TY - GEN
T1 - Cultivating a cyber counterintelligence maturity model
AU - Jaquire, Victor
AU - Von Solms, Sebastiaan
PY - 2017
Y1 - 2017
N2 - Just as the utilisation of cyberspace became more mainstream, intricate and advanced during the past decade, so did the intricacy and advancement of threats mature-paralleling the conveniences and essentials that cyberspace provide. It is now vigorously recognised that traditional approaches to cyber defence have become deficient [Heckman et al, 2012]. The respected solutions that we loyally hanged on to throughout the decades, trusting them to defend our environments are no longer sufficient. Unyielding breaches and cyber-attacks are relentlessly intensifying and becoming the order of the day [PWC, 2015]. Farchi [2016] argues that "Staying vulnerable while waiting for a security patch from your software vendor is an anachronistic method that won't survive this new world". This notion corresponds with Bodmer [2012] who stresses that "Just as intelligence organisations are tracking the activities of terrorist cells trying to stop them before they take action, going after the malicious attackers before they are able to commit attacks is the desired approach". This article flows from, and builds on previous discussions and publications with regard to the concept of a maturity model for cyber counterintelligence (CCI). It aims to also resonate with and add to previous publications and maturing debates through the proposition of cultivating and implementing such model. It explores the notion of a CCI maturity model and argues that cybersecurity can be intensified-and will be more effective when incorporating a dedicated focus on defensive, offensive, passive and active measures in a multi-disciplinary and integrated CCI approach. The article provides a brief look at the benefits that the implementation of such a model hold for both government and the private sector. It deliberates on the need for cyber counterintelligence (CCI) practices in conjunction with traditional defensive and/or offensive cyber measures within both government and the private sector (business). It also discusses the ideal for the establishment of such a maturity model that can be customised, in a similar way, for organisations (public and private sector), and crowns in discussions on implementation and control.
AB - Just as the utilisation of cyberspace became more mainstream, intricate and advanced during the past decade, so did the intricacy and advancement of threats mature-paralleling the conveniences and essentials that cyberspace provide. It is now vigorously recognised that traditional approaches to cyber defence have become deficient [Heckman et al, 2012]. The respected solutions that we loyally hanged on to throughout the decades, trusting them to defend our environments are no longer sufficient. Unyielding breaches and cyber-attacks are relentlessly intensifying and becoming the order of the day [PWC, 2015]. Farchi [2016] argues that "Staying vulnerable while waiting for a security patch from your software vendor is an anachronistic method that won't survive this new world". This notion corresponds with Bodmer [2012] who stresses that "Just as intelligence organisations are tracking the activities of terrorist cells trying to stop them before they take action, going after the malicious attackers before they are able to commit attacks is the desired approach". This article flows from, and builds on previous discussions and publications with regard to the concept of a maturity model for cyber counterintelligence (CCI). It aims to also resonate with and add to previous publications and maturing debates through the proposition of cultivating and implementing such model. It explores the notion of a CCI maturity model and argues that cybersecurity can be intensified-and will be more effective when incorporating a dedicated focus on defensive, offensive, passive and active measures in a multi-disciplinary and integrated CCI approach. The article provides a brief look at the benefits that the implementation of such a model hold for both government and the private sector. It deliberates on the need for cyber counterintelligence (CCI) practices in conjunction with traditional defensive and/or offensive cyber measures within both government and the private sector (business). It also discusses the ideal for the establishment of such a maturity model that can be customised, in a similar way, for organisations (public and private sector), and crowns in discussions on implementation and control.
KW - Cyber counterintelligence
KW - Cyber counterintelligence levels
KW - Cyber counterintelligence maturity
KW - Cyber threat intelligence
KW - Defensive and offensive cybersecurity
UR - http://www.scopus.com/inward/record.url?scp=85027972405&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85027972405
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 176
EP - 183
BT - Proceedings of the 16th European Conference on Cyber Warfare and Security, ECCWS 2017
A2 - Scanlon, Mark
A2 - Le-Khac, Nhien-An
PB - Curran Associates Inc.
T2 - 16th European Conference on Cyber Warfare and Security, ECCWS 2017
Y2 - 29 June 2017 through 30 June 2017
ER -