Debora Plunkett, head of the NSA’s Information Assurance Directorate, has confirmed what many security experts suspected to be true: no computer network can be considered completely and utterly impenetrable – not even that of the NSA.
“There’s no such thing as ‘secure’ any more,” she said to the attendees of a cyber security forum sponsored by the Atlantic and Government Executive media organizations, and confirmed that the NSA works under the assumption that various parts of their systems have already been compromised, and is adjusting its actions accordingly.
To preserve the availability and integrity of the systems it has the duty to protect, the NSA has turned to standardization, constant auditing, and the development and use of sensors that will be placed inside the network on specific points in hope of detecting threats as soon as they trigger them, reports Reuters.
The problem with cyber defense – especially when it comes to attacks backed by governments and intelligence organizations – is that attackers are usually highly motivated and often very well funded.
Organizations can think of a hundred things to do to secure a system, but the attackers have time, money and incentive to keep at it as long as it takes to identify that crack in the armor that will allow them to get in.
So far, as I can see, the main aspect of cyber defense that every one should concentrate on is real-time detection of intrusions that would allow defenders to actively fight off the attackers – and the NSA is possibly on the right track if the sensors the plan to deploy will allow them to do that.