Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Scaled Back Cybersecuruty

  • From: sgorman1
  • Date: Tue Jan 14 16:39:41 2003

That is the rub.  Kind of like targeting treatment for AIDS to those
with the most sexual partners - it helps solves the problem but is it
worth rewarding irresponsible behaviour.  Although not the best analogy,
especially since in this case the worst offenders are fortuantely not
the best connected.  Still think that at some point you need to deal
with raising the lowest common denominator.

That said it would be good to see something concrete being done like the
RFP inclusions.  The incentive though should be greater than what is
gained by ignoring security currently.

Is the government willing to provide enough incentive to change the
market place?  If RFP's alone can't do it what else could be tried?

----- Original Message -----
From: Avi Freedman <freedman@freedman.net>
Date: Tuesday, January 14, 2003 9:06 pm
Subject: Re: Scaled Back Cybersecuruty

> 
> In article <103014.1607.23062@avi.netaxs.com> you wrote:
> 
> : Seems to be a case of prisoners dilema.  The security of any one 
> network: is to some extent at the mercy of all other connected 
> networks.  The
> : overall security of the network is only as strong as it's 
> weakest link.
> :  In a highly competitive market place there is going to be little
> : incentive to invest in security if it will just be compromised 
> by your
> : cost cutting competitors.  
> 
> Yes, but:
> 
> - Shouldn't we encourage our tax $ go with preference towards good
>  network citizens?
> 
> - If only a few of the larger networks started implementing better
>  practices that engineering groups can't get funded today, we're
>  still getting better off.
> 
> - Starting at the core, which is who the Feds buy the most IP from,
>  still makes life a lot simpler if and when we get the "big one"
>  in terms of cyber-attack.
> 
> I think this is probably better for a BOF (maybe even the security
> BOF) discussion, though...
> 
> Avi
> 
> 
> 





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.