On 6/22/10 4:00 PM, Haroon Meer wrote: > Hi.. > Howdy! > Would have considered it slightly off-list-topic, but the current > thread seems to allow it in :> > It's Gary's fault! (we can blame him since he's on vacation:)
> My slides from the 2010 Conference on Cyber Conflict are now online at > [http://blog.thinkst.com/2010/06/conference-on-cyber-conflict-slides.html] > An interesting presentation, consistent with others I've seen on the topic. The problem around the "cyberwar" (or "cyber conflict") stuff is definitional. We need to be extremely careful using the word "war" as it tends to have very specific connotations. You also get into issues about defining what is or isn't "critical infrastructure" and the degree of direct responsibility the government should own for responding to, or coordinating response to, a major incident. Putting it in context for this list, one extreme could say that everything considered "critical infrastructure" could be subject from direct government oversight, including requirements for appsec and secure coding, complete with DoD/comparable testing, C&A, etc. fwiw. -ben -- Benjamin Tomhave, MS, CISSP tomh...@secureconsulting.net Blog: http://www.secureconsulting.net/ Twitter: http://twitter.com/falconsview LI: http://www.linkedin.com/in/btomhave [ Random Quote: ] "Confidence is contagious. So is lack of confidence." Vince Lombardi _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
