Re: More on Cyber War

[Benjamin Tomhave <tomhave () secureconsulting net>]

On 6/22/10 4:00 PM, Haroon Meer wrote:
> Hi..
Howdy!

> Would have considered it slightly off-list-topic, but the current
> thread seems to allow it in :>
It's Gary's fault! (we can blame him since he's on vacation:)

> My slides from the 2010 Conference on Cyber Conflict are now online at
> [http://blog.thinkst.com/2010/06/conference-on-cyber-conflict-slides.html]
An interesting presentation, consistent with others I've seen on the
topic. The problem around the "cyberwar" (or "cyber conflict") stuff is
definitional. We need to be extremely careful using the word "war" as it
tends to have very specific connotations. You also get into issues about
defining what is or isn't "critical infrastructure" and the degree of
direct responsibility the government should own for responding to, or
coordinating response to, a major incident. Putting it in context for
this list, one extreme could say that everything considered "critical
infrastructure" could be subject from direct government oversight,
including requirements for appsec and secure coding, complete with
DoD/comparable testing, C&A, etc. fwiw.

-ben

-- 
Benjamin Tomhave, MS, CISSP
tomhave () secureconsulting net
Blog: http://www.secureconsulting.net/
Twitter: http://twitter.com/falconsview
LI: http://www.linkedin.com/in/btomhave

[ Random Quote: ]
"Confidence is contagious. So is lack of confidence."
Vince Lombardi
_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________