Adaptive Segmentationmicro-segmentation November 4, 2016

Cybersecurity and upcoming election, Active Cyber Defense Plan by GCHQ, and more

Nathaniel Gleicher,

Three things I'm reading this week:


  1. What to Worry About As the Election Nears: With the election around the corner, it’s good to be reminded what the real “cyber” risks are for the election and its immediate aftermath. There have been many theories advanced — some more likely than others. This NYT piece does an excellent job of summarizing many of the most realistic threats. I’d be most concerned about the most subtle threats — for example, efforts to manipulate voter records — that could lead to confusion and disagreement about legitimacy after the election. I’m reading: “Five Possible Hacks to Worry About Before Election Day.”

  2. The UK Lays Out the Details of Its “Active Cyber Defense” Plan: The UK announced its long-watched-for cybersecurity strategy on November 1. A key part of this is the active cyber defense plan, which is intended to handle many of the intrusions targeting the UK, and do it in a “relatively automated way.” There are still plenty of questions, but this detailed overview by GCHQ lays out the goals of the program, and it will be interesting to see how the implementation shapes up. I’m reading: “Active Cyber Defence — tackling cyber attacks on the UK.”

  3. The Ways in Which Cybersecurity Is Like a Longer Lunch Break: Trying to solve cybersecurity problems can seem like an endlessly frustrating cycle. Why is that? Because often we seem to do a very bad job understanding and valuing the risk of cyber threats and the benefits of basic security. Case in point, a 2014 Federal Labor Relations Board ruling concluding that a federal agency can’t prevent its employees from accessing external email for security purposes without first getting union approval. To add to this? A rapid-response, tailor-made law designed to address this fundamental misunderstanding of the place of security that, two years later, is still languishing in Congress. h/t to Paul Rosenzweig for highlighting this story: “Why Cybersecurity Is So Hard—Absurd Division.”

Adaptive Segmentationmicro-segmentation
Share this post: