Cisco Logo


One of the recurring themes of 2009 for information security professionals has been the term “cyber”—whether used in the context of cyber security, cyberspace, cyber threats, cyber command, or even cyber war. Cyber traces its roots back to the Greek word kybernetes, meaning “governor,” and was picked up in 1948 by writer Norbert Wiener for his book on control sciences and electronic communications, and further extrapolated in 1984 by novelist William Gibson in his book Neuromancer. The term causes no small amount of consternation among industry purists who find the word imprecise and vague. Cyber security, after all, is little more than a shiny new name for what has long been known as information assurance, information security, or critical infrastructure assurance. If there is a reason for the term sticking in the current vernacular, and for simultaneously driving people crazy, it may be attributable to its sci-fi derivation, which evokes nefarious government “Big Brother” images.

Whatever we choose to call it, protecting our information networks is a big deal. This is clear not just from the number of major government initiatives launched this year around the world to address the problem, but also the news stories that gave them impetus:


What is keeping the officials who run these powerful entities awake at night is the asymmetrical nature of the challenge, which gives small, under-funded state or non-state actors the potential, at least in theory, to cripple the most powerful of governments, the richest multinational companies, and the largest information networks. The more advanced the country or enterprise, the more dependent it may be on electronic infrastructure, increasing its relative vulnerability. At the same time, options for retaliation by a major power in case of a successful and damaging cyber attack—assuming the perpetrator can be reasonably identified—boil down to politically problematic old-fashioned options, including guns and bombs.

The potential for disaster looms large, but a new report by the Center for Strategic and International Studies argues that the world has yet to see a truly damaging, state-level cyber attack. The report’s author, James Lewis, attributes this mostly to the technical difficulty of pulling off such a stunt. Since pulling the plug on ourselves and our networks in the name of security is not an option, the best way to defend ourselves, at least for now, may be out-running and out-manning those who would do us harm. As U.S. President Obama said in his cyber security speech this summer:

It’s the great irony of our Information Age – the very technologies that empower us to create and to build also empower those who would disrupt and destroy.

This is not a comforting thought, and for information technology professionals fielded by companies and governments to compete in this new-age race, our only strategy is to think faster and smarter, if we are to stay ahead.

Comments Are Closed

  1. Return to Countries/Regions
  2. Return to Home
  1. All Security
  2. All Security
  3. Return to Home