« previous next »
Pages: [1]   Go Down

Author Topic: An Experiment Showed that the Military Must Change Its Cybersecurity Approach  (Read 341 times)

0 Members and 1 Guest are viewing this topic.

Offline rangerrebew

  • TBR Contributor
  • *****
  • Posts: 176,970
An Experiment Showed that the Military Must Change Its Cybersecurity Approach
« on: August 18, 2022, 07:43:58 am »
An Experiment Showed that the Military Must Change Its Cybersecurity Approach
The Defense Department’s current “checklist” approach can’t keep its networks safe.
PATRICK TUCKER | AUGUST 16, 2022
CYBER NAVY JADC2
   
Two years ago, a pair of Navy information leaders decided to attack their own networks—and not just once or twice a year during scheduled exercises, but far more frequently, and unannounced. Now they’re trying to get the rest of the Navy—and the Pentagon—to follow suit.

Their experiment showed that frequent, automated red-teaming reveals which vulnerabilities are the most dangerous, the easiest for an attacker to exploit with the highest impact—information they wouldn’t have otherwise, said Aaron Weis, the Navy’s chief information officer, or CIO, and Scott Bischoff, the command information officer at the Naval Postgraduate School.

And it’s far more effective than the way the Defense Department currently handles cybersecurity: with checklists of steps taken, patches implemented, and so on.

https://www.defenseone.com/technology/2022/08/experiment-showed-military-must-change-its-cybersecurity-approach/375925/
Logged
The unity of government which constitutes you one people is also now dear to you. It is justly so, for it is a main pillar in the edifice of your real independence, the support of your tranquility at home, your peace abroad; of your safety; of your prosperity; of that very liberty which you so highly prize. But as it is easy to foresee that, from different causes and from different quarters, much pains will be taken, many artifices employed to weaken in your minds the conviction of this truth.  George Washington - Farewell Address

Offline Kamaji

  • Hero Member
  • *****
  • Posts: 48,301
Re: An Experiment Showed that the Military Must Change Its Cybersecurity Approach
« Reply #1 on: August 18, 2022, 08:13:56 am »
It's call pen testing (penetration testing) and companies that are really interested in actual security, rather than virtue-signalling, hire pen testing teams to do precisely this.  It's a little surprising that the military doesn't.
Logged

Offline rangerrebew

  • TBR Contributor
  • *****
  • Posts: 176,970
Re: An Experiment Showed that the Military Must Change Its Cybersecurity Approach
« Reply #2 on: August 19, 2022, 06:02:36 am »
Quote from: Kamaji on August 18, 2022, 08:13:56 am
   It's a little surprising that the military doesn't.

Might the name Milley enter here? :pondering:
Logged
The unity of government which constitutes you one people is also now dear to you. It is justly so, for it is a main pillar in the edifice of your real independence, the support of your tranquility at home, your peace abroad; of your safety; of your prosperity; of that very liberty which you so highly prize. But as it is easy to foresee that, from different causes and from different quarters, much pains will be taken, many artifices employed to weaken in your minds the conviction of this truth.  George Washington - Farewell Address

Offline EdinVA

  • Hero Member
  • *****
  • Posts: 4,034
  • Gender: Male
Re: An Experiment Showed that the Military Must Change Its Cybersecurity Approach
« Reply #3 on: August 19, 2022, 08:22:35 am »
This whole cyber security thing just strikes me much the same way climate junk does....
Putting a 100% lock and internet access is impossible.  Last I read there are 10's of millions of serious hackers and 30,000 web sites are hacked per day.
A "lock" only keeps honest people honest, if a crook wants in, they will get in.  You can detect the intrusion and somewhat track it but prevention is nothing but a hole in the water to pour money into.

The only real security is to get sensitive information away from the web...
Logged
Pages: [1]   Go Up
« previous next »