept that adopting new defense technologies takes effort. We will have to learn new ways to think about and understand our cyber environment, our attackers, our tools and our defenses. We cannot always fit new technologies into our existing buckets of tools, policies and approaches. Overcoming the opposition to change is one of the hardest things to do. Our adversaries are counting on that difficulty to delay or stop the adoption of new cyber defense technologies to prolong their advantage.
New cyber security defense technologies are our only real hope in defending against the increasing cyber security threats. We must insure that the fear of change and the additional work effort required to implement new technologies do not derail their adoption efforts. If that continues to happen, the bad guys win and our computer systems will continue to be attacked with abandon.
From a strategy perspective, it often looks like the attackers have the upper hand; for a given target, the attackers need to only succeed once, while the defenders must successfully defend and protect their system every time. A single failure in the defense of a computer system allows an attacker in. This certainly looks grim for the defender, especially with the resources that are available to attackers.
But this model only holds when the protections of the systems under attack are static, and the risk of retribution is small. The attacks made against a system are based on what is known about the system. Just as a defender is challenged to anticipate a new form of cyber-attack, an attacker has an even greater challenge in anticipating new forms of cyber defense. It is in the introduction of new forms of cyber defense that the defenders have the advantage.
New forms of cyber defense render previously successful attack methods impotent. Attackers have to develop new attacks against these new defenses, until the new attacks are successful. Organizations employing these new defenses will be much better protected than the rest of the cyber community, effectively granting them immunity from some existing forms of attack. This changes the dynamic by reducing the overall number of cyber-attacks on organizations employing the new defenses because the chance of success has been greatly reduced. The focus can shift from defending against attacks to the forensic work of identifying the perpetrators and holding them accountable.
It is time to take seriously the new cyber defense technologies that are becoming available and not rely solely on our current generation of failing defense solutions. We must accept that adopting new defense technologies takes effort. We will have to learn new ways to think about and understand our cyber environment, our attackers, our tools and our defenses. We cannot always fit new technologies into our existing buckets of tools, policies and approaches. Overcoming the opposition to change is one of the hardest things to do. Our adversaries are counting on that difficulty to delay or stop the adoption of new cyber defense technologies to prolong their advantage.
New cyber security defense technologies are our only real hope in defending against the increasing cyber security threats. We must insure that the fear of change and the additional work effort required to implement new technologies do not derail their adoption efforts. If that continues to happen, the bad guys win and our computer systems will continue to be attacked with abandon.
0 comments:
Post a Comment