The US military really likes the Internet—and wants to keep it clean. The Department of Defense yesterday released its “Strategy for Operating in Cyberspace" (PDF), which opens by noting that “it is difficult to overstate this reliance” on the Internet. But to keep the Internet both useful and secure, the Department of Defense is calling for a system of “good cyber hygiene.”
“Most vulnerabilities of and malicious acts against DOD systems can be addressed through good cyber hygiene. Cyber hygiene must be practiced by everyone at all times; it is just as important for individuals to be focused on protecting themselves as it is to keep security software and operating systems up to date… People are the department's first line of defense in sustaining good cyber hygiene and reducing insider threats.”
The document is filled with general, sweeping statements about how military IT needs to get faster, leaner, and more like the private sector. What the military needs to avoid is slow, bulky system of cyberdefenses—useless in an age of nimble hackers. Deputy Defense Secretary William J. Lynn III said in a speech yesterday that the military needs to avoid bringing a “Maginot Line” mentality to cyber defense. "You want to be able to hunt on your own networks, to find things that get past the perimeter," he said. "It’s a more dynamic approach to defense."
http://arstechnica.com/tech-policy/news/2011/07/us-military-strategy-halt-hackers-through-better-cyber-hygiene.arshttp://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/DoD_Strategy_for_