Two hikers see a bear. One bends over to tie shoes. Other says, you can’t out-run a bear. First says, just need to out-run you. Pause laughter.
OK, this is the subject of a long running gag, but the lesson is sound. You don’t need to be perfect to be successful. Perfect is the enemy of good enough.
To bring this back to Cyber Security. Let’s talk about consequences. Ransomware. Its very successful, it extracts $10’s of thousands of dollars from a lot of companies. And, this amount is too small to be worth it for law enforcement to deal with the hassle of international communication and warrants etc. So, there are no (not much) consequences for the bad actors.
Now here’s a little anecdote for you. A large percentage of the worlds malware will not activate if the computer has the Russian language installed. Why? presumably since the miscreants are based there and don’t want to face the wrath of local authorities.
So, if we wanted to protect our country (in my case Canada), we can go down the path of hardening everything, training, etc. And its a good path. But what about another complementary idea? What if we made it a zero-tolerance zone for cyber crime? Even if the cost of policing was very high? We would make the country as a whole less appetising. If the RCMP would investigate and prosecute every cyber crime, from $1 upwards, no quarter given. It would take a lot of funding, but it would mean there was systematically consequences in Canada for cyber crime, regardless of jurisdiction, regardless of how long it took for the long arm of the law to arrive.
This approach would tilt the playing field. Canada would become the slightly faster runner. Sure the bear would still feast on the slower runners, sure the bear could still theoretically catch us, but, well, we would be quite a bit less appetising.
I’ll leave you with this link.