Proactive Self-Defense in Cyberspace

August 6, 2009

With remarkable prescience, philosopher Sun Tzu crafted the piercing words above more than 2,500 years ago. His statement emphasized the advent of strategic tools that could potentially be used to defeat an opponent without actually fighting that opponent on the battlefield. Although not knowledgeable of cyber war capabilities at the time, he was contemporaneously referring to the existing diplomatic or economic means available to opposing governments. Sun Tzu later commented that an adversary who has to make defensive preparations in all areas is not truly prepared to properly conduct a battle. He pointedly noted that this type of adversary possessed many weaknesses to exploit in the long run.

In a similar vein, Sun Tzu’s comments are applicable to today’s challenges in cyberspace and help to underscore the inherent vulnerabilities prevalent within most modern networks and systems. It is quite evident that an opponent can be defeated or crippled from attacks in cyberspace. With adequate precedent today during the recent cyber attacks on Georgia and Estonia, these types of attacks could certainly precede or preclude attacks on an actual battlefield. Further, an opponent who prepares defenses in one or two areas may potentially leave other critical avenues of approach vulnerable in future encounters. An opponent who prepares everywhere in cyberspace may unwittingly feel more secure about his security measures. He may feel, in fact, too secure. Moreover, preparing cyber defenses that react to attacks addresses only half of the defensive problem facing today’s cyber security specialists. To become effective and relevant, cyber defense must be holistic in nature and address both proactive measures and the legacy reactive defensive measures taken through the employment of firewalls, intrusion detection devices, anti-virus programs, and other software programs and hardware devices.