Improving Cybersecurity by Upending Presumptions

Abstract

So, what does this mean? That we should be on the lookout for the hidden presumptions that shape our decisionsand the resulting allocations of responsibilityabout cybersecurity. Once we spot them, we can determine whether to challenge them. For instance, if we surface the presumption that every participant in the cyber ecosystem can decide when, whether, and with whom to share security information, we can better assess what is gained and lost through such thinking. If we surface the presumption that users have a right to connect to all manner of resources without any validation of their security posture,we can more honestly assess whether other presumptions are more appropriate in a compromised environment. If we surface the presumption that every defender is on his own, and the attackers outnumber him, then we might see very poor odds. And we might decide to change them.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2014
Accession Number
AD1107767

Entities

People

  • Emily Frye

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Boundaries
  • Cyber Defense Techniques
  • Cyber Threats
  • Cyberattacks
  • Cybersecurity
  • Cyberspace
  • Ecosystems
  • Environment
  • Internet
  • Internet Of Things
  • Networks
  • Real Estate
  • Rural Areas
  • Security
  • Supply Chain

Fields of Study

  • Computer science

Readers

  • Distributed Systems and Data Platform Development
  • Military History of the United States in the 20th Century.
  • Military Logistics and Supply Chain Management

Technology Areas

  • Cyber