CSO - Even today there are some still blank stares when I suggest to an audience of C-level executives or security professionals that they should all read the front pages of the Financial Times, the Yomiuri Shimbun, etc., as well as the technology news, if they want to know what cyber risks and threats to prepare for.
Oh, the battle might be waged in bits and bytes, and bloodied patch bulletins that arrive six months too late; but the war will be won by those who could read between lines of the lead stories in politics and business, and it will most certainly be lost by those who disregard the world beyond the imaginary perimeters of their "network defenses."
Fifteen years ago, ten years, even five years ago, this recommendation was met with almost unanimous incredulity.
And even today, although the validity of the exhortation is beginning to sink in many, the full scope of its implications still eludes most.
Likewise my suggestion that the conventional wisdom about industrial espionage, or economic espionage, should not be so heavily relied on as we moved forward into the 21st Century, because it would undoubtedly be supplanted with information age espionage, which would demand an entirely different mind-set.
Year after year since 1994, I said that sooner than later, the turning of insiders, whether through bribery or blackmail, and the dropping of intruders with cameras, Ninja-style from the ceiling, would in many cases by completely supplanted by stealthy cyber attacks, and in other cases by rolled up into hybrid attack strategies combining the best of both centuries.
Well, here we are. The global economy, geopolitics and cyberspace interpenetrate in new ways, and our world will never be the same. Of course, we have been here for a while. Now it is simply harder to deny. Consider to recent blockbusters: "Climategate" and China-Google. Both stories have received tremendous coverage, but much of that coverage is still missing the big picture, and the big takeaways.
One of the most fascinating aspects of the "Climategate" story is that the thrust of the news coverage has been about the content of the hacked e-mails (which, by the way, was largely misrepresented in most reports), rather than inquiring into the much more telling issue of who did this, and why.
Months after the caper, some truth has started to bubble up.
"A highly sophisticated hacking operation that led to the leaking of hundreds of emails from the Climatic Research Unit in East Anglia was probably carried out by a foreign intelligence agency, according to the Government's former chief scientist. Sir David King, who was Tony Blair's chief scientific adviser for seven years until 2007, said that the hacking and selective leaking of the unit's emails, going back 13 years, bore all the hallmarks of a coordinated intelligence operation--especially given their release just before the Copenhagen climate conference in December." (Independent, 2-1-10)
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts