Back to the NYT article on Cyberwar.
William J. Lynn III was quoted as saying that modern cybersecurity is like the French Maginot Line
“A fortress mentality will not work in cyber,” he said. “We cannot retreat behind a Maginot Line of firewalls. We must also keep maneuvering. If we stand still for a minute, our adversaries will overtake us.”
I have no idea what that means. How does one maneuver in a virtual world? Your networks are a fixed allocation of IP address space, physically hung in racks in a server room someplace.
The human desire to analogize is natural if often perverse. It’s particularly tempting and dangerous in the IT sector, when you have to explain things to a non-technical audience. But analogies should attempt to leave people smarter, not dumber. Cyber is not two armies maneuvering in Belgium. It’s more like, erm, well, a fortress.
Lynn is absolutely right that firewalls are a necessary but insufficient protection these days, especially as traffic increasingly looks like the web. It is a hard problem to tell the difference between the behaviors of you talking to your bank and a virus on your computer phoning Minsk for instructions on who to attack next.
Well-secured networks work on the principle of defense in depth. You have different rings of security systems all the way down to the local computer, and lots of monitoring of the spaces between.
Of course, network security is actually very easy. We just need to watch for the evil bit.*
* This is one of the painfully unfunny security geek running jokes. You see, when you propose a network protocol… never mind, it’s not worth explaining.