Evaluating the U.K.’s ‘Active Cyber Defence’ Program:

In November 2016, the U.K. government its Active Cyber Defence (ACD) program with the intention of tackling “in a relatively automated [and transparent] way, a significant proportion of the cyber attacks that hit the U.K.” True to their word, a little over a year on, last week the U.K.’s National Cyber Security Centre (NCSC) published a (over 60 pages long) of their progress to date. The report itself is full of technical implementation details. But it’s useful to cut through the specifics to explain exactly what ACD is and highlight its successes—how the program could benefit the United States as well.

There are three defining features of the ACD program: government-centered action, intervention, and transparency.

(Via Lawfare – Hard National Security Choices)

Read the article for a nice summary of the report, including the section towards the end that talks to potential benefits for the U.S.


This is a review of Lucas Kello’s The Virtual Weapon and International Order (Yale University Press, 2017):

The questions that Kello’s proposals raise simply prove his point about the need for interdisciplinary discussions to tackle the multifaceted challenges that cybersecurity poses. The book’s three-part typology of technological revolution will be particularly helpful in framing future discussions of cybersecurity both within and outside of international relations. And it can also be deployed to assess future technological developments. As Kello notes, “the distinguishing feature of security affairs in the current epoch is not the existence of a revolution condition but the prospect that it may never end” (257). Cyberweapons are today’s revolution, but tomorrow will surely bring another.

More of a political science perspective.

From Hacker News:

A team of security researchers—which majorly focuses on finding clever ways to get into air-gapped computers by exploiting little-noticed emissions of a computer’s components like light, sound and heat—have published another research showcasing that they can steal data not only from an air gap computer but also from a computer inside a Faraday cage.

Fascinating research for sure. If you happen to be one of the few working in an environment where air-gapping and Faraday cages are common, this highlights that they are not 100% effective in isolation (no pun intended). This is a reminder of the value of good security hygiene, physical and analog and digital, and occasional validation of assumptions.

For the other 99.999% of security professionals, there are more practical and pragmatic risks requiring addressing with a higher return on investment. This is a reminder of the value of good security hygiene, physical and analog and digital, and occasional validation of assumptions.

See what I did there?

See Also:



From Quartz:

Here’s how much time a single American spends on social media and TV in a year:
608 hours on social media
1642 hours on TV
Wow. That’s 2250 hours a year spent on TRASH. If those hours were spent reading instead, you could be reading over 1,000 books a year!

The numbers are compelling. Arguably, even if one reads within one’s own bubble they will be exposed to thoughts and ideas outside of their preconceived notions simply because no one is 100% dogmatic in exactly the same way.

The impetus for the article is this quote from Warren Buffet, very much de rigueur:

Read 500 pages like this every day. That’s how knowledge works. It builds up, like compound interest. All of you can do it, but I guarantee not many of you will…

I’m on board. While it may seem obvious I will say it anyway: You don’t have to read. Audio books are just as good though harder to underline meaningful passages.

My path and recommendation to you, Dear Reader, is a bit different: Reduce the number of books per year but add in reading the capital-N News daily.

I subscribe to and read the New York Times, the Washington Post (JP), the Japan Times (with which I get the New York Times), and the Guardian (JP Weekly). I also read the Atlantic Monthly (JP) and am thinking about picking up the Economist again, which I used to always look forward to reading each week. Yes, I am that cool.

My big change is moving my news consumption to the evening once I arrive home. I find I get too wound up/depressed/angry when I read the News in the morning, thus ruining my day. Tech news, security news, and bits I need for work I read anytime.

Also I make use of podcasts: NPR hourly news update & Up First, NHK English news, the various APM Marketplaces, The CyberWire, the SANS Internet Storm Center Stormcast, The Daily from the New York Times, and the BBC World Service Newshour. I play these at 1.5 speed or faster with the two security podcasts, NPR hourly update, and the NHK news at the top. I start playing it as I leave the office. By the time home and finished with dinner the podcasts have updated me nicely.

I’m in the process of reevaluating my news feeds. The method is much the same as evaluating Cyber Security threat intelligence feeds. Is it:

  • Timely?
  • Accurate?
  • Actionable?
  • Updated?
  • Adding value?

I categorize my information intake in several ways:

  • News
  • Analysis, Editorial & Opinion (most blogs, podcasts, and personal social media feeds)
  • Technical
  • Press releases

With all of this, I find myself overwhelmed with data. Much is redundant and not adding value. Some adds value but isn’t timely. Some opinion is fopped of as news. Branded content permeates.

What sources do you use? How to you consume them? How do you value them?

Cybersecurity in the 2017 National Security Strategy:

The administration should be given relatively high marks for the document’s cybersecurity components—especially for recognizing the breadth of the threat and that it’s going to take more than the help desk to fix it. Admittedly, that’s a pretty low bar. But National Security Strategy documents are not known as documents where big policy innovation occurs. Instead, the best you can usually do is articulate the broad contours of the main threats to national security coupled with some rough themes about what the government will do to make things better. Here, the administration does not isolate “the cyber” to the sidelines; instead, by talking about cyber issues throughout the document, the administration shows an understanding that cyberspace is a critical part to practically every aspect of national security.

(Via Lawfare – Hard National Security Choices)

I haven’t yet had the time to read the National Security Strategy (NSS) for the US, but I have read quite a bit of the analysis (I’m okay with spoilers). The cited post above is one of the most comprehensive I’ve come across.

The two big take-aways are the surprise at the focus on cybersecurity, as talked about in the quote above, and the lack of even a mention about better protecting elections.