The Spanish Civil War and the Rise of Cyberwar

Posted June 22nd, 2009 by

As usual, I greatly enjoyed your blog from 17 June, A Short History of Cyberwar Look-alikes, Rybolov. Moreover I really appreciated your historical examples. It warms my heart whenever an American uses the Russo-Japanese War of 1904/5 as a historic example of anything. Most Americans have never even heard of it. Yet, it is important event today if for no other reason than it established the tradition of having the US President intercede as a peace negotiator and win the Nobel Prize for Peace for his efforts. Because of this, some historians mark it as the historic point at which the US entered the world stage as a great power. By the way the President involved was Teddy Roosevelt.

Concerning the state and nature of Cyberwar today, I’ve seen Rybolov’s models and I think they make sense. Cyberwar as an extension of electronic warfare makes some sense. The analogy does break down at some point because of the peculiarity of the medium. For example, when considering exploitation of SCADA systems as we have seen in the Baltic States and in a less focused manner here in North America, it is hard to see a clear analogy in electronic warfare. The consequences look more like old-fashion kinetic warfare. Likewise, there are aspects of Cyberwarfare that look like good old-fashion human intelligence and espionage. Of course I also have reservations with the electronic warfare model based on government politics. Our friends at NSA have been suggesting that Cyberwarfare is an extension of signals intelligence for years, with the accompanying claim that they (NSA) should have the technical, legal, and of course budgetary resources that go along with it.

I’ve also have seen other writers propose other models of Cyberwarfare and they tend to be a mixed bag at best. At worst, many of the models proposed appear to be the laughable writings of individuals with no more insight to or knowledge of intelligence operations beyond the latest James Bond movie. My own opinion is that two models or driving forces behind international Cyberwarfare activity. The first is pure opportunism. Governments and criminal organizations alike, even authoritarian governments have seen the Hollywood myths and the media hysteria about hacker exploits. Over time, criminal gangs have created and expanded on their cyber capabilities driven by a calculation of profits and risks much like conventional businesses. Combine an international banking environment that allows funds to be transferred across borders with little effort and less time and an international legal environment that is largely out of touch with the Internet and international telecommunications, and we have a breeding ground for Cyber criminals in which the risks of cross-border criminal activity is often much less risky than domestic criminal activity.

As successful Cyber criminal gangs have emerged in totalitarian regimes, it shouldn’t be a surprise that eventually the governments involved would eventually take an interest in both their activities and techniques. There are several reasons that totalitarian government might want to do this. Perhaps the simplest motivation is that the corrupt officials would be drawn to share in the profits in exchange for protection. In addition, the intelligence arms of these nations could also leverage their services and techniques at a fraction of the cost of developing similar capabilities themselves. Additionally, using these capabilities would also provide the intelligence agencies and even the host government with an element of deniability if operations assigned to the criminal gangs were detected.

Monument to the International Brigade photo by Secret Pilgrim.  For more information, read the history of the International Brigade.

Perhaps the most interesting model of development and Cyberwarfare activity today would be based on the pre-WW II example of the Spanish Civil War. After World War I, a period of mental and societal exhaustion followed on the part of all participating nations. This was quickly follow by a period of self-assessment and rebuilding. In the case of the defeated Germany the reconstruction period protracted due to difficult economic conditions, in part created by the harsh conditions of surrender imposed by the winning European governments.

It was also important to remember that these same victorious European governments undermined many of social and moral underpinnings of German society by systematically all the basis of traditional German government and governmental legitimacy without regard for what should replace it. The assessments of most historians is that these factors combined to sow the seed of hatred against the victorious powers and created a social climate in which a return to open warfare at some time in the future was seen as unavoidable and perhaps desirable. The result was that Germany actively prepared and planned for what was seen as the commonly inevitable war in the future. New systems and technologies were considered, tested. However, treaty limitations also hampered some of these efforts.

In the Soviet Union a similar set of conclusions developed during this period of history within the ruling elite, specifically that renewed war with Germany was inevitable in the near term. Like Germany, the Soviet Union also actively prepared for this war. Likewise they considered and studied new technologies and approaches to war. Somewhat surprisingly, they also secretly conspired with the Germans to provide them with secret proving grounds and test facilities to study some to the new technologies and approaches to war that would otherwise have been banned under provisions of the peace treaties of World War I.

