Change and speed: these two words pervade technology discussions, especially when cybersecurity is involved. Defense and national leaders frequently defend their policies, and suggest new policies, by invoking these terms. However, it may not be necessary to embark upon another government or private effort to determine how to “secure cyberspace” through technological means. The early days of computer security have much to teach modern practitioners and policymakers.
This paper proposes that the early computer security literature offers rich lessons for digital defenders of all ages. Although the technology used by friends and foes alike continues to evolve at a blistering pace, the manner in which defensive tools can be leveraged has not dramatically changed. Electrons may move at “network speed,” but adversaries continue to conduct significant malicious activity at human speed.
A focus on monitoring to enable rapid detection and response, identified in the 1970s, 1980s and 1990s continues to be relevant in the 2010s and will likely continue into the next decade. Digital defenders would benefit from learning about and adopting a strategic security program that tightly links tactics and tools with program goals, strategy and campaigns.