Ars Technica quotes Cyber Statecraft Initiative Director Jason Healey on the need for a comprehensive strategy for the security community for fighting cyber threats:
US government policy has not helped the situation. Critics hold that the National Security Agency’s undermining of encryption and acquisition of zero-day vulnerabilities had for years been quietly undermining the security of systems used by much of the world, making them more vulnerable to state-sponsored or more sophisticated criminal attacks. Healey is a former NSA signals intelligence officer, and even he agrees with that assessment.
“Starting from Stuxnet and carried all the way through Snowden, is this really what we want to be doing if we want to get defense better than offense?” he said.
Healey faults former NSA Director Gen. Kenneth Alexander for being driven by tactics and not by strategy. “Alexander was good at immediate, incremental decisions, but not good at pulling back. [Former NSA Director Michael] Hayden is of the same mind on this. He looks at it like the pointillist painters—each dot looks right, but we’re not good at pulling back and seeing the entire painting.”