Cyber War, Active, Defense, Hype and Fear

[Gary McGraw <gem () cigital com>]

hi sc-l

The BSIMM Europe Community Conference is underway in London this week.  Meanwhile, coverage of cyber war back in the 
States takes an interesting turn.  First, a Reuters TV piece released yesterday was turned into something I did not 
expect.  A long conversation about software security and security engineering was turned on its ear and transformed 
into a piece of power grid fear mongering.  Sometimes this happens with the press.  I wrote about it on Justice League:
http://www.cigital.com/justice-league-blog/2013/03/19/why-cyber-war-talk-often-degenerates-to-hype/

All you can do in situations like this is continue to try to clarify and enhance a sane point of view.  Toward that 
end, my monthly column this month for SearchSecurity is about the folly of "Active Defense."  This was a topic of some 
concern at RSA. See http://bit.ly/146FSjd (long version  
http://searchsecurity.techtarget.com/tip/Cyberwar-calls-for-software-and-system-investment-not-hacking-back ).

Let your representatives in government know what you think.  It matters.

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
book www.swsec.com
twitter @noplasticshowers

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________