So, when Civil War broke out in Spain in the summer of 1936, both Germany and the Soviet Union were positively delirious at the prospects of testing their new military equipment and theories out under battlefield conditions but, without the risks of participating in a real shooting war as an active belligerent. So, both governments sent every military technology possible to their proxies in Spain under the auspices of “aid”. In some cases they even sent “advisors” who were nothing less than active soldiers and pilots in the conflict. At first, this activity took place under a shroud of secrecy. But, when you send military equipment and people to fight in foreign lands it usually takes no time at all for someone to notice that, “those guys aren’t from here”.

Bomber During the Spanish Civil War photo by -Merce-.  Military aviation, bombing in particular, was one of the new technologies that was tested during the Spanish Civil War.

Since the fall of the Soviet Union, I think the world has looked at the United States as the world’s sole superpower. Many, view this situation with fear and suspicion. Even some of our former Cold War allies have taken this view. Certainly our primary Cold War adversaries have adopted this stance. If you look at contemporary Chinese and Russian military writing it is clear that they have adopted a position similar to the pre- World War II notion that war between the US and Russia or war between the US and China is inevitable. To make matters worse, during much of the Cold War the US never seemed to pull it together militarily long enough to actually win a war. Toward the end of the Cold War we started smacking smaller allies of the Soviet Union like Grenada and succeeded.

We then moved on to give Iraq a real drubbing after the Cold War. The so-call “Hyperwar” in Iraq terrified the Russians and Chinese alike. The more they studied what we did in Iraq the more terrified they became. On of the many counters they have written about is posing asymmetric threats to the US, that is to say threatening the US in a way in which it is uniquely, or unusually vulnerable. One of these areas of vulnerability is Cyberspace. All sorts of press reporting indicate that the Russians and Chinese have made significant investments in this area. The Russians and Chinese deny these reports as quickly as they emerge. So, it is difficult to determine what the truth is. The fact that the Russians and Chinese are so sensitive to these claims may be a clear indication that they have active programs – the guilty men in these cases have a clear record of protesting to much when they are most guilty.

Assuming that all of this post-Cold War activity is true, I believe this puts us in much the same situation that existed in the pre-World War II Spanish Civil War era. I think the Russian and Chinese governments are just itching to test and refine their Cyberwarfare capabilities. But, at the same time I think they want to operate in a manner similar to how the Germans and the Soviet Union operated in that conflict. I think they want and are testing their capabilities but in a limited way that provides them with some deniability and diplomatic cover. This is important to them because the last thing they want now is to create a Cyber-incident that will precipitate a general conflict or even a major shift in diplomatic or trade relationships.

One of the major differences between the Spanish Civil War example and our current situation of course is that there is no need for a physical battlefield to exist to provide as a live testing environment for Cyber weapons and techniques. However, at least in the case of Russia with respect to Georgia, they are exploiting open military conflicts to use Cyberwar techniques when those conflicts do arise. We have seen similar, but much smaller efforts on the part of Iran, and the Palestinian Authority as embrace what is seen as a cheap and low risk weapon. However, their efforts seem to be more reactionary and rudimentary. The point is, the longer this game goes on without serious consequence the more it will escalate both vertically (in sophistication) and horizontally (be embraced by more countries). Where all of this will lead is anyone guess. But, I think the safe money is betting that the concept of Cyberwar is here to stay and eventually the tools and techniques and full potential of Cyberwar will eventually be used as part of as part of a strategy including more traditional weapons and techniques.



Similar Posts:

Posted in Public Policy, Rants, The Guerilla CISO | No Comments »
Tags:

The World Asks: is S.773 Censorship?

Posted May 15th, 2009 by

Here in the information assurance salt mines, we sure do loves us some conspiracies, so here’s the conspiracy of the month: S.773 gives the Government the ability to view your private data and the President disconnect authority over the Internet, which means he can sensor it.

Let’s look at the sections and paragraphs that would seem to say this:

Section 14:

(b) FUNCTIONS- The Secretary of Commerce–

(1) shall have access to all relevant data concerning such networks without regard to any provision of law, regulation, rule, or policy restricting such access;

Section 18: The President–

(2) may declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network;

(6) may order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security;

Taken completely by itself, it would seem like this gives the president the authorities to do all sorts of wrong stuff, all he has to do is to declare something as critical infrastructure and declare it compromised or in the interests of national security.  And some people have:

And some movies (we all love movies):

Actually, Shelly is pretty astute and makes some good points, she just doens’t have the background in information security.

