The War on Cybersecurity

Cyber Warriors. Cyber Warfare. Cyberattacks. NetWars. Cyberkills.

These offensive-minded buzzwords are moving the conversation away from what really counts when protecting your networked assets: defense. Make no mistake, there is a war on cybersecurity and it could be distracting you.

Security is defined as “the quality or state of being safe.” Its function is protection. But more organizations are choosing a new cybersecurity mantra: “The best defense is a good offense.” This is wrong.

More organizations are taking an offensive approach by turning to retaliation and hacking-the-hackers strategies as part of their cybersecurity plan. These incidents are becoming more common in the commercial sector, however, historically, the public sector follows their IT guidance. But this is one trend you should stay away from. Using military lingo to discuss cybersecurity and spending resources on ways to strike back, instead of protection, can be detrimental.

Excuse me while I make a very simple statement: When it comes to defending your organization, securing your computers, data, and networks properly will ensure your survival. That’s the golden rule. Spending money on attacking others is not going to make you any safer; it’s only going to take away resources from securing yourself. This isn't a physical fight. There is nothing to conquer to create safety.

From this day forward, accept that there will always be hackers in the cyber world trying to attack your assets. As an organization, to seek revenge against every gang, rival, or bored college student is a zero-sum game.

If you concentrate resources on defending your networks and with the right processes in place, the right cybersecurity products installed, and the right talent in place, you’ll be fine.

And if you want to know more, this previous post provides you with free informational cyber defensive resources to help you develop an in-depth perspective of your own.

Edit: After posting this article, GovInfo Security posted a series you may find interesting. It's called Legal Merits of 'Hack Back' Strategy and it is a roundtable discussion about the topic from members of the American Bar Association.

Photo courtesy of Acus.org.