• United States



Contributing Writer

Fatal System Error: A MUST read for IT professionals, legislators, and law enforcement

Mar 08, 20103 mins
Cisco SystemsData and Information Security

Book details the risks, sophistication, and threat posed by the massive growth of cybercrime

When I left home for the RSA Conference last Monday, I was already aware of the types of cyber threats we are up against. After speaking with security research leaders from Bluecoat, Symantec, and Trend at RSA, I am even more convinced that we are way behind the enemy and need to react quickly before we are completely overwhelmed.Since one way to drive action is increased cybersecurity visibility and knowledge, I strongly suggest that anyone associated with IT, cybersecurity, privacy, national defense, or law enforcement read the new book, “Fatal System Error,” by Joseph Menn.Now I have absolutely no financial interest in this book, nor do I know the author. In other words, I have nothing personal to gain by this recommendation. My goal here is to educate decision makers and the public at large on just how pervasive and sophisticated the cyber threat landscape has become. Menn’s book demands some level of technical knowledge, but he does a great job of explaining things in a cogent and clear way. The book highlights:1. The evolution of the cyber underground: How crimes and the criminal network developed techniques, skills, and attacks over time. The bad guys are evolving exponentially while the good guys skills and tools follow a logarithmic curve. 2. The challenges faced by law enforcement. The Internet opens criminal activity to dispersed adversaries across the globe. Many operate in nation states that have a vested interest in compromising the economic foundation in the west. In other words we can’t touch most of the bad guys who are openly laughing in our faces. 3. The sophistication of the attacks. The bad guys know who we are, who we trust, and how to exploit us. Think you are protected by law enforcement, banks, and security companies? Think again.My hope is that those who read this book (author’s note: Again, everyone should) become as concerned as I am and demand immediate action. We need things like public awareness campaigns, K through 12 education, information sharing, and global law enforcement agreements, and we need them now. Time is not our ally. Joseph Menn and those that helped him with this book deserve a lot of credit for writing this book. I hope it drives immediate action. If it doesn’t, I’ll join Menn in saying, “I told you so,” to the industrialized world as we struggle to rebuild our digital economy. Many people including DHS believe that the damage from a cyber attack could be much higher than what we experienced from 9/11. We need to act before it is too late.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author