The Cyber Chicago Way

Uploaded on 2015-04-02 in FREE TO VIEW

the_chicago_way_by_buckleytypographics-d4yv7jf.jpg

In the movie The Untouchables an irascible long time Chicago cop played by Sean Connery explains to a naïve Elliot Ness how to get gangster Al Capone. The Sean Connery character says, “You wanna get Capone? Here’s how you get him. He pulls a knife - you pull a gun. He sends one of yours to the hospital, you send one of his to the morgue! That’s the Chicago way, and that’s how you get Capone!”
I was reminded of that speech the other day listening to Cyber Command head Mike Rogers testifying before the Senate Armed Service Committee. Rogers clearly wants to get tougher on cyber attacks. In fact, he wants vastly increased offensive capabilities – military jargon for hitting back at the attackers. Rogers made it clear, and Senate Armed Services Committee chair Senator John McCain agreed, that defensive toughness was simply not enough. We needed – in Untouchable’s parlance – to send one of theirs to the morgue.
The anger and impatience is understandable. Cyber attacks have been building in number and intensity over the last few years – beyond DDOS attacks and stealing credit card information by organized crime. The Chinese have been stealing technical secrets with abandon. The Russians have been willing to use disruptive cyber techniques against Ukraine. Iran attacked Saudi computers and destroyed thousands. But, the final straw for America came with North Korea’s shameless show of cyber bullying and attack against Sony Pictures. We did counterattack Pyongyang– or so it seemed. They were small. And it was easy work.
Still, you have to ask the question in the larger whole: what happens if one of the big guys attacks and we do send “one of theirs to the morgue.” Are we prepared to deal with consequences of a massive counter attack against civilian targets? Do we have capability detection swift and detailed enough to know they are happening and from where?
We should boost our cyber offensive capabilities, no doubt. And, I think a preemptive strike or two might be a reminder of our strength. But, cyber world is not confined to nation state against nation state attack. We can barely manage the minimal of coordination between our government and the private sector in cyber world. It is not likely a large nation state like Iran would make any distinctions. In fact, they would sensibly seek out the greatest vulnerabilities. And, for us, that is in the private sector, where about 85 percent of our cyber infrastructure is located. So, I applaud Brother Rogers for his fortitude. We simply can’t sit around and take it. But, before we send one to the morgue, let’s make sure we can take care not to send one of ours as well.
Security Insights  http://bit.ly/1EDDIdR

« Facebook Successfully Tests Laser Drones in UK Skies
UK's Merseyside Police Plan Biometric Bail System »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Acumin Recruitment

Acumin Recruitment

Acumin is an internationally established Cyber Security recruitment specialist.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

V-Key

V-Key

V-Key is a global leader in software based digital security, providing solutions for mobile identity, authentication, authorization, and mobile payments for major banks.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

IoT Defense

IoT Defense

IoT Defense (IOTD) is a cybersecurity and networking company building solutions that enable the protection of networks and the ever-increasing prevalence of IoT devices.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.

ABPCyber

ABPCyber

ABPCyber offers holistic cybersecurity solutions spanning DevSecOps, advisory and consultancy, designing and integration, managed operations, and cybersecurity investment optimization.