Who else thinks a “cybersecurity moonshot” is a horrible way to think about security? Getting safely to the moon and back, before 1970, was a discrete goal, against the laws of physics and nature. “Cybersecurity” is a never-ending process vs an intelligent, adaptive adversary.

https://twitter.com/ericgeller/status/1062797348643004416

Here is the technology part of the “moonshot.” It’s all forward-looking “next gen” stuff (5G for security, really?) rather than the basic blocking & tackling we still haven’t figured out. I was on the NSTAC staff with @FireEye and couldn’t have been happier when my time was done.

I imagine the #sonytruthers playing armchair #DFIR investigators will emerge from wherever they’ve been hiding in order to dispute the #DPRK #indictment. My advice: you were wrong in 2014-2015, and you’d still be wrong today. HT ⁦@JohnHultquist⁩ int.nyt.com/data/documenth… Because #attribution is inherently political per @RidT and @BuchananBen, you need more than “hacking” knowledge to assess national policy. Experience w/ #cybersecurity clearly helps, but gov internals, intel agency processes, bureaucracy, trade, diplomacy, LE, are all important.