[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 20/10/10 21:07, Gibbs wrote: > > For me it depends on what the Â1,000,000,000+ on "cyber security" > equates too. The previous governments strategy is here.... http://www.cabinetoffice.gov.uk/media/216620/css0906.pdf Largely devoid of content, basically they'll co-ordinate, educate, plan, and train. I doubt things have changed much, many things carry on between governments, since a lot of activities of government are just things that have to be done. What concerns me, and what is never spelt out in detail, is they are clearly planning for offensive operations. Whilst one needs to understand modes and methods of attack, the big cyber security threats are asymmetric , where the techniques to defend, and the techniques to attack are mostly unrelated, or even competing. Some techniques like computer viruses whilst superficially appealing are hugely risky, when the opponents edit the code and send it back. In many other cases, like law enforcement, the good guys don't need to do it the way the bad guys do. For example the bad guys can steal your documents by sending you a trojan, the good guys can get a warrant and come and collect it. So I'm concerned that what is done for offensive capability might not receive the same critical analysis that stuff done for defence will get, and then someone will mess things up badly (i.e. we'll all end up as collateral damage). -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq