McAfee, SDA Cyber Security Report

Thursday, February 2, 2012 @ 04:02 PM gHale

For the moment, the “bad guys” have the upper hand – whether they are attacking systems for industrial or political espionage reasons, or simply to steal money – because the lack of international agreements allows them to operate swiftly and mostly with impunity. Protecting data and systems against cyber attack has so far been about dousing the flames, although recently the focus has been shifting towards more assertive.

The preparation of this report has been greatly helped by Robert Lentz’s framework for measuring levels of cyber-security in governments and private companies. Lentz is President and Chief Executive of Cyber Security Strategies, and has 34 years experience working for the U.S. government. His Cyber Security Maturity Model explains the five stages toward resilience against cyber-attack, through conventional threat to advanced persistent threat, and was used as the measurement tool for our country-by-country stress test in the second part of the report.

Even if everyone accepts the need for standards, rules, laws, codes of
conduct and maybe even a global treaty to protect cyber space against cyber crime, not everyone agrees on how to get there. The debate is also about who should make the rules, and to what extent dominance by the military is a good or a bad thing. The fact that cyber-space knows no borders implies that cyber security is only as good as its weakest link, and that something must be done about unregulated countries that can offer a haven for cyber-criminals.

Click here to view the entire white paper.