Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Does keeping cyberattacks secret endanger US?

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 16 Sep 2011 01:05:56 -0500 (CDT)
http://gcn.com/articles/2011/09/06/digital-conflict-undisclosed-cyberattack-data.aspx

By Kevin Coleman
GCN.com
Sept 15, 2011
Hostile activities in cyberspace have grown, and by many accounts the growth rate has been dramatic. But few people have a real appreciation of just how big this issue actually is, and for good reason. When we look at the cyberattacks, we break the collective environment into three distinct areas: 

    * What happens in the classified environment?
    * What happens and is disclosed in the open environment?
    * What happens and is undisclosed in the open environment?
In the classified environment it is necessary to have controls in place to protect the information about cyberattacks from being disclosed. For these reasons information about cyberattacks in this environment is typically restricted to those with a need to know. The disclosure of this information could hinder ongoing investigations or compromise covert cyber missions.
In the open environment businesses, government entities with nonclassified-but-sensitive data, educational institutions and other organizations can and most of the time do disclose when they fall victim to cyberattacks. In some cases there are regulations that actually require the disclosure of these events. Organizations have learned that proper and timely disclosure of successful cyberattacks can actually help mitigate the total amount of attack damage to the organization. 

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Previous By Date Next
Previous By Thread Next

Current thread: