Don’t be a Cyberista. We can’t afford it.

Last Updated on Sunday, 31 January 2010 09:34 Written by Jeffreycarr Sunday, 31 January 2010 09:34

You sold your soul to the devil when you put on your first pair of Jimmy Choo’s, I saw it.
- Emily (to Andy) “The Devil wears Prada”

You may have heard the term “Fashionista”; i.e., people devoted to the creations of a select group of fashion designers and who only wear their designs. I have adapted the term to reflect what I’m seeing happen in Washington DC as well as in major U.S. corporations. Decision makers are being swayed by whatever novel term, concept, or strategy is popular at the moment. Right now that term is APT (Advanced Persistant Threat). Tomorrow it will be something else. And the politician, policy maker, General, and C-level executive who makes an information security decision based solely on what’s hot at the moment is the cyber equivalent of a slave to fashion – a “Cyberista”.

This is not to say that the concept behind APT is without value. Just the opposite. The concept of an adversary committing time, resources, and money to the long-term exploitation of a valued network is critical for you to understand. But there are endless permutations to that which are just as critical and they’ll be missed if the only reason you’re buying it is because you bought the hype, or because that’s the keyword on everyone’s lips.

How to tell if you’re a Cyberista

  • Do you become enraged when you read something critical about APT?
  • Do you feel the need to personally attack the critic who wants you to see its flaws?
  • Are your buying decisions influenced or determined by the “cool” product de jour?

Why are you picking on Mandiant?

I’m not picking on Mandiant. I was critical of their decision to commission a marketing white paper and release it as a “report”. Words are important. The precise use of words to convey a national security matter is extremely important. That’s why many intelligence analysts use “Words of Estimative Probability” when writing reports for their customers. GreyLogic/Project Grey Goose reports are written that way as well.

Bottom line – when you’re looking to learn about a threat, emulate Joe Friday from Dragnet and ask for “just the facts”. Don’t become a Cyberista. The country cannot afford it.

Tags: , ,

This entry was posted on Sunday, January 31st, 2010 at 9:34 am and is filed under Cyber, Information Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply