Cybersecurity and Cyberwarfare
Cybersecurity has been identified as one of the greatest challenges facing the United States today, but it is ill-defined and almost impossible to address. How can we frame this problem to better inspire solutions? How should government, military, businesses, and technologists approach the problem from different angles and do these different approaches work together?
- Jack Goldsmith: Senator Cardin’s Bill to Explore ISP Enforcement of Digital Security
- Zittrain, The Future of the Internet: And How to Stop It; Chapter 3
- Chatham House Report On Cyberwarfare - Executive Summary
- Wikipedia entry on Stuxnet
- Whitehouse.gov, Comprehensive National Cybersecurity Initiative, Cyberspace Policy Review
- Jack Goldsmith, The Cyberthreat, Government Network Operations, and the Fourth Amendment
- Jane Holl Lute and Bruce McConnell, Op-Ed: A Civil Perspective on Cybersecurity
- Zittrain, Freedom and Anonymity
- Infoweek, Leaked Cables Indicate Chinese Military Hackers Attacked U.S.
- CNET, Cyber attacks rise at critical infrastructure firms
A little early for this, but I would like to share this nice paper written by analysts and researchers at Chatham House. It's pretty fundamental, I would recommend it to anyone who encounters this subject for the very first time. --Jastify 22:55, 31 January 2011 (UTC)
Great recommendation. I've added the executive summary to the required readings list. --Dardia 23:50, 10 February 2011 (UTC)
Cyberthreats are real and pervasive. The people within IT infrastructure have been fighting the battle for years. It makes no difference whether you work for a government, business or school – every domain (gov, com & edu) is under attack. Private business and the military arm of the government are the most concerned about security, so they were the first to adopt network access control and identity management. Security is enforced by verifying the identity of each user and device before allowing them to gain access to the network. This, of course, runs counter to the idea of a free, open and anonymous Internet. Yes, we can do a lot to protect the public by having the ISPs filter and block malware (search for SonicWALL and Blue Coat for examples) but it’s not enough to stop all breaches and wastes precious bandwidth. Our government recognizes this and is actively promoting what would become a national electronic identity “ecosystem.” (Their euphemism; see http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf) Jack Goldsmith had some well reasoned arguments why we should expect more government controls. Finally, a good taxonomy of Internet security practices and be found in the pages of Chief Security Officer Magazine at http://www.csoonline.com/. -Chris Sura