One of the greatest failures of both commercial and governmental IT security programs is their tactical and myopic focus on technology at the expense of the larger issues in understanding and mitigating cyber threats. These include organizational, process and people issues.
This dysfunctional situation was noted during a keynote address by the U.S. Air Force's chief information officer, Lt. Gen. Michael Peterson:
"This is our Achilles' heel," he said. "It's not about a denial-of-service attack; it's about the information on the network -- ensuring it's accurate, protected, and available. [But] we're still fighting over what patch to put on."
Lt. General Peterson also tried to put military cyber attacks in a more strategic perspective:
Air Force CIO says cybersecurity federal "Achilles' heel"
"Despite Russia's cyberwarfare tactics against Estonia and Georgia, Peterson said an all-out cyberwar won't happen; instead, cyberattacks will become one of many combat strategies used by adversaries to bring government to its knees.
"It won't be a pure fight," he said. "It will incorporate all domains … The battle is ongoing and these guys are very good."