Comments on: Cyber-equivalent of Monroe Doctrine needed to repel Internet attacks http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/ on Internet security by Byron Acohido Wed, 10 Mar 2010 13:59:48 +0000 http://wordpress.org/?v=abc hourly 1 By: Jeff P http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-222 Jeff P Mon, 16 Mar 2009 16:12:05 +0000 http://lastwatchdog.com/?p=942#comment-222 Interesting concept. It is probably wothwhile to remember a couple of things about the Monroe Doctrine. The Monroe doctrine was issued in defense of the entire Western Hemisphere, not just the US. When the Monroe Doctrine was published the US didn't have the muscle to back it up, it was more a statement of principle. The published doctrine set the stage to be invoked later when the US did have the power to do so. So with that in mind, we probably do need a similar statement of national doctrine of self defense, and perhaps it should be more broadly stated than just the defense of US things. Perhaps more along the lines of NATOs mutual defense. When we have the capabilities in place, that future administration will be able to invoke the previously stated doctrine. Unfortunately, this is unlikely to happen during the current administration. Interesting concept. It is probably wothwhile to remember a couple of things about the Monroe Doctrine.

The Monroe doctrine was issued in defense of the entire Western Hemisphere, not just the US.

When the Monroe Doctrine was published the US didn’t have the muscle to back it up, it was more a statement of principle. The published doctrine set the stage to be invoked later when the US did have the power to do so.

So with that in mind, we probably do need a similar statement of national doctrine of self defense, and perhaps it should be more broadly stated than just the defense of US things. Perhaps more along the lines of NATOs mutual defense. When we have the capabilities in place, that future administration will be able to invoke the previously stated doctrine.

Unfortunately, this is unlikely to happen during the current administration.

]]> By: eric johnson http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-196 eric johnson Thu, 12 Mar 2009 01:10:40 +0000 http://lastwatchdog.com/?p=942#comment-196 Certainly reflects a growing conversation on the lack of US Cyberdoctrine. The Lieberman/Collins report last month also focused on that: http://www.thei3p.org/news/senate_report.html Eric Certainly reflects a growing conversation on the lack of US Cyberdoctrine. The Lieberman/Collins report last month also focused on that:

http://www.thei3p.org/news/senate_report.html

Eric

]]> By: Anne Wallace http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-195 Anne Wallace Wed, 11 Mar 2009 19:55:44 +0000 http://lastwatchdog.com/?p=942#comment-195 The call for a comprehensive national cyber security plan is right on, and I believe consumers can and should help make it a reality. My organization helps consumers recover from identity theft. Not surprisingly, people focus most on the risks that are closest to them. For consumers, that means identity theft, not the big picture challenges like the cyber crime that spawns identity theft. I hope we find ways to engage the public as supporters of America's cyber security. Anne The call for a comprehensive national cyber security plan is right on, and I believe consumers can and should help make it a reality. My organization helps consumers recover from identity theft. Not surprisingly, people focus most on the risks that are closest to them. For consumers, that means identity theft, not the big picture challenges like the cyber crime that spawns identity theft. I hope we find ways to engage the public as supporters of America’s cyber security.

Anne

]]> By: bacohido http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-194 bacohido Wed, 11 Mar 2009 16:28:38 +0000 http://lastwatchdog.com/?p=942#comment-194 Andy: You've hit upon some profound questions that should be discussed -- and answered. Getting such questions out in the open is a good thing. It will be crucial to see what Hathaway recommends on April 2, and how the Obama administration responds. Byron Andy:
You’ve hit upon some profound questions that should be discussed — and answered. Getting such questions out in the open is a good thing.
It will be crucial to see what Hathaway recommends on April 2, and how the Obama administration responds.
Byron

]]> By: Gary McGraw http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-192 Gary McGraw Wed, 11 Mar 2009 15:44:38 +0000 http://lastwatchdog.com/?p=942#comment-192 Interesting article Byron. Monroe had the advantage of a powerful meat space army to back up his territorial claims. I am not sure we have the same capabilities as a nation when it comes to cyber security. I am a software security advisor/consultant to many large multinational companes. Every once in a while, one of “us” comes along and gets involved in cybersecurity in Washington (you go Amit), but we don’t seem to stick. The latest casualty happened this week. http://www.technewsworld.com/story/Political-Turf-Wars-Drive-Out-US-Cybersecurity-Chief-66431.html As I say in the article above, I'd like to see the Obama administration take a leadership role in cutting through the interagency politics associated with cybersecurity. There's been a real paradigm shift in commercial software security in the past 10 years, but the government has not made as much progress as companies like Microsoft, Google EMC, and some of the major banks have (think BSIMM http://bsi-mm.com). What we need is an epiphany along the lines of former Microsoft CEO Bill Gates' "trustworthy computing" memo of January 2002. That was a leadership moment, and we need that for the country now. We also need somebody smart and knowledgeable to be appointed to carry out those software security activities. gem Interesting article Byron. Monroe had the advantage of a powerful meat space army to back up his territorial claims. I am not sure we have the same capabilities as a nation when it comes to cyber security.

