Building a Defensible Cyberspace
On September 28, 2017, the New York Cyber Task Force released a series of recommendations that would help make it easier to defend cyberspace without sacrificing the utility, flexibility, and convenience that has made the Internet so essential to our economies and personal lives.
In its report, entitled “Building a Defensible Cyberspace,” the task force highlights strategies for government, cybersecurity companies, and other IT-dependent organizations.
Among other things the report finds that:
- It is possible to establish a more defensible cyberspace—an Internet where defenders have the advantage over attackers.
- Defending cyberspace will not require a “Cyber Manhattan Project.” Security professionals have developed effective strategies in the past, and with the right kind of innovations defenders will once again enjoy the advantage.
- Improvements may come from unexpected places and rely on unglamorous strategies.
- The best options use leverage—innovations across technology, operational, and policy that grant the greatest advantage to the defender over attackers at the least cost and greatest scale.
The New York Cyber Task Force included about 30 senior-level experts from New York City and elsewhere, counting among its members executives in finance and cybersecurity, former government officials, and leading academics. The group’s co-chairs are Phil Venables of Goldman Sachs, Greg Rattray of JP Morgan Chase, and Merit E. Janow, the dean of Columbia University’s School of International and Public Affairs, which organized the task force.
Other contributors included Katheryn Rosen of the Atlantic Council, Neal Pollard of PwC, Dmitri Alperovitch of Crowdstrike, Melody Hildebrandt of 21st Century Fox, David Lashway of Baker McKenzie, Elena Kvochko of Barclays, John Carlson of the FS-ISAC, Ed Amoroso of TAG Global (and former CSO of AT&T), and Columbia University scholars Steven M. Bellovin, Arthur M. Langer, and Matthew Waxman.
Full report (e-reader version)