MANDIANT Webinar Friday

Join me and Lucas Zaichkowsky on Friday at 2 pm eastern as we talk about what happened at our annual MANDIANT conference, MIRCon! Registration is free and I expect you'll enjoy the discussion! We plan to review what we saw and heard, and how those lessons will help your security program. Tw...

Read More

Review of America the Vulnerable Posted

Amazon.com just posted my five star review of America the Vulnerable by Joel Brenner. I reproduce the review in its entirety below.I've added bold in some places to emphasize certain areas.America the Vulnerable (ATV) is one of the best "big picture" books I've read in a long while. The author is a former NSA senior counsel and inspector general, and was the National Counterintelligence Executive (NCIX). In these roles he could "watch the fireworks"...

Read More

Republican Presidential Candidates on China

(Photo: Business Insider)This is not a political blog, so I'm not here to endorse candidates. However, I do want to point out another example of high-level policymakers discussing ongoing activities by China against the US and other developed economies.First, the Washington Post published an editorial by Mitt Romney which included the following:China seeks advantage through systematic exploitation of other economies. It misappropriates intellectual...

Read More

Bejtlich in "The expanding cyber industrial complex"

Christopher Booker interviewed me and several other policy-oriented security people for his video Financial Times story The expanding cyber industrial complex. This was a different experience for me for two reasons. First, Christopher conducted the interviews via Skype. Second, you can see what appear to be the home offices of several of the contributors, including me.One technical note on the video: I had some trouble getting it to play. To...

Read More

Computer Incident Response Team Organizational Survey, 2011

Today at MIRCon I mentioned that one of my colleagues, Jeff Yeutter, had updated the somewhat famous CERT/CC study of CIRT characteristics as part of his degree program. Jeff posted the survey online as Computer Incident Response Team Organizational Survey, 2011 with this description:In 2003, the CERT CSIRT Development Team (www.CERT.org) released a study on the state of international computer security incident response teams with the goal of providing...

Read More

Interview with One of My Three Wise Men

Tony Sager from the NSA is one of my Three Wise Men. (Dan Geer and Ross Anderson are the other two.) Eric Parizo from SearchSecurity.com interviewed Tony this week and posted the video online. Tony notes that the escalation in threat activity during the last few years is real. He is in a position to know, given he has worked at NSA since the 1970s. Tony says the threat activity is getting people's attention now, especially at more senior levels...

Read More

Russia v China -- Sound Familiar?

Thanks to a source who wishes to remain anonymous, I read Chinese spy mania sweeps the world, an article not from a Western publication. Rather, it's from Voice of Russia. Does any of this sound familiar?[T]his is the most powerful secret service based on the principle of attracting all ethnic Chinese, wherever they may live. An adherent of the “total espionage” strategy, Beijing even encourages emigration in the hope that its citizens will remain...

Read More

It's All About the Engines

(Photo credit: AINOnline)I just read Big New Chinese Order for Russian Fighter Engines at China Defense Blog, which quoted AINOnline:China has placed additional orders for Russian AL-31-series fighter engines. State arms trade agency Rosoboronexport clinched two big contracts earlier this year...To serve them, Salut has established partnerships with Limin Corp. and Tyan Li company in Chengdu on deliveries and manufacturing of spare parts for both...

Read More

House Cybersecurity Task Force Report Released

The House Cybersecurity Task Force released its report (.pdf) today. NextGov offers a good summary in their story House GOP Cyber Task Force Touts Industry Leadership by Jessica Herrera-Flanigan.The report includes the following recommendation:Companies, including Internet Service Providers (ISPs) and security and software vendors, are already conducting active operations to mitigate cybersecurity attacks. However, these are largely done independently...

Read More

C-SPAN Posts Video of Tuesday Hearing

You can now access video of Tuesday's House Select Committee on Intelligence Hearing on Cybersecurity at C-SPAN.Some people are already asking "what's new" about this. For me, what's new is that the chairman of the HPSCI is pointing his finger straight at the threat, and letting the world know in an open hearing that the adversary's actions are unacceptable and will not be tolerated. This is exactly the sort of attention and action that the threat...

Read More

Inside a Congressional Hearing on Digital Threats

Today I was fortunate to attend a hearing of the US House Permanent Select Committee on Intelligence (HPSCI). That's me on the far left of the photo, seated behind our MANDIANT CEO Kevin Mandia. I'd like to share a few thoughts on the experience.First, I was impressed by the attitudes of all those involved with HPSCI, from the staffers to the Representatives themselves. They were all courteous and wanted to hear the opinions of Kevin and the other...

Read More