Cyber security specialists are asking the wrong question when it comes to securing computer networks against external threats, said Richard Bejtlich, chief security officer for private security contractor Mandiant of Alexandria, Va. Testing for network vulnerably gives Air Force cyber officials no idea of the enemy they are up against, said Bejtlich Friday at AFA’s Cyber Futures Conference in National Harbor, Md. Instead, cyber defenders should develop requirements for an “Are you compromised?” assessment to provide real intelligence on the enemy, he suggested. “I think that could be a real game changer, because right now we’re going onto a football field—nobody knows what the score is, we have a sense that we’re getting killed, but the only metrics we have” are on our own defenses and not the forces the enemy is bringing to bear, he explained. “You just paid a lot of money for a test [for which] you know what the answers are going to be,” he added.
Feb. 24, 2024
Timely aid for Ukraine, particularly long-range weapons, is critical to western security, CSIS panelists said, suggesting the war in Europe could end in 2025 if either side runs out of resources.