Reflections on Suits and Spooks DC

It's been one week since the Suits and Spooks DC (SNSDC) event took place and I've made four of the presentations given that day available for download. Not all of the speakers, including me, wanted their information available outside of the protected venue that we offer so for those of you who couldn't make it last week, watch for our upcoming announcement of Suits and Spooks LA this summer. Yes - the next event will be in Los Angeles - probably Santa Monica, to be specific. The exact date and venue is still being explored. but I can tell you that it will be held on a Friday so that, if you're traveling in, you can enjoy the weekend on the beach afterwards.

The general consensus of those attending Suits and Spooks DC was overwhelmingly positive. Dr. Mark Drapeau attended and wrote a review of SNSDC: "Suits and Spooks Rendezvous for the Greater Good". It was my hope that by inviting a multi-disciplinary lineup of speakers that some common themes would emerge, and in fact - that's what happened. One of the points that I made in my opening remarks was that we should re-assess which attacks should be investigated and which should be let go. The FBI and US-CERT are overwhelmed with tracking everything from probes against government networks to DDoS attacks to targeted attacks against the Defense Industrial Base. That's far too much to expect any agency to do let alone ones burdened with budgetary and staffing problems. One of John Robb's 27 Rules was that "it’s better to damage and impair a network than to completely destroy it, because it forces the target to use up more resources for repair." That's what Anonymous is succeeding at doing so brilliantly - using up massive amounts of federal, state and local resources in multiple countries without ever actually destroying anything. Someone needs to conduct a hard target evaluation on whether Anonymous attacks deserve the same importance as the theft of critical data or attacks against critical infrastructure.

While Anup Ghosh gave example after example of how inept our past approaches to information security have been, Dan Geer made an elegant argument for the need harness the world's "unemployed geniuses who are, incidentally, desperate for a job" rather than continue to turn over our security to machines. Jonathan Hutson started off his remarkable presentation on the Satellite Sentinel Project by explaining that the worst question one can ask when faced by a seemingly impossible task is "how can I help?" The passivity of that question doesn't fare well against insurmountable odds. A far better question, Jonathan explained, is "what needs to be done?". Then do it, no matter how impossible the problem looks to be. That's great advice, regardless of the challenge.

Comments