The Defender's Dilemma: Charting a Course toward Cybersecurity

The Defender's Dilemma: Charting a Course toward Cybersecurity

The Defender's Dilemma: Charting a Course toward Cybersecurity

The Defender's Dilemma: Charting a Course toward Cybersecurity

Synopsis

Cybersecurity is a constant, and, by all accounts growing, challenge. Although software products are gradually becoming more secure and novel approaches to cybersecurity are being developed, hackers are becoming more adept, their tools are better, and their markets are flourishing. The rising tide of network intrusions has focused organizations' attention on how to protect themselves better. This report, the second in a multiphase study on the future of cybersecurity, reveals perspectives and perceptions from chief information security officers; examines the development of network defense measures — and the countermeasures that attackers create to subvert those measures; and explores the role of software vulnerabilities and inherent weaknesses. A heuristic model was developed to demonstrate the various cybersecurity levers that organizations can control, as well as exogenous factors that organizations cannot control. Among the report's findings were that cybersecurity experts are at least as focused on preserving their organizations' reputations as protecting actual property. Researchers also found that organizational size and software quality play significant roles in the strategies that defenders may adopt. Finally, those who secure networks will have to pay increasing attention to the role that smart devices might otherwise play in allowing hackers in. Organizations could benefit from better understanding their risk posture from various actors (threats), protection needs (vulnerabilities), and assets (impact). Policy recommendations include better defining the role of government, and exploring information sharing responsibilities.

Excerpt

Cybersecurity is a constant and, by all accounts, growing challenge. Although software products are gradually becoming more secure and novel approaches to cybersecurity are being developed, hackers are becoming more adept and better equipped. Their markets are flourishing and the value at stake is growing. The rising tide of network intrusions has focused organizations’ attention on how to protect themselves better. But some are now asking how much longer today’s approach to cybersecurity will remain viable before something radically new will be needed.

To address these concerns, RAND conducted a multiphased study of the future of cybersecurity, under the sponsorship of Juniper Networks. The first report, Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar, examined cybercrime markets. This report scopes the future of cybersecurity by interviewing chief information security officers, taking a deep dive into the burgeoning world of cybersecurity products, and reviewing the relationship between software quality and vulnerability discovery processes. Insights from these three components (interviews, cybersecurity products, and vulnerability discovery trends) were used to develop a heuristic model that can shed light on the relationship between organizational choices and the cost of confronting cyberattacks.

This report should be of interest to the cybersecurity and information security communities.

The research was conducted within the Acquisition and Technology Policy (ATP) Center of the RAND National Security Research . . .

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.