Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

More on US Cyber Security Policy

From: Gary McGraw <gem () cigital com>
Date: Wed, 1 Jun 2011 08:33:37 -0400
hi sc-l,

You may recall the informIT article that I wrote with Ivan Arce about Cyber War: Cyber Warmongering and Influence 
Peddling<http://www.informit.com/articles/article.aspx?p=1662328> (November 24, 2010). When I ran that article up the 
policy flagpole in DC, the reaction was decidedly mixed. Maybe a bit too technical and a bit too raw was the verdict.  
The idea was supposedly to get through to the policy types.

So, a complete rewrite of the core concepts with the help of Center for a New American Security CEO Nathaniel Fick was 
in order. I’m happy to say that the result looks good and has been included in the recent CNAS report on Cyber Security 
called “AMERICA’S CYBER FUTURE: SECURITY AND PROSPERITY IN THE INFORMATION AGE VOLUMES I AND 
II<http://www.cnas.rsvp1.com/node/6405?mgh=http%3A%2F%2Fwww.cnas.org&mgf=1>” (sorry for yelling, that’s how the policy 
people do it). In volume II as chapter 3, you will find the paper I wrote with Nate. The new title? “Separating the 
Threat from the Hype: What Washington Needs to Know About Cyber 
Security<http://www.cnas.org/files/documents/publications/CNAS_Cyber_Volume%20II.pdf>” You can download the complete 
report from the CNAS website here<http://www.cnas.rsvp1.com/node/6405?mgh=http%3A%2F%2Fwww.cnas.org&mgf=1> (volume II 
here<http://www.cnas.org/files/documents/publications/CNAS_Cyber_Volume%20II.pdf>).

I would love to see us turn the Washington sound and the fury from cyber war to cyber crime where it belongs. What do 
you think?

gem

p.s. In other policy-related writing, my current informIT article Computer Security and International 
Norms<http://www.informit.com/articles/article.aspx?p=1719778> (May 30, 2011) discusses the recently-released White 
House “International Strategy for Cyberspace.”

company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com



_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
Previous By Date Next
Previous By Thread Next

Current thread: