Which got me thinking about the entire outlook on cybersecurity from a military perspective. The essence of the above article is that you need to spend time, planning, training and exercising your staff to counter cybersecurity intrusions. A bit of practice before an event can do wonders when you actually encounter a real cyber-event. I don't think they said it exactly this way, but the old military maxim is "train as you will fight."
I'll editorialize on the above only by saying that to a carpenter, everything looks like a nail to be hammered. If you are a first responder, then the Incident Command System (ICS) is the panacea for any issue you face and for the military, plan, train and exercise is the solution. In reality, don't get captured by where you are coming from historically or practically. Be open to new solutions. It is not surprising that a three-star general settles on a military solution.
However, building on that military perspective, as I prepared for a one-hour meeting with a foreign delegation today on the topic of cybersecurity I was reminded of another military lesson to be learned. I think early in our cybersecurity journey we thought the solution was to build an impenetrable wall to keep your data and systems safe. Today I think that concept of "protection" is as outdated as the Maginot Line was at the start of World War II when the Germans bypassed the French fortifications and won significant battles in Western Europe in the early days of that conflict. Basically they did an end-around maneuver.
Our cyber adversaries are too numerous and creative to rely only on protective measures. They need to be part of our defensive mix, but today I think we need to concentrate on detection and counter attack! Knowing you are being attacked is more than half the battle. Putting systems in place to know about intrusions is critical. And instead of being constrained by your own organizational talent pool, you should be fighting coalition warfare with other like-minded public- and private-sector organizations.
As I've said before, "Give up some control in order to be more effective." I think that begins with establishing trusted relationships across infrastructures and with all our partners.
