Some eye-opening stuff from presenters at the Raytheon Cyberstrategies seminar that I spoke at today. Richard Stiennon was impressive with his personal stories about some of the most notable “cyber warfare” events of the past couple of years, including the debacles in Georgia and Estonia, and of course the latest developments in the Google/China story. One of the minor points of Richard’s presentation (but one I found fascinating) was that cyber warfare is “asymetrical,” i.e., the cost of mounting an attack is trivial whereas the cost of defending against an attack is monumental. The term asymetrical warfare entered most people’s vocabularies (including mine) post 9-11 to describe terrorist vs. military conflict, but I had never connected the dots from the physical to the virtual world.
Mike Theis gave one of the more insightful presentations I have seen around security pitfalls and strategies for social networking tools. Although the temptation for many organizations – especially those that are the most security sensitive – may be strong to simply block these technologies, they are missing out on the tremendous value they can provide. Mike pointed to three fundamentals for tackling this issue: 1) getting better at judging trustworthiness in the digital world 2) making sure that the controls we have over information access are properly tuned and tailored, and 3) ensuring that we have the ability to adequately monitor what is happening inside our own institutions.
I think my presentation was a good fit. I focused on how we can create and manage information in a trustworthy way. I talked about some recent developments that demonstrate that this challenge is only getting more difficult and complex, and laid out my thinking on a strategy for tackling this problem.
I don’t use PPT slides as a teleprompter, so I’m not really sure that the slides have much value without the audio, but perhaps you might find some value in them. I’ve embedded it below.