After 9/11, the FBI needed to change the way it operated. It switched its focus and looked toward identifying the enemy — a change former FBI assistant executive director Shawn Henry says needs to translate to the information security world.
Henry spoke at the Black Hat security conference in Las Vegas today and explained that one of the main problems with the security industry is the lack of focus on the enemy, with most of the focus on the networks themselves. Corporations, according to Henry, only pay attention to the bullets flying by their heads, not the people shooting the bullets.
“In the FBI since 9/11, we made significant changes in our organization,” said Henry. “You’ve got to assume that the adversary is on the network. I assume there are terrorists in this country… I know there are spies in this country… they’re here, what do you do?”
Henry suggests companies start dedicating resources toward intelligence gathering. Not just looking at their own networks, detecting vulnerabilities, and attempting to protect the perimeter, but rather going “down range.” Not only finding out who the attacker is, but also taking them out.
This is the first step toward the private sector helping the government. Henry calls on private entities to form partnerships and hand over network logs that effectively act like video camera footage.
But who the adversary really is? That’s up for debate.
“People who are suffering a loss are often not talking about the loss,” said Adam Shostack, a founder of the Common Vulnerabilities and Exposure dictionary, at Black Hat. “They’re covering up those problems.”
Jennifer Granick, director of civil liberties at Stanford University, asked the crowd to raise their hands for a quick straw poll: “Who is more afraid of Google? The government?” The crowd overwhelming raised their hands to signal their fear of Google.
“I lose my cool when I hear people from the goverment saying people from the private sector need to step up. … Providing for the common defense is what the government is supposed to do,” said Marcus Ranum, Tenable Security’s chief of security. But, he added, “the government still really sucks at handling classified material.”
Image via Meghan Kelly/VentureBeat