Re: [Smart] When we say 'cyber'...

Bret Jordan <> Fri, 19 October 2018 17:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 14579130E5F for <>; Fri, 19 Oct 2018 10:01:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id BiJitxYKiTCf for <>; Fri, 19 Oct 2018 10:01:01 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::c36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A656E130DC3 for <>; Fri, 19 Oct 2018 10:01:01 -0700 (PDT)
Received: by with SMTP id v198-v6so13441275ywg.12 for <>; Fri, 19 Oct 2018 10:01:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=zBviQe347nc3F1v3FMLTQqhVMksm23PpoTms1J73Q0I=; b=B+lYxQ4jytyhUFU72DtENy9If2sMkt8pXLaBxSBitqY0dwN/zjYhCWFmtJka7eAvM+ HhkCfoYB+z2nlAlCncDbMkXONlwaArT/mLZTpOU8F83PCwhjnQpW02yVvB/Ktr99HOGF dkFfrwK9s9DN1Xq+ZCM4XYtOWSDlq5ad1ebIp2k/ib/4VYSQhq7vDhU42okqPuYljG1R 7CrKi5M+AJkNBz9fBaM7TaHwvO2hSCl2oWqOI2XoJqLdnS9QM5W43FRdu8mDCBIwz0h8 FHGxrgXSZcH5HJGhaFn+u63+UmtImJbd1w8bcCp833eOIkk1g7H3px2RYxbDi/7YHAhR avcw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=zBviQe347nc3F1v3FMLTQqhVMksm23PpoTms1J73Q0I=; b=Z8BTchmxpP2u5Dv08+qcONNveFM/yB9CQX4blevs/35gBDD+PJoAuT1ghXdzZbVBK7 GngUvnaS++RBblRduLbXEUCodxCIrkfUEOpiRV+QuN2M/z1h9chDM9nVurG1h5hJDzUh euER+pxAxp5dt17avUWTYmUt9+ix8GX5bYYSGdtbpuNixqwsQDkG9RICTI6NXAqEJyUp Km0aqRl7XQumAm/vGIMTSKy8C2Vk96xWU64RH6t6xTeAL8HB6sjIfEnLCL+q2GhotmIz BF9XPlwfaxvgEkL0mGsAPqaCo1mWprMzmb1W1t0utVFQArIYjW71+tucEqRTQG+/0q+I oH3g==
X-Gm-Message-State: ABuFfoi8oOJbQeW2pUIVRgMvqkI/hQp4+eqcIDhnVK0AwgIECs53dKSq PsYWzwho9O0qY4OjVAHLOR79tQbw
X-Google-Smtp-Source: ACcGV60EevWRu1XyTtuLfQzb2iA14gBKlYkrdTzz9SucyBGAc0+NH+JWJhH0adQaFXiUgw1moFYuDQ==
X-Received: by 2002:a81:ed8:: with SMTP id 207-v6mr22475868ywo.425.1539968460751; Fri, 19 Oct 2018 10:01:00 -0700 (PDT)
Received: from ?IPv6:2605:a601:3260:266:9533:617a:5246:60f5? ([2605:a601:3260:266:9533:617a:5246:60f5]) by with ESMTPSA id o131-v6sm6057035ywb.107.2018. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Oct 2018 10:00:59 -0700 (PDT)
From: Bret Jordan <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5E799426-D965-4F97-BC35-27DF5714B6E2"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Fri, 19 Oct 2018 11:00:17 -0600
References: <LOXP123MB14168BB24E88B846C5055842D3EA0@LOXP123MB1416.GBRP123.PROD.OUTLOOK.COM> <>
To: Olaf Kolkman <>, "" <>
In-Reply-To: <>
Message-Id: <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [Smart] When we say 'cyber'...
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Oct 2018 17:01:04 -0000

Olaf, et al.,

I do not discount that there is some vagueness within and across some groups when they use the term Cyber Security or Cyber Defense.  I get it.  But we also know that it is highly used and generally well understood and accepted in the industry. In fact, NIST has produced a very popular and widely deployed framework called the “Cybersecurity Framework” [1].  ENISA also uses this term throughout their policy and strategy documents [2]. The ITU uses it [3] and nearly every Fortune 2000 company uses it.  It seems like not using it here is just swimming up stream. 

What we do know for sure, is that Cyber Security references a concept that is more than just:

1) Data Security 
2) Information Security
3) Physical Security in relation to electronic assets
4) Network Security
5) Server and System Security
6) Host based Security
7) Endpoint Security
8) Protocol Security

Perhaps one of the line items of this research group should be to come up with a great definition of Cyber Security and Cyber Defense that can be accepted by the IETF / IRTF. Or we could just use one of the NIST / ENISA / UK NCSC / ITU etc. definitions.  There is a good blog post (though it could be better) at: <> that everyone should read.

[1] <>
[2] <>
[3] <>

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Oct 19, 2018, at 5:58 AM, Olaf Kolkman <> wrote:
> Hello all,
> I am normally lurking on this list but I would personally stay somewhat at arms length from ‘cyber defence’. There is a delta in understanding between how technologists, policy makers, and diplomates use and understand the term cyber security and in my experience the delta may be bigger for the words cyber defence.
> —Olaf Kolkman
> On 4 Oct 2018, at 17:44, Mark O wrote: