Accession Number:

AD1107767

Title:

Improving Cybersecurity by Upending Presumptions

Descriptive Note:

Technical Report

Corporate Author:

MITRE CORP MCLEAN VA MCLEAN

Personal Author(s):

Report Date:

2014-08-01

Pagination or Media Count:

2.0

Abstract:

So, what does this mean That we should be on the lookout for the hidden presumptions that shape our decisionsand the resulting allocations of responsibilityabout cybersecurity. Once we spot them, we can determine whether to challenge them. For instance, if we surface the presumption that every participant in the cyber ecosystem can decide when, whether, and with whom to share security information, we can better assess what is gained and lost through such thinking. If we surface the presumption that users have a right to connect to all manner of resources without any validation of their security posture,we can more honestly assess whether other presumptions are more appropriate in a compromised environment. If we surface the presumption that every defender is on his own, and the attackers outnumber him, then we might see very poor odds. And we might decide to change them.

Subject Categories:

  • Computer Systems
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE