Error in Cyber security Paradigm.

This blog set to diaplay 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G

Error in Cyber security Paradigm.

IT directors / managers CIO chief Information Officers 

are among some of the most misdirected security 

providers of any industry.

If CIO's were head of the DOD the US

would have huge fixed coastal defenses

and there would be pirates raiding the US 

coasts, pillaging and stealing at will.

CIO's are risk aversive, born cooing code,

and raised in HTML nurseries.

And spend a lifetime defending code,

and blocking malware.

They build cyber fixed Coastal defenses

on their networks.

A CIO as a platoon leader would build mud

wall around HQ and never patrol, never send

forces out, too risky.

And that is about the state of Cyber security

today.

Cyber forces scare the hell out of CIOs.

Never been used before, something might

go wrong, unknown risks.

Better stick with fixed fortifications they have

known risks.

This is why the US Cyber forces have their 

hands shackled.

And NSA, fort Meade fear turf intrusion and

interference in their operations.

NSA has a lock on WWW magic, stealth

and penetration. 

And NSA's mission IS NOT PROTECTION of

the WWW or anything other than its own network.

In fact their mission is to be able to violate any and

all Security.

CIO's are security people. Always trying to lock cyber doors.

Forever Building fated fixed coastal defenses.

They are not a policing force, they lack any deterrent

facility. And function on a risk aversive paradigm.

Military defense however functions on a much different

paradigm. Which is why US doesn't have fixed coastal 

defenses. They don't provide security, and are easily defeated.

To protect the US coasts the Dept of Defense rely on

a mix of offensive forces. Air power, ships, etc.

And we have no pirates off the US coast line.

Military minds are needed to provide security for

US cyber coast lines. The ability to deploy offensive

cyber forces to repel attacks, ability for hot pursuit.

Same as in the "real" world.

Relying on fixed cyber defenses is futile.

The current paradigm allows the pirates to pound on

our defenses to the level of millions of attempts a day.

Anonymous is a possible example.

They have lead successful attacks before.

But in the case of wikileaks this is the first time

a National Civilian cyber force has opposed them.

Anonymous has experienced trained organized counter strikes

against them, and stated they are changing their paradigm

in this instance, dropping DOS attacks and becoming more politically active.

This was not lead by a CIO but more military minded cyber forces

using a offensive capability, NOT FIXED DEFENSES.

I'm tired of watching the US cyber persona playing victims.

The US Marines do not set in fixed battlements taking losses,

they move and maneuver and engage the enemy.

Why is it taking so long for the US Cyber Paradigm

to adopt common sense military doctrine for defense

of its cyber assets.

Instead they elect to act as fixed targets.

In the current paradigm there is very little 

deterrence. Just wave after wave of assaults

without retribution. The biggest and easiest

target in the world.

Take the shackles off the US cyber forces,

let them engage the bad guys, attach a cost

to attacking US cyber assets.

Stop being the cyber security joke of the world.

US has the force use it to defend, go offensive

when attacked, track and destroy in real time.

If its Grandmas PC that a bot herder is controlling,

that is not an excuse not to take her PC off line.

If they had stolen Grandmas car would the cops

refuse a pit maneuver to stop a perp?

I don't think so. 

Nor is a take over of someones PC, a pass card

to avoid consequence for your PC attacking some one.

Cyber security equals a CIO on the site and a cyber

platoon leader patrolling out side the fire wall engaging

in hot pursuit. That will equal deterrence.

Gerald

Tactical Internet Systems analyst.

.