24 junio 2009

Lectura: "Patrolling Cyberspace"

Tenía pendiente, desde que nos lo regalaron en la IV Jornada Internacional del ISMS Forum, la lectura del libro del que fue uno de los ponentes invitados, Howard A. Schmidt (ex-Asesor de la Casa Blanca en materia de ciberseguridad y otras muchas cosas..)

Se lee bastante bien y es bastante interesante el repaso que hace de los primeros incidentes en materia de seguridad y del fenómeno "hacker" desde su perspectiva de miembro del FBI.

Por otra parte, aunque es un libro de 2006, contiene reflexiones que siguen siendo de aplicación (de hecho, aún más, después del discurso de Obama sobre la importancia de la ciberseguridad). Os dejo aquí algunas de ellas:
"There were no published reports of the Chinese government taking any actions against the China-loyal hackers... This also marked the appearance of the China Eagle Union as an aggressive hacker group with international targets."

"I fear that some day a cybercatastrophe will occur because the existing disorganization between agencies was so acute that the evidence collected by the various jurisdictions was not share and, therefore, the necessary electronic dots could not be connected. [...] This is especially critical when the target migrates from money to threats on the nation's critical infrastructure."

"Almost 85% of the nation's critical infrastructure is in private hands (se refiere a EE.UU. pero en Europa supongo que será algo similar). [...] While good for consumers seeking lower prices and more choice, it was bad for promoting any type of cooperation and information-sharing [...] in order to develop a comprehensive method to secure the critical infraestructure that is in their care".

"Effective response to any disaster is based on preparation. Our system is based on a free market economy, so we are faced with another potencial source for failure when company profits are not inverted to the degree necessary for optimal security." (esto es lo que hemos hablado otras veces sobre el componente de externalidad implícito en la seguridad)

"We all need to do our part to secure our place in cyberspace"

No hay comentarios: