Lately, the most common question I get when doing briefings and presentations about the growing threat of cyber attacks is: What is the answer?
I have been giving that a fair amount of thought and have solicited input from others who are active in the field and have a good understanding of the current state of this threat. So I am going to try and address this question for the first time publicly.
Let me start by saying there is no one or simple answer to this complex and highly dynamic issue. It would be way too costly to perform the amount of software testing needed to remove the coding errors that are exploited in efforts to compromise the huge inventory of systems that are in use today.
While current research and new tools are reducing the coding issues, they cannot be completely eliminated. Therefore, we have no choice but to live with vulnerabilities and cyber attacks.
That being said there are a few things that could be done in order to make life easier in this highly connected world.
Here is what I believe is the most important one: Gaining international cooperation from the over 200 countries currently connected to the Internet.
This cooperation would not just share cyber threat intelligence from the attacks experienced by each country, but would establish a mandatory level of cooperation for the investigation of cyber attacks and bringing those behind them to justice.
There are signs that this is beginning to happen but it is far from including all those countries connected to the Internet. Diplomatic efforts are needed to accelerate these efforts.
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.