Educause Security Discussion mailing list archives
Re: Article in today's NYT - cybersecurity
From: Joe St Sauver <joe () OREGON UOREGON EDU>
Date: Wed, 17 Jul 2013 13:40:21 -0700
Willis Marti <wmarti () tamu edu> commented: #Not sure that this article is really news. And I wonder how confident people #are in citing amount, or source, of increase. We've seen near constant #"attacks" for years. Agree 100%. As I mentioned in a discussion elsewhere, part of the problem is that this article (like most articles in the popular media) lacks hard longitudinal data on the problem. As the saying goes, "In God we trust; all others must bring data." As academics, we should always *insist* on seeing data, rather than just relying on subjective opinions.
From my POV (purely a subjective opinion :-)), most of the security
challenges we face on the Internet are the result of bots. So are we seeing more bots, or fewer bots? Check out this graph: http://www.eleven.de/tl_files/timeline/index-en.html While that graph is now a year old, the picture it paints is quite clear: the community can (and has) made substantial progress against botnets, and that can be explicitly observed seen in things such as spam levels (think of spam as being a nice easily visible proxy measure for underlying security problems). Thus, from my POV, the sky is NOT falling, either in higher ed, or elsewhere. Of course, that isn't the sort of response that popular journalists like to hear -- you don't sell papers if the quote is, "The cyber security picture? Well, it's pretty much the same as it was last year, or five years go, although it varies over time and from site to site, just like the weather." Shrug. Those who may want to read more about security metrics-related challenges may want to see the report I wrote on behalf of Working Group 7 (Botnets) for the FCC Communications Security, Reliability and Interoperability Council in March, see p. 62-89 of http://www.fcc.gov/bureaus/pshs/advisory/csric3/CSRIC_III_WG7_Report_March_%202013.pdf Regards, Joe Disclaimer: all opinions my own.
Current thread:
- Article in today's NYT - cybersecurity Theresa Rowe (Jul 17)
- Re: Article in today's NYT - cybersecurity Willis Marti (Jul 17)
- Re: Article in today's NYT - cybersecurity Theresa Rowe (Jul 17)
- Re: Article in today's NYT - cybersecurity Peter Setlak (Jul 17)
- Re: Article in today's NYT - cybersecurity Willis Marti (Jul 18)
- Re: Article in today's NYT - cybersecurity Theresa Rowe (Jul 17)
- <Possible follow-ups>
- Re: Article in today's NYT - cybersecurity Joe St Sauver (Jul 17)
- Re: Article in today's NYT - cybersecurity Willis Marti (Jul 17)