I am a software security advisor/consultant to many large multinational companes. Every once in a while, one of “us” comes along and gets involved in cybersecurity in Washington (you go Amit), but we don’t seem to stick. The latest casualty happened this week.

http://www.technewsworld.com/story/Political-Turf-Wars-Drive-Out-US-Cybersecurity-Chief-66431.html

As I say in the article above, I’d like to see the Obama administration take a leadership role in cutting through the interagency politics associated with cybersecurity. There’s been a real paradigm shift in commercial software security in the past 10 years, but the government has not made as much progress as companies like Microsoft, Google EMC, and some of the major banks have (think BSIMM http://bsi-mm.com). What we need is an epiphany along the lines of former Microsoft CEO Bill Gates’ “trustworthy computing” memo of January 2002. That was a leadership moment, and we need that for the country now. We also need somebody smart and knowledgeable to be appointed to carry out those software security activities.

gem

]]> By: Andy Murphy http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-191 Andy Murphy Wed, 11 Mar 2009 14:53:59 +0000 http://lastwatchdog.com/?p=942#comment-191 Interesting thought re. the Monroe Doctrine. But how do we enforce it? It was relatively simple with the Monroe Doctrine -- use military force (the Spanish American War being the most vivid example). Do we go to war over cyberattacks? Or do we respond with our own cyber counterattacks? Do we hold governments accountable for the activities of their criminal groups? A doctrine needs teeth to work or it's just posturing, and I'm not sure how this thing ever gets teeth. Interesting thought re. the Monroe Doctrine. But how do we enforce it? It was relatively simple with the Monroe Doctrine — use military force (the Spanish American War being the most vivid example). Do we go to war over cyberattacks? Or do we respond with our own cyber counterattacks? Do we hold governments accountable for the activities of their criminal groups? A doctrine needs teeth to work or it’s just posturing, and I’m not sure how this thing ever gets teeth.

]]> By: Gary McGraw http://lastwatchdog.com/cyber-equivalent-monroe-doctrine-needed-repel/#comment-188 Gary McGraw Wed, 11 Mar 2009 14:08:49 +0000 http://lastwatchdog.com/?p=942#comment-188 Nice work Byron. If only we had the kinds of power in cyberspace that Monroe could count on in meat space way back when. Should we itch for a fight that we may have a hard time dominating? I am a software security scientist and advisor/consultant to many large multi-national corporations. Every once in a while, one of “us” comes along and gets involved in cybersecurity in Washington (you go Amit), but we don’t seem to stick. The latest casualty happened this week. http://www.technewsworld.com/story/Political-Turf-Wars-Drive-Out-US-Cybersecurity-Chief-66431.html As I say in the article above, I'd like to see the Obama administration take a leadership role in cutting through the interagency politics associated with cybersecurity. There's been a real paradigm shift in commercial software security in the past 10 years, but the government has not made as much progress as companies like Microsoft, Google EMC, and some of the major banks have (think BSIMM http://bsi-mm.com). What we need is an epiphany along the lines of former Microsoft CEO Bill Gates' "trustworthy computing" memo of January 2002. That was a leadership moment, and we need that for the country now. We also need somebody smart and knowledgeable to be appointed to carry out those activities. Speak up software security types, we have an opportunity to make a difference. gem http://www.cigital.com/~gem Nice work Byron. If only we had the kinds of power in cyberspace that Monroe could count on in meat space way back when. Should we itch for a fight that we may have a hard time dominating?

I am a software security scientist and advisor/consultant to many large multi-national corporations. Every once in a while, one of “us” comes along and gets involved in cybersecurity in Washington (you go Amit), but we don’t seem to stick. The latest casualty happened this week.

http://www.technewsworld.com/story/Political-Turf-Wars-Drive-Out-US-Cybersecurity-Chief-66431.html

As I say in the article above, I’d like to see the Obama administration take a leadership role in cutting through the interagency politics associated with cybersecurity. There’s been a real paradigm shift in commercial software security in the past 10 years, but the government has not made as much progress as companies like Microsoft, Google EMC, and some of the major banks have (think BSIMM http://bsi-mm.com). What we need is an epiphany along the lines of former Microsoft CEO Bill Gates’ “trustworthy computing” memo of January 2002. That was a leadership moment, and we need that for the country now. We also need somebody smart and knowledgeable to be appointed to carry out those activities.

Speak up software security types, we have an opportunity to make a difference.

gem

http://www.cigital.com/~gem

]]>