Dailydave mailing list archives
Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Fri, 25 Mar 2011 12:55:02 -0700
I guess my real intent was to rebute Michal's statement that the blame should fall, partially at least, on the vendors. Vendors build what they can sell.
I don't blame vendors for selling products that the market needs... but it's also difficult to deny the existence of a fairly strong feedback loop: vendors often take part in creating new markets (through PR activities and exec-targeted advertising), or have a say in defining compliance frameworks that put an emphasis on commercial and easily measurable efforts. This, in turn, affects the shape of future IT departments and their needs. Given that skilled security practitioners are in short supply and are difficult to tell from so-so ones (existing certifications don't help that much), I actually think that vendors have a more dominant role in this process than any other coherent group could. Now, of course, pinning the blame is not a particularly productive pursuit. But in the end, partly because of such feedback loops, many large organizations lack the technical expertise to understand what determined attackers may attempt, and how to mitigate the threat. That's not a new problem, it's just one that the industry ignored in hopes it goes away; in this context, I'm not sure that the whole APT / cyberwar meme will do more good than harm. /mz _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki, (continued)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Val Smith (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Yiorgos Adamopoulos (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Dave Aitel (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Michal Zalewski (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki dave (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Michal Zalewski (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Dominique Brezinski (Mar 25)
- Message not available
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Dominique Brezinski (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Michal Zalewski (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Val Smith (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Jim O'Gorman (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki beenph (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Yiorgos Adamopoulos (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Kevin Noble (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Marsh Ray (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Miles Fidelman (Mar 27)
- Message not available
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 27)