A case for active cyber defense

What: A report from the Center for a New American Security (CNAM) that outlines reasons for policymakers to provide guidance and clarity on the debate about active cyber defense (ACD).

Why: ACD, or the range of proactive actions taken to engage an adversary before and during a cyber-incident, “can dramatically improve efforts to prevent, detect and respond to” sophisticated attacks, says author Dr. Irving Lanchow, CNAS Senior Fellow and Director of the Program on Technology and U.S. National Security. Lanchow explains why ACD is needed, and what constitutes the cyber engagement zone. There is also a lack of clarity about which ACD actions companies and agencies can legally take to defend themselves, and the author urges lawmakers to develop a framework for ACD initiatives.

Verbatim: Only 6 percent of organizations detect advanced attackers via internal methods. Targeted attacks continue to evade preventive defenses. During 2011, the vast majority of targeted organizations – 94 percent – learned that they were victims of cyber-attacks from an external entity such as law enforcement.

Full Report: http://www.cnas.org/files/documents/publications/CNAS_ActiveCyberDefense_Lachow_0.pdf