“In IT security, offensive problems are technical – but most defensive problems are political and organisational.” — Halvar Flake AKA Thomas Dullien
“We do not have a cybersecurity problem. We have a nation state problem.” — Dmitry Alperovitch
“Our choice is no longer between government regulation and no government regulation, but between smart government regulation and ill-advised government regulation.” — Bruce Schneier
The first rule of a national cyber shield is that there’s no cyber shield. There are no borders, fortresses or moats to be breached. It actually works a bit like the immune system. National cyber shields are situational awareness platforms operating at scale, but with an explicit political mandate.
Continue reading “What does a ‘national cyber shield’ look like?”
I’m breaking two of my own rules for this post: I’m getting a wee bit personal and expressing outrage. For talk is cheap and outrage comes wholesale over the net.
The Centre for Internet & Society has just released the policy brief, “Leveraging the Coordinated Vulnerability Disclosure Process to Improve the State of Information Security in India.”
Continue reading “CIS’s Coordinated Vulnerability Disclosure paper is a load of bull”
So, the think tank SOFWERX is backed by the US Special Operations Command. It organised, what could possibly be, the best event on cyber-enabled information warfare, influence operations and disinformation, ever — Radical Speaker Series: Countering Weaponized Information. It’s amazing that tacticians of the USSOCOM are thinking at that level!
I documented most of the conference videos in a Twitter thread, which is pasted below as a single article.👇 Also, here’s the Thread Reader link of the same coalesced thread.
Continue reading “The most radical event on cyber-enabled information warfare, ever”
I have frequently told enfant terrible Anand Venkatanarayanan that his ilk of tech activists would keep on skimming the surface until they fight a crypto-war. That they are not battle-hardened yet.
The time has now come for them to (wo)man up: Govt moves to access and trace all ‘unlawful’ content online.
Continue reading “India’s second crypto-war should begin now”
My opinion piece for The Tribune, briefly mentioning my investigation of the Iranian disinformation network targeting India. These articles are my regular outreach and appeal to the public. The details of the investigation are available at: Planet-scale influence operation strikes at the heart of polarised Indian polity.
Continue reading “There is continual war in cyberspace – The Tribune”
Even ten years ago, as we bootstrapped cyber operations in the government, a subtle tension always brewed when it came to contractors.
I belonged to an archaic school of thought believing that such capabilities need to be internally fostered. As Dave Aitel rightly says: you build competencies [over generations] rather than tools. Continue reading “Why I should not be talking about an Indian cyber mercenary”