I have been coaching youth sports for the past seven plus years now and one of my common mantras when speaking to the girls and boys each season is that “we will win as a team and lose as a team.”  In other words, I will never tolerate one player acting selfishly enough to think he or she is above everyone else on the team.  I strive to instill the objective that we will collectively pool our talents for the betterment of the team.  We use this approach because each boy and girl, believe it or not, brings with himself or herself a unique set of abilities and strengths with which the entire team will benefit.

So why should you care about my coaching philosophies?  🙂 

Well, in the same way that many teams rely on the collective talents to succeed we, as an Internet Community, must start collaborating effectively in an effort to fend off the disruptions being caused by those that desire to leverage the Internet infrastructure for their own malfeasance.  The volume, coordination, and complexity of the recent DDoS attacks require a different way of doing business on the Internet.  While I won’t naively assume that individual entities will forego their bottom line for “the good of the Internet” I do feel that there has to be an increased level of cooperation and information sharing amongst all those involved.  In no particular order this list includes, but is certainly not limited to, ISPs, network infrastructure companies, web hosting providers, public and private enterprises….

Just recently AT&T’s CSO, Ed Amoroso, suggested a call to arms to both competitors and the government to pitch in and help in the defense of networks from these waves of DDoS attacks.  In fact, I have been involved in a number of recent discussions with our enterprise customers as well as our ISP customers that are focused on identifying ways in which members of the Internet community can start collaborating with an end-goal of providing even more reliability on and resiliency of our network infrastructure, applications, and services.

Another good example of this trend is the work being done by some of the Information Sharing and Analysis Centers (ISAC) here in the United States.  In particular, I have worked with several of my peers here at Cisco and with other organizations, e.g. Arbor Networks, to support some of the efforts led by the Financial Services ISAC (FS-ISAC) to help drive collaboration amongst all of those involved in providing network connectivity, services, and applications to the Financial Institutions (FI).  For those organizations in the financial sector that would like to join forces with the existing members please visit the FS-ISAC now!

One more avenue for information sharing that is available is via InfraGard, which is a partnership between the Federal Bureau of Investigation and those in the private sector who are jointly interested in protecting the United States from adversaries.  Find out more about becoming a member today!

The participants are quite varied, their sponsorship is sometimes unidentifiable, their motivations have intensified, the resources at their disposal appear to be limitless at times, and their perseverance is now at an all-time high.  Here’s an excerpt from the National Intelligence Council’s  (NIC) new “Global Trends 2030: Alternative Worlds” Discusses Future Cyber and Terrorism Threats” report:

Growing interconnectivity of devices and software, including greater use of the cloud and integration between systems, will increase the vulnerabilities of technology leaders, including the US, to attack. Current trends suggest that deep interconnectivity between different software systems and devices is likely to become the norm, enabling remote access to all kinds of systems that are offline today. More and more everyday actions will have a digital component – boarding a bus, buying groceries, entering a meeting room. As societies become more dependent on software and systems become more interconnected, the potential levels of damage that cyberweapons will be able to inflict will increase.  Terrorists for the moment appear focused on causing mass casualties, but this could change as they understand the scope of the disruptions that can be caused by cyber warfare.

It’s up to all of us, many of whom are competitors in the same markets, to pool our efforts, enhance our inter-organization communications, leverage all of our specific talents, and collaborate effectively to protect our collective networks and all of the resources and services provided by these networks.  It’s time to “Play Ball”….together!

For all things Security don’t forget to visit our Cisco Security Intelligence Operations (SIO) Portal—the primary outlet for Cisco’s security intelligence and the public home to all of our security-related content. And, we’re easy to remember! Just go to cisco.com/security!


John Stuppi

Technical Leader

Cisco Security Research & Operations