Current techniques to provide digital security are executed with a woefully inadequate strategy, considering a frighteningly short time horizon. Profits from cyber-crime are shifting the threat from board teenagers to well financed professionals. As the severity of cyber threats become increasingly more sophisticated, so too must the strategy in combating them.
Security continues to sap vital resources and manpower from the Information Technology (IT) department. Rather than focusing on the efficiency of knowledge management, IT professionals are increasingly swamped with cyber security tasks. Profits from cyber-crime are shifting the threat from board teenagers to well financed professionals. A security survey analysis concluded, "as break-ins morph from prank to business, profit-driven attackers are less likely to waste time or take chances using outdated or ineffectual techniques," (Goodin, 2006, p.2). IT professionals are bracing themselves for a deluge of highly sophisticated attacks that will tax their ability to defend their infrastructure. Only through a strategy of Offensive Defense can the IT community cope with the growing threat. Such a strategy comprises three main parts? providing end-user anti-virus protection, creating an industry standard for defense collaboration, and integrating efforts across user types.
The reactive nature of current defense methods is woefully inadequate. People exercise a propensity to focus on anecdotal events at the expense of potential risks. Subsequent "solutions tend therefore to be consequentially based rather than interdicting the threat proactively or preemptively," (McMahon). This unfortunate aspect of human nature precludes ever "getting ahead" of the workload of IT security. Companies across the spectrums of size and industry must partner with major cyber security firms to take the offensive back from the criminals by building an offensive defense.
The first component of an offensive defense?providing free anti-virus protection to end users?seems difficult to enact. This is not to say it would not be a sound investment for an individual company. Taking work home and digitally transferring the value-added back onto company servers carries a significant risk that a piece of malware will hitch a ride on the trusted file. And while company anti-virus should catch it at the point of entry, why wait for the threat to arrive in the castle keep to act? Keeping employee personal computers safe at home aids in the companies defense at the office. Motivating employees to install such ...
As the severity of cyber threats becomes increasingly more sophisticated, so too must the strategy in combating them. Current techniques to provide digital security are executed with a woefully inadequate strategy, considering a frighteningly short time horizon. The author proposes an offensive defense comprised of corporate partnership with successful cyber defense software companies to provide a united front against malware. The initial capital investment of free anti-virus software to users would be offset in time by added security and stability, the key to which is integration of the social subsystem in order to execute such a strategy.