Cyber Intrusions Into Air Force Computers Take Weeks to Detect

Can someone please explain a “cyber moat?”

We have lots of problems.  We are stuck in a forensic mind-set. Our defensive techniques don’t evolve as fast as the should. We are out numbered.

I never considered the problem of cyber moats.

It must be worse than I thought.

I really hope that we can get beyond 13th century castle defense analogies.

Don’t get me wrong, there are things to learn from physical fortification.  However, like castles in the time of cannon, there are times when offensive capabilities must force defenders to change their understanding.

I’m afraid that we are drawing too much from physical protection theory.  I find counter intelligence to be a better theoretical underpinning – assume you will be penetrated, reduce damage once exploited, focus on prevention and early detection.

From my experience with senior leadership, I find that we continue to pander to their lack of understanding in the domain by drawing inferences and analogies from domains they tend to understand better – namely physical protection.  However, to move forward we must escape from this trap if we are to evolve.