It makes me wonder since when have people considered social networking sites or the Internet as a whole as “critical infrastructure”. Then the BSOFH in me things “Ye gods, when did our society sink so low?”

Now, as far as going back to Section 14 of S.773, it exists because most of the critical infrastructure is privately-held.  There is a bit of history to understand here and that is that the critical infrastructure owners and operators are very reluctant to give the information on their piece of critical infrastructure to the Government.  Don’t blame them, I had the same problem as a contractor: if you give the Government information, the next step is them telling you how to change it and how to run your business.  Since the owners/operators are somewhat non-helpful, the Government needs more teeth to get what it needs.

But as far as private data traversing the critical infrastructure?  I think it’s a stretch to say that’s part of the requirements of Section 14, it’s to collect data “about” (the language of the bill) the critical infrastructure, not “processed, stored, or forwarded” on the critical infrastructure. But yeah, let’s scope this a little bit better, CapHill Staffers.

On to Section 18.  Critical infrastructure is defined elsewhere in law.  Let’s see the definitions section from HSPD-7, Critical Infrastructure Identification, Prioritization, and Protection:

In this directive:

The term “critical infrastructure” has the meaning given to that term in section 1016(e) of the USA PATRIOT Act of 2001 (42 U.S.C. 5195c(e)).

The term “key resources” has the meaning given that term in section 2(9) of the Homeland Security Act of 2002 (6 U.S.C. 101(9)).

The term “the Department” means the Department of Homeland Security.

The term “Federal departments and agencies” means those executive departments enumerated in 5 U.S.C. 101, and the Department of Homeland Security; independent establishments as defined by 5 U.S.C. 104(1);Government corporations as defined by 5 U.S.C. 103(1); and the United States Postal Service.

The terms “State,” and “local government,” when used in a geographical sense, have the same meanings given to those terms in section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101).

The term “the Secretary” means the Secretary of Homeland Security.

The term “Sector-Specific Agency” means a Federal department or agency responsible for infrastructure protection activities in a designated critical infrastructure sector or key resources category. Sector-Specific Agencies will conduct their activities under this directive in accordance with guidance provided by the Secretary.

The terms “protect” and “secure” mean reducing the vulnerability of critical infrastructure or key resources in order to deter, mitigate, or neutralize terrorist attacks.

And referencing the Patriot Act gives us the following definition for critical infrastructure:

In this section, the term “critical infrastructure” means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

Since it’s not readily evident from what we really consider to be critical infrastructure, let’s look at the implemention of HSPD-7.  They’ve defined critical infrastructure sectors and key resources, each of which have a sector-specific plan on how to protect them.

  • Agriculture and Food
  • Banking and Finance
  • Chemical
  • Commercial Facilities
  • Communications
  • Critical Manufacturing
  • Dams
  • Defense Industrial Base
  • Emergency Services
  • Energy
  • Government Facilities
  • Healthcare and Public Health
  • Information Technology
  • National Monuments and Icons
  • Nuclear Reactors, Materials and Waste
  • Postal and Shipping
  • Transportation System
  • Water

And oh yeah, S.773 doesn’t mention key resources, only critical infrastructure.  Some of this key infrastructure isn’t even networked (*cough* icons and national monuments *cough*). Also note that “Teh Interblagosphere” isn’t listed, although you could make a case that information technology and communications sectors might include it.

Yes, this is not immediately obvious, you have to stitch about half a dozen laws together, but if we didn’t do pointers to other laws, we would have the legislative version of spaghetti code.

Going back to Section 18 of S.773, what paragraph 2 does is give the President the authority to disconnect critical infrastructure or government-owned IT systems from the Internet if they have been compromised.  That’s fairly scoped, I think.  I know I’ll get some non-technical readers on this blog post, but basically one of the first steps in incident response is to disconnect the system, fix it, then restore service.

Paragraph 6 is the part that scares me, mostly because it has the same disconnect authority as paragraph 2and the same scope (critical infrastructure and but the only justification is “in the interests of national security”. In other words, we don’t have to tell you why we disconnected your systems from the Internet because you don’t have the clearances to understand.

