Access "Cyberwar calls for software and system investment, not hacking back"
This article is part of the April 2013 / Volume 15 / No. 3 issue of Managing identities in hybrid worlds
In February, the security firm Mandiant Corp. confirmed, with plenty of hard evidence, what we've known for a long time: Chinese cyberespionage is staggeringly rampant. From the Aurora attacks in 2009 through the spectacular RSA token hack of 2011 to the ironically, self-described attacks on the computer systems at The New York Times in 2012, state-sponsored cyberespionage has been constant news for years. Gary McGraw Every revelation comes with a renewed beating of the cyberwar drums. Given that today's existing defenses and countermeasures have proven largely ineffective in thwarting these attacks, many otherwise sane people have discussed the idea of going on the offensive and "hacking back" by booby-trapping honeypot data or setting loose malicious software. Distressingly, this sort of cyberoffense is being repackaged -- and camouflaged -- in a clever and, ironically, "newspeak" way under the rubric "active defense." Let's get this straight up front: Active defense is irresponsible. We will never vanquish a cyberenemy by going on the offensive (unless we... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Managing identities in hybrid worlds
by Peter H. Gregory
Are you losing control of access management as SaaS and mobile devices take hold? To achieve better operational consistency and scale, consider a centralized IAM system.
-
Address IPv6 security before your time runs out
by Fernando Gont
Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do.
-
Managing identities in hybrid worlds
by Peter H. Gregory
-
-
Botnet takedowns: A dramatic defense
by Kathleen Richards
The infections and cyberattacks that botnets are used to launch remain hard-to-detect malware threats that have moved beyond PCs to mobile devices.
-
Botnet takedowns: A dramatic defense
by Kathleen Richards
-
Columns
-
Security transitions: Changes that make a difference
by Robert Richardson
This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go.
-
CISOs: From no seat to multiple hats
by David J. Sherry
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.
-
Why information security education isn’t making the grade
by Doug Jacobson and Julie A. Rursch
Security experts explain why a holistic approach to security is critical to training computer engineers and computer scientists for a career in information security.
-
Cyberwar calls for software and system investment, not hacking back
by Gary McGraw, Contributor
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection.
-
Security transitions: Changes that make a difference
by Robert Richardson
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...