The new normal is that industry cyberintelligence shops tend to lead the way in this type of public security activity while government follows.
In 2016, it was CrowdStrike that first investigated and pointed the finger at Russian activity aiming to interfere with the American election.
Does anyone else worry about the incentive mechanisms with this trend? When a client like the DNC hires a security firm, they are looking for answers. But answers are not always available in cyber attribution; often the best conclusion analysis can produce is an educated guess with some probability. There is rarely certainty. And yet, the clients expect the companies to assign blame to someone. If they can’t do that, why would anyone hire them?
I’m worried when the public puts as much trust in a private company like Crowdstrike as it does in its intelligence or law enforcement agencies. Are these companies not incentivized to exaggerate their degree of certainty? Or to pick the “right” boogeyman?
The new normal is that industry cyberintelligence shops tend to lead the way in this type of public security activity while government follows.
In 2016, it was CrowdStrike that first investigated and pointed the finger at Russian activity aiming to interfere with the American election.
Does anyone else worry about the incentive mechanisms with this trend? When a client like the DNC hires a security firm, they are looking for answers. But answers are not always available in cyber attribution; often the best conclusion analysis can produce is an educated guess with some probability. There is rarely certainty. And yet, the clients expect the companies to assign blame to someone. If they can’t do that, why would anyone hire them?
I’m worried when the public puts as much trust in a private company like Crowdstrike as it does in its intelligence or law enforcement agencies. Are these companies not incentivized to exaggerate their degree of certainty? Or to pick the “right” boogeyman?