Paul's Blog

THOUGHTS ON CYBER WARFARE

First Amendment Guru Floyd Abrams on the WikiLeaks Situation (VIDEO)

Advertisements

Filed under: Uncategorized

Wesley Clark – former general and NATO commander (VIDEO)

Wesley Clark on cyberwar. The former general and NATO commander explains how human error and an increasingly wired world have led to leaked secrets.

Filed under: Uncategorized

Richard Clarke on Cyber War (VIDEO)

Richard A. Clarke warns us of the havoc a cyber attack would wreak on our national security, and explains what cyber war is, how cyber weapons work, and how vulnerable we are as a nation and as individuals to a web of cyber criminals. In Cyber War: The Next Threat to National Security and What to Do About It, he traces the rise of the cyber age—from the first cyber crisis meeting in the White House a decade ago to the boardrooms of Silicon Valley and the electrical tunnels under Manhattan—and profiles the characters and locations at the center of the battle.

Filed under: Uncategorized

SYMANTEC GOVERNMENT SYMPOSIUM 2010 (My personal impression)

Symantec Government Symposium 2010 (VIDEOS)

The Symantec Government Symposium was one well-planned and organized event. The event had extreme low cost and great value. I chose to focus on the cyber threat track. Track E: Threat Landscape.

Mr. Schmidt was the morning keynote speaker. His speech was full of optimism, which is a great thing when we think about the magnitude and impact of his mission. He put great emphasis on trusted computing practices and technologies, accountability and the ability to improve attribution capabilities at national level without compromising the privacy rights of the American people. Howard Schmidt will disclose a strategy for verifying the online identity of Internet users.

I personally was impressed with his leadership and “coolness” in the face of the many challenges we all encounter in cyberspace. In my opinion, it was a centered, productive and safe speech.

I attended session E-1: Cyber Warfare, Cyber Espionage, or Cyber Crime: What is the Difference?

Matt Stern, Director, Cyber Accounts, General Dynamics Advanced Information Systems [Moderator].

Mr. Trent Teyema – Acting Director, National Cyber Investigative Joint Task Force (NCIJTF), FBI.

Arthur Wachdorf, Senior Advisor for Intelligence and Cyber Operations, U.S. Air Force.

Robert Whitkop, Executive Director, Assistant Chief of Naval Operations for the Next Generation Enterprise Network (ACNO NGEN).

We had the views of the FBI, USAF and the Navy on cyber warfare. It was an exciting panel. What surprised me (in a nice way) was the tone of openness about cyber warfare (or like many like to call it, cyber conflicts).

The following includes some of the notes I took and some of my observations:

FBI – Who are the actors? What are their motivations? How do we attain better attribution? FBI’s jurisdiction when dealing with certain actors is limited and collaboration with military branches is key.

USAF (24th). Mr. Wachdorf explained the shift the USAF took from a total operational perspective on perimeter protection, or “securing the network”, to a modern view of “mission assurance”, of how cyber integrates as a conduit in order to defend the integrity of the mission. The USAF seems to be focusing more on availability and the overall principle of mission assurance. Why do I think this shift is important for the overall protection of our .mil networks? Well, it is much easier to explain to your commander how cyber can impact his/her mission than trying to isolate cyber as a separate domain. According to my views this is an exceptionally healthy and smart move, and Mr. Wachdorf gets it!

When asked about which cyber threats he perceives to be the most important ones, Mr. Wachdorf indicated nation states cyber attacks and transnational actors.

Mr. Robert Whitkop (NAVY) talked about the importance of understating the landscape in which we fight; he quoted Sun Tzu on understanding the cyber terrain and our enemies. He struck me as a open minded and collaborative individual who is ready to listen to the private industry, not your typical commander’s mentality. He talked about the importance of having MOUs (memorandum of understanding) in place regarding cyber policies with other nations. According to Mr. Whitkop, the NAVY has been focusing on configuration management (how to maintain systems ready to withstand attacks).

The question of what constitutes a cyber weapon was asked, and the example of malicious code was provided. The overall answer was placed importance on the intent of use of the code and the purpose of the code, more than on the code itself. “Who created the code and why?” are the questions asked when determining if a code is deemed a cyber weapon.

Attribution, as usual, was one of the topics of this debate. One of the panelists said, “We cannot have policy without attribution.”

Mr. Wachdorf responded on the reality of our military responding to cyber attacks through other means other than cyber (kinetic attacks).

The overall experience of this debate was very positive, and I congratulate the panelists on their extreme professionalism and healthy openness to public discussion on subjects that maybe 10 years ago would have been taboo.

The cherry on top, for me, was to listen to Major General Suzanne M. Vautrinot (Director of Plan and Policy, US CYBERCOM). General Vautrinot delivered a strong, yet humble speech. Her openness to public/private collaboration and the need to get the American people involved in helping to solve our cyber problems is unique, coming from a commander’s mentality. She brings much experience to the table along with openness. I felt very confident in her ability to deliver results. She understands the mission, and she knows what needs to take place to create change! She covered the 3 Cs. Change in CULTURE, CONDUCT and CAPABILITIES. I left the event energized, more informed and with the desire to do more.

Congratulations Symantec! Excellent event! I will be back next year.

Paul de Souza, CSFI Founder Director

Filed under: Uncategorized

CSFI Blog Calendar

July 2010
M T W T F S S
    Aug »
 1234
567891011
12131415161718
19202122232425
262728293031  

Enter your email address to follow this blog and receive notifications of new posts by email.

CSFI Twitter

Career Thoughts

I am humbled and honored to have the opportunity to manage and run one of the biggest and most active forums on the Internet dealing with cyber warfare and cyber security – CSFI (The Cyber Security Forum Initiative). With over 16 years of cyber security experience, I continue to actively raise Cyber Warfare/Cyber Security awareness worldwide. I have worked as a Chief Security Engineer for AT&T, where I designed and approved secure networks for MSS. I have also consulted for several governments, military and private institutions on best network security practices throughout my career.

CSFI and its divisions CSFI-CWD (Cyber Warfare Division), CSFI-LPD (Law and Policy Division) and CSFI-WD (Wireless Division) continue to grow and expand with more than 60,000 information security members.

One of my personal goals is to serve our security community to the best of my abilities, in the protection and defense of our American national security interests, the American people, and that of our international partners. I am always ready to serve and to give of my time and skills to help our society with the growing problems we experience in cyberspace. I thank God and my family for the opportunities I have had in life and the most precious of all opportunities, which is the chance to serve others. I love what I do, and I appreciate all the support I have received from friends, family and our CSFI members.

___________________________________________

Paul de Souza, CSFI Founder Director