Bit9

There have been many calls to action over the past few years for government to take a stronger stance in the fight against cybercrime.  While well intentioned, there have been a variety of local and national hurdles to achieving real cooperation, including a variety of extradition laws, varying volume and type of local resources, and tried and true national security concerns.

All that seems to be changing, sparked in large part by Operation Aurora and its impact on large multi-national companies that are at the center of commerce for a number of countries, including rumored defense contractors.  Two recent items in the past week bring this changing reality to the forefront.

     * The East West Institute is holding its first WorldWide Cybersecurity Summit this week in Dallas.  The program is focusing on international cooperation and the need for governments to proactively engage in stronger security laws and technologies, and looks to include countries long considered bastions of cybercriminal activity such as Russia and China.
 
     * The Business Software Alliance on Friday issued its Global Cybersecurity Framework "to assist countries in crafting effective national policies and laws to thwart cybersecurity threats." 
 
What seems to be somewhat new regarding these initiatives is acknowledgement regarding the speed of security outbreaks and issues in today's globally connected world.  A portion of the BSA's framework discusses the parameters and market conditions under which a new framework becomes essential.
 

• Innovation-cybersecurity is a fast-paced race, in which we must stay ahead of cybercriminals who adapt constantly. Cybersecurity policy should maximize the ability of organizations to develop and adopt the widest possible choice of cutting edge cybersecurity solutions.
• A risk-based approach-consumers, businesses and government agencies seek to protect a wide spectrum of targets against a wide variety of cyber threats. Cybersecurity policy should enable them to implement the security measures that are most appropriate to mitigating the specific risks they face.

Industry bodies such as the BSA and the East West Institute are doing their part to bring these pressing issues and needs to light, and Bit9 commends them in their efforts.  The next phase of efforts that will give some of these initiatives real, sustainable momentum is cooperation from vendors and government agencies to help drive actionable solutions forward, be it on the technology or legislative side.  Technology innovation is surely part of the equation, as well as things like tax incentives for going beyond regulatory norms in order to bolster security at high value targets, for example  However there are two approaches and solutions that can bring immediate relief without the red tape and time lag these approaches require. 

1)  Defense in depth and a layered approach can't be given mere lip service.  Yes, it costs more, however the cost of not protecting your IP or vital national secrets is too high given the rapidity, speed and variety of attacks governments and enterprises face to both their networks and endpoints.

2)  "Be proactive" is the rule of the day.  Technologies such as Anti-virus and HIPS have their place, however the reactive nature of these solutions puts at a significant disadvantage and organizations have become too reliant on them.  Embracing solutions that immediately limit access and exposure to known vulnerabilities that are key attack vectors (applications and endpoints) must happen in order to enable security professionals to more easily target additional vulnerabilities in real-time.

It's time for government and industry experts to put stakes in the ground and combine to effect real security change both now and in the immediate future.