Page 36 - CDM Cyber Warnings February 2014
P. 36
able to stop it until U.S. industry comes clean on these IT complexity� Warning sign. Inability to stop IP theft�
breaches and allows us to investigate and come up with Warning sign. Inability to spend $1 billion to fix a
ways to remediate. I know of many publicly-traded government IT problem� Warning sign. Reactive approach
companies which have lost billions in IP. I�m effectively to solving InfoSec problems. Warning sign.
trading at an advantage in the market because I don�t own
any of those companies� stocks.� Turner, also a technology So far, we have been safe….I think. But there is amazing
instructor for IANS Research, presents this scenario technology out there, a lot of it in the wrong hands. For
frequently at IANS conferences. He often talks about a instance, there is a computer virus out there now that can
theory to drive �motivation to come clean for the victims � send data to nearby computers (also infected) through
where CEOs tell the InfoSec brain trust how much IP was speakers – even when the computer power was turned off
stolen and document the value for forensic research and and Ethernet cables were unplugged. The virus is called
for baselines to be established to gauge the progress moving badBIOS and transmits data (steals IP) by jumping airgaps.
forward. In return for opening the kimono, the U.S.
government would allow the organization to on-shore $1 With technology like this in the wrong hands, I can imagine
of profit tax-free for every $1 in technology they reveal as what malicious programs are out there and the damage
stolen in his hypothetical case studies. they could cause to the systems that help manage the
provisioning of simple necessities for U.S. citizens like
Another scenario posed by Turner involves the U.S. food, water, electricity, and currency. Cyber weaponry is
government going to China – the ringleader in IP theft – clearly upon us, as reported in a recent Cyber Defense
and offering an IP-war truce where China forgives U.S. Magazine article titled �Israel and Saudi Arabia are plotting
government debt in the amount of a tech transfer license a cyber-weapon worse than Stuxnet.� What we need is a
between the two countries, amount to be determined. ton of collaboration between government computer
Whatever the scenario, Turner, one of our country�s scientists and InfoSec leaders like Aaron Turner, Jonas
InfoSec leaders, suggests the problem is too complex to Gyllensvaan and George Faucher. We also need the
eliminate and that we try to stem the tide with a carrot and educational resources and programs to produce an army
some compromise. of cyber-commandos to combat the army of cyber-
terrorists China is currently amassing. And, my daughter
Let�s face it. We have holes in IT security at every level of is ready to sign up…for the good guys.
government and industry, those protectors of sovereign
security and facilitators of the electricity that lights our About the Author
Tony Perri
homes, the fuel that makes transportation happen, and the A technology marketing professional of more than 20 years’ experience, Tony
infrastructure (banking systems) that validates our virtual is the co-founder of Vallum Software, LLC, an end-point management vendor
targeting SMB’s across a wide range of industries. Tony also resides on the
wealth. The technology ecosystem that government and advisory board for the GMI-Foundation, a non-profit online software devel-
industry hold under watch for us that delivers the basic opers’ portal dedicated to building affordable and highly-functional small-
footprint applications to the SMB marketplace. Prior to starting Vallum Soft-
necessities we take for granted, is under constant attack.
ware, Tony’s most recent corporate role was vice president of global market-
ing for Allen Systems Group (ASG), an ISV serving the Infrastructure/Ops,
Service Support, and ECM markets. Prior to ASG, Tony served as director of
We haven� t been hit with the cyber-9/11 yet, and I hope we
marketing for direct response advertising agency Datamark, and has previ-
never do. But as an InfoSec professional, I wonder of our ously directed the technology marketing strategies for Meridium Software,
Mercia Software (now Infor) and Logility Software (American Software).
cyber-crime fighting capabilities. So much is not publicized
Tony holds an ABJ from the Grady College of Journalism and Mass Commu-
and therefore so much is unknown. And wasn� t this the nications at the University of Georgia, Athens. Tony can be contacted at
case with WTC 9/11� After that tragedy, investigative [email protected].
journalism revealed many warning signs that were not
heeded that might have prevented the life-altering event.
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 36