There have been articles in the news this week of China state-sponsored threats against the US infrastructure - none of which ever surprise me.
I know, here on CIN, we're international, so we have to be a bit sparing in our comments on where cyberattacks originate. And I am definitely not one to say that the US doesn't play reindeer games of its own.
Stay vigilant. Communicate. Share. Discuss. Develop a combat mindset.
My 12th Commandment on Information Security is: "Open disclosure is good for security". Talking about the threats that we all face, the situations that we deal with in our environments, how we teach our students, and all that is how we fight back.
I know that sometimes, getting compromised is embarrassing. No one, particularly here, wants to say, "yep, we had an incident last week and although I study and teach this stuff, I still got hit". We have to put the egos in the box and be supporting professionals with each other, by asking questions of each other, even if we are CASP's/CISSPs/etc. That's one thing that I see - that ego closes that communication.
I would say, for required reading, since this conversation opened up with China, CIN'ers should all read Sun Tzu's Art of War and think about cyber and condition ourselves and our students to treat this, not as some 'company function', but as warfare. I guarantee our adversaries are doing that.
Here's a little primer:
https://www.securitymagazine.com/ar...pply-sun-tzus-the-art-of-war-to-cybersecurity
And here's a text in PDF:
https://ia903407.us.archive.org/35/items/TheArtOfWarBySunTzu/ArtOfWar.pdf
/r