So how do we fix this bill?

Section 14 needs an enumeration of the types of data that we can request from critical infrastructure owners and operators. Something like the following:

  • Architecture and toplogy
  • Vulnerability scan results
  • Asset inventories
  • Audit results

The bill has a definitions section–Section 23.  We need to adopt the verbiage from HSPD-7 and include it in Section 23.  That takes care of some of the scoping issues.

We need a definition for “compromise” and we need a definition for “national security”. Odds are these will be references to other laws.

Add a recourse for critical infrastructure owners who have been disconnected: At the very minimum, give them the conditions under which they can be reconnected and some method of appeal.



Similar Posts:

Posted in Public Policy, Rants | 3 Comments »
Tags:

In Response to “Cyber Security Coming to a Boil” Comments….

Posted March 24th, 2009 by

Rybolov’s comment: This is Ian’s response to the comments for his post on Cybersecurity Coming to a Boil.  It was such a good dialog that he wanted to make a large comment which as we all know, eventually transforms itself into a blog post.  =)

You are making some excellent points; putting the leadership of the Administration’s new Cyber security initiative directly in the White House might appear to be a temporary solution or a quick fix. From my point of view, it looks more like an honest approach. By that I mean that I think the Administration is acknowledging a few things:

  • This is a significant problem
  • There is no coherent approach across the government
  • There is no clear leadership or authority to act on the issue across the government
  • Because of the perception that a large budget commitment will have to be allocated to any effective solution, many Agencies are claiming leadership or competing for leadership to scoop up those resources
  • The Administration does not know what the specific solution they are proposing is — YET

I think this last point is the most important and is driving the 60-day security assessment. I also think that assessment is much more complex than a simple review of FISMA scores for the past few years. I suspect that the 60-day review is also considering things like legal mandates and authorities for various aspects of Cyber security on a National level. If that is the case, I’m not familiar with a similar review ever having taken place.

2004 World Cyber Games photo by jurvetson.  Contrary to what the LiquidMatrix Security folks might think, the purpose of this post isn’t to jam “cyber” into every 5th word.  =)

So, where does this take us? Well, I think we will see the Cyber Security Czar, propose a unified policy, a unified approach and probably some basic enabling legislation. I suspect that this will mean that the Czar will have direct control over existing programs and resources. I think the Cyber Security Czar taking control of Cyber Security-related research programs will be one of the most visible first steps toward establishing central control.

From this we will see new organizational and reporting authorities that will span existing Agencies. I think we can also anticipate that we will see new policies put in place and a new set of guidelines of minimum level of security capabilities mandated for all Agency networks (raising bottom-line security). This last point will probably prove to be the most trying or contentious effort within the existing Agency structure. It is not clear how existing Agencies that are clearly underfunding or under supporting Cyber Security will be assessed. It is even less clear where remedial funding or personnel positions will come from. And the stickiest point of all is…. how do you reform the leadership and policy in those Agencies to positively change their security culture? I noticed that someone used the C-word in response to my initial comments. This goes way beyond compliance. In the case of some Federal Agencies and perhaps some industries we may be talking about a complete change sea-change with respect to the emphasis and priority given to Cyber Security.

These are all difficult issues. And I believe the Administration will address them one step at a time.
In the long-term it is less clear how Cyber Security will be managed. The so-called war on drugs has been managed by central authority directly from the White House for decades. And to be sure, to put a working national system together that protects our Government and critical national infrastructure from Cyber attack will probably take a similar level of effort and perhaps require a similar long-term commitment. Let’s just hope that it is better thought-out and more effective than the so-called war on drugs.

Vlad’s point concerning Intelligence Community taking the lead with respect to Cyber Security is an interesting one, I think the Intelligence Community will be important players in this new initiative. To be frank, between the Defense and Intelligence Communities there is considerable technical expertise that will be sorely needed. However, for legal reasons, there are real limits as to what the Intelligence and Defense Communities can do in many situations. This is a parallel problem to the Cyber Security as a Law Enforcement problem. The “solution” will clearly involve a variety of players each with their own expertise and authorities. And while I am not anticipating that Tom Clancy will be appointed the Cyber Security Czar any time soon. I do expect that a long-term approach will require the stand-up of either a new organization empowered to act across current legal boundaries (that will require new legislation), or a new coordinating organization like the Counter Terrorism Center, that will allow all of the current players bring their individual strengths and authorities to focus on a situation on a case by case basis as they are needed (that may require new legislation).

