Today someone questioned if the military needs to be involved in protecting American citizens. My answer is yes, loud and clear, proud and strong.
The corporate world protects only themselves, unless they have a contract to protect you. I’m not sure you understand how the corporate world works, they are de facto capable of protecting themselves but won’t, that costs money. Sure, in a perfect world they have the spare cash to protect themselves, but reality is they don’t have the money to protect everything. They owe it to their investors or their stockholders to make money, not spend it. It is a calculation that they won’t lose money by not investing in proper cybersecurity. It will usually take a very large boot to the teeth and continuing down the throat before they get energized. Good cyber protection is costly and they won’t spend the money until that time to fully protect their own system. We’re not talking about any exchange of information, so far I’ve only discussed an oasis in the desert. Now say, for instance, that a new exploit has been found. We have the wonderful folks at Symantec who earn the big bucks by selling that information via updates and bulletins. Again, that costs money. The problem corporations have with sharing information with another firm or with the government is that this is considered proprietary information which can be used against them. Example: ‘This corporation is not as good as we are, their computer networks were penetrated x amount of times last year, we weren’t penetrated at all’. Also, in many corporate minds, the perception that their corporation is not secure may affect future contracts, they stand to lose millions, if not billions of dollars.