And this is why…
I am debating the denial of these attacks so vigorously. This is why I’m looking at the research conducted by NIST since the attacks occurred, because you are 100% correct that the discussion NEEDS to SHIFT to “how do we protect ourselves from this going forward.”
Trouble is, when people deny the facts there’s a grinding halt in efforts to correct the problem, to find real solutions and in order to be able to shift the discussion where it needs to go, we must first establish facts regarding the nature of the problem we need to solve.
Consider the “beliefs” that climate change isn’t real, that we don’t have a law enforcement brutality issue or a racism problem. Consider how much obstruction we are constantly having to overcome when we present solutions to any one of those issues because people simply choose to believe contrary to the facts.
This is no different than any of those other issues. Things are going to become more dangerous the more we ignore this problem. The IoT increases our vulnerabilities 10 fold every single day. I am getting to a point of exhaustion regarding the deniers and their incessant interference in our national security.
We had a hostile government sanction a massive spearphishing program in which that state exfiltrated our data in a breech that was unprecedented! This is where modern warfare is headed. It makes me literally ill to deal with people hellbent on arguing against KNOWN facts for keyboard jockey points.
This shit is serious and grown folks need to take over.
I think we have a couple options going forward:
- Respond to inaccurate statements with a canned binder of documentation which demonstrates that despite the LaLa land Caitlin and others are engaging in with regard to this issue, there are established facts of the matter.
- Respond to continued attempts to engage in debate regarding whether or not these assessments have been verified to an appropriate level of certainty such that we best get to work blocking future attacks by asking the following questions:
- What are you doing to prevent unknowingly exposing yourself to infosec related vulnerabilities?
- Would you consider using a bank to conduct your personal financial business with a company which denies the prevalence of InfoSec Warfare in which certain countries have begun engaging?
- Do you believe that if you don’t think Russia hacked into our system in an effort to interfere with the 2016 Election that somehow protects you from InfoSec Warfare?
And, finally state directly and clearly that I am in all ways uninterested in dealing with people who are so fragile over the existence of a problem that the only thing they are capable of is crying that there isn’t one to protect their little baby egos from getting bruised; but if they want to discuss solutions, I’m all for it.
You’re so right, though, applying energy to help the deniers see is not going to go anywhere but in a circle.
Fuck em. And thank you, Jason Stelzner!