If you press me, I think a joint coordinating body will be the preferred choice of the Administration. Everyone likes the idea of everyone working and playing well together. And, that option also sounds a lot less expensive. And that is important in today’s economic climate.



Similar Posts:

Posted in FISMA, Public Policy, Technical | 2 Comments »
Tags:

Cyber Security coming to a boil

Posted March 16th, 2009 by

During his campaign, then candidate Obama promised he would, “make cyber-security the top priority that it should be in the 21st century. I’ll declare our cyber-infrastructure a strategic asset, and appoint a national cyber-adviser, who will report directly to me.” Since Obama was elected there has been a great deal of speculation as to what real-life changes in direction and policy that promise would bring.

Last month, President Obama appointed Melissa Hathaway to be a Senior Director of the National Security Council. She immediately launched a 60-day review of security of Federal IT systems. As a result of this effort, there is much speculation that at the end of the 60-day review she will be appointed the National Cyber Advisor–the so-called Cyber Security Czar.

Just this week, the Director of the National Cyber Security Center, Rod A. Beckstrom, over at the Department of Homeland Security resigned. The press reports of Beckstrom’s resignation indicate some frustration on Beckstrom’s part. His frustration seems to be primarily aimed at the National Security Agency (NSA). Beckstrom suggests that the NSA has been subverting his efforts to coordinate cyber security efforts across the intelligence community.

A good friend of mine has suggested that the resignation is simply political and an artifact of the transition from one administration to another. He further suggests that this also signals a shift from leadership in cyber security from civilian agencies toward the Intelligence Community taking its turn at leadership. I think he may be right, too. However, I think there is more history here than just a shift in policy from one administration to another.

In my opinion, this isn’t just about politics. There are two drivers for this move. First, congress and the administration recognize that that the on-going assault on government and commercial networks is a national security issue and an economic security and competitiveness issue too. In today’s economic droop people often forget that two of our greatest economic strengths are our accumulated intellectual property and our hard working human capital. Both of these assests are discounted when criminal and national groups successfully attack our nations IT infrastructure. Recognizing this is a good thing, I’m not going to recount the long history of cyber assault on Federal IT systems by international cyber criminals, and “state-sponsored entities.” Facts and figures concerning this on-going assault and the damage associated with it is just a Google search away.

The second driver for a policy shift is that congress and the administration recognize that the FBI, Justice, DHS approach to cyber security is an utter failure. This failed approach sees cyber security as a criminal problem with industry participating in its own defense on a ‘voluntary’ basis. This has led to comical activities such as FBI delegation going to Moscow with hat in hand asking the Russians for help in tracking down successful Cyber Organized Crime groups based in Russia. The fact that these groups may have had strong official or unofficial connections with the Russian government should have given the FBI an indication of the lack of cooperation they would face –- I believe in Law Enforcement circles this is usually called a “clue”. Likewise, FBI delegations to Russia trying to track down Russian Cyber attackers that may have had some direct level of state support were equally unproductive. To be fair, the FBI was placed in an impossible position when they were asked to organize delegations like this.

So that kind of sums up the civilian or “law enforcement” approach toward national cyber security.

That leaves us to consider the much discussed alternative, specifically a shift in policy toward giving the intelligence community leadership in providing cyber national security. There have been attempts in the past to give the Intelligence Community greater responsibility for cyber security, but while the Intelligence Community seemed to have the technical resources to address these responsibilities, they were often confused by the mission and hampered by legislation and culture. By temperament, the Intelligence Community is about collection and analysis of information. Once you start asking them to do something about a situation that they have studied or understand well, you are often asking them to not just change their mission but also act against the very culture that made them successful. To understand a situation, the Intelligence Community works quietly, secretly, and in the shadows. To take action, they have to emerge for the shadows and act very publically. This transition can be difficult and even disastrous. Such transitions can give you the Bay of Pigs, non-judicial detention at Gitmo, and odd-ball assassinations–all sorts of activities that people hate because the actions themselves were not “peer-reviewed” as best security practices.

