This past weekend, Splunk sponsored the 2012 National Collegiate Cyber Defense Competition http://www.splunk.com/view/SP-CAAAGXF , a competition aimed at helping undergraduate students master the craft of cyber-security so that they hit the ground running when they graduate.
Over this same weekend, I had the chance to visit a decommissioned Nike missile site in the Marin Headlands. The site was staffed by retired volunteers who were active army personnel on-site when it stood ready to deploy nuclear warheads mounted on supersonic missiles. As someone who went to high school during the early 1980’s, seeing cold-war era hardware and procedures in action was spooky and fascinating. A small group of us rode the missile platform down and got a brief history lesson from our guide. The volunteer talked about the extensive security measures and processes that surrounded any installation that housed nuclear weapons, and that perhaps the most effective indicator of success of these installations was that no nuclear weapons were launched toward the US during the cold war. Someone from the crowd asked “If these missiles were here for deterrent purposes, and are now fully decommissioned, what is our current strategy for deterrence?” The guide responded: “After the first round is absorbed, we figure out who launched it and go after them”. The crowd got a little quiet as this sunk in.
At some level, deterrence during the cold war was really about information – signaling to the other side that we could in fact respond to any offensive action in such a way as to make offensive action pointless.
I don’t know what the future holds, but I certainly hope that our cyber security education yields similar results: those parties interested in disrupting nations or economies through information warfare will find themselves up against enthusiastic, creative, and well-trained cyber security professionals… and choose some other pursuit instead.