If the CIO / CISO knew they were going to be attacked, could they repel attackers?

Screen Shot 2012-12-27 at 4.35.02 PM

Over the holiday I have been diving into different government information security and cyber scenario studies and research.  An article (pdf) speaking to the NATO pursuit of an early detection system is interesting in of itself.  The analogy is to that of nuclear launch early detection sufficient to allow for leaders to make responsive decisions.

The concept though I wonder is flawed.  A detective responsive for cyber war has an extremely (milliseconds) lead time, and does not leave much for human response capabilities.

The NATO and military stop gap here is to monitor geopolitical activity to provide a barometer of when strikes will be likely – and unlikely.

Two critical points that every CIO and CISO must consider, and is emerging at some of my most impressive and advanced clients:

  • Establish an adaptive security defense model (year over year we have been tactically responding, but there is more strategic elements that must be transparent)
  • “Warnings are not just sounding alarms of a likely or inbound (anonymous or others) attack, but the converse is equally important – having confidence to tell them that for the time being significant attacks are not likely and they should turn their attention [ / funding] to more pressing matters.”

An interesting question I would pose:

  • if you KNEW you were going to be targeted, what actions would you do differently today?
  • Would you deploy technology different?
  • Would the 2 years of projects get reshuffled?
  • What if you had 2 years warning to make preparations, would your vector of response differ?

We are entering an interesting time where business, operational competitive security strategy, and tactical activities are necessary to maintaining sustainable businesses.  The executive must balance this with tact and great care.  Combined together with the awesome new technologies and mobile spaces, a whole new field of competitive business advantage awaits the prepared and willing.

James DeLuccia

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s