It’s not that the Intelligence Community is incompetent (well everyone makes mistakes or hides them), it’s just that that transition from intelligence/information collection to public coordination, and policy leadership, with all of the very public meetings, policy reviews, and planning drives the Intelligence Community from a position of strength and expertise to new ground. Unfortunately, another strong element of the culture of the Intelligence Community is that if the President calls, “they haul…” They just can’t bring themselves to say no, even if it’s a bad idea.

That brings us to the question, who should be responsible for cyber security? Well, every government agency wants the mission because of the funding that goes with it. But, it’s not clear who has the right perspective and culture. I suspect that the right answer is to combine the experience, and technical know-how from several agencies and to develop some new capabilities. This means that leadership of the effort has to be unambiguous. That is precisely why I believe the Obama Administration will keep the leadership on their new approach to Cyber Security right inside the White House itself. That really shouldn’t be a surprise since that is exactly what the Obama as a candidate said he would do.

Enigma Machines Collection at the National Cryptologic Museum photo by brewbooks.



Similar Posts:

Posted in Public Policy, Rants, What Doesn't Work, What Works | 6 Comments »
Tags:

Incident Response and Lolcats

Posted March 5th, 2009 by

Security controls for cats:  Keep them out of bright light, keep them dry, and whatever you do, don’t feed them after midnight. kthnx bai.

funny pictures



Similar Posts:

Posted in IKANHAZFIZMA | No Comments »
Tags:

Digital Forensics and the case for change

Posted February 24th, 2009 by

A couple of weeks ago I posted a whitepaper, “The History of Digital Forensics”. I am just delighted that Rybolov gave me the opportunity. I am also delighted with all of the comments and question that have come in, in response to the posting of the whitepaper. I want to thank each and every one of you who responded. One of the most common comments or themes is that while I did a fine job of outlining the History of Digital Forensics, many security and forensics professionals find themselves in an organization that has only the most rudimentary forensics policies, procedures or even capabilities. For those of you who offered such comments, you have my complete sympathy.

However, I should also point out that many of the organizations that have well planned and supported digital forensics programs are only in that condition because they have learned of their security and forensics needs the hard way. I think many IT security professionals can relate to my comment when I write that, no one appreciates the need for better security and procedures more than the members of a team that have just completed an incident response without the benefit of sufficient planning and support. Many of us have been there either as a member of an internal as hoc incident response team or as part of a team of outside consultants called in to assist. Incident response is difficult and filled with tension. It is even more tension filled when you are part of a team that is having to invent procedures with each step you make and also defend them in real-time, often with many successive levels of management. The last several incident response engagements I have led, I had no opportunity do any technical work at all. My entire time was spent trying to hammer out processes and procedures and generally educate the management and explain the process for them. Since incident response usually cuts across every part and work-unit in an organization, each with its own way of looking at things, and with its own interest and concerns, the process also involved a lot of repetition, sensitivity and frankly hand-holding. I have never had a technical member of the team say they envied me in that role.

However, in each case, an important part of my mission was also to document the policies, procedures, and ‘lessons-learned’ and act as an advocate to incorporate this body of knowledge into standard operating procedures. In some cases I was successful; in others I think the organization was so traumatized by the incident itself that they were burnt-out and incapable of taking the next step at that time. Fortunately, many of the later contacted me later and we had some wonderful meetings in a pretty relaxed and yet focused atmosphere.

I guess, in part what I’m trying to make two points here, first is that even in the thick of it, you should always take a mental step or two back and take in the bigger picture. The second point is that when you are acting as an advocate trying to advance the progress of a security or digital forensics program, always put a solution in from of your management, never a problem. And to make it easier for your manager to pick up the ball and support your idea at the next level, make sure that you make a business case for plan, not a technical case.

In the post-incident world, the window of opportunity for change is small. Senior managers and business leaders must get on with their day-to-day business responsibilities. Dwelling on a security incident is counter-productive for them. However, their receptiveness to change in the form of well reasoned and prudent measures that are integrated into the business process is great. Making the case for security is perhaps the most important part of our job. We must always make the case when the opportunity for change presents itself.

US Cryptologic Museum Pueblo Incident photo by austinmills.  More information about the Pueblo Incident is here.



Similar Posts:

Posted in The Guerilla CISO | 1 Comment »
Tags:

« Previous Entries


Visitor Geolocationing Widget: