Forget trying to get other countries to immediately curb their online espionage activities via a cyber "code of conduct." Instead, the United States should first work with other nations to combat cybercrime.
So says John Pescatore, director of emerging technologies at the cybersecurity training firm SANS Institute. "I'd look to some level of law enforcement cooperation first, and later on more of these meaningful government treaties or that kind of thing," he says in an interview with Information Security Media Group.
Pescatore's comments follow a recent two-day China-U.S. strategic summit in Washington, where both sides agreed on the need to create and abide by a new cyber "code of conduct."
That announcement came in the wake of the White House reporting that it discovered a massive data breach at the U.S. Office of Personnel Management, for which some administration officials have blamed China. Chinese officials, meanwhile, have strongly denied those allegations.
Regardless of who hacked who, Pescatore says that organizations should focus on strengthening their defenses against all types of attackers and getting better at learning from each other's information security shortcomings. "We don't want to blame the victims. OPM was horribly insecure, but that's just like me if I forgot to lock my doors at night - it's still a crime to break into my house," he says. "Rather than focus on who launched these attacks ... the real focus needs to be, just like when a plane crashes ... Why did this happen? ... What needs to change to not make it happen next time?"
Cyberwarfare vs. Cybercrime
In this interview with Information Security Media Group, Pescatore also discusses:
- Challenges the U.S. has faced since attempting to classify most online attacks as cyberwarfare, instead of cybercrime;
- The need to create breach investigation and response teams in the mold of the industry's response to the discovery of the Heartbleed OpenSSL bug;
- The benefits of focusing first on acceptable "cyber hygiene" rules of behavior, rather than agreements between governments to abide by any espionage-related code of conduct.
Pescatore, director of emerging technologies at SANS Institute, has more than 35 years' experience in computer, network and information security. He previously served as Gartner's lead security analyst for 13 years. Prior to that, he was a senior consultant for Entrust Technologies and Trusted Information Systems and spent 11 years with GTE. He began his career at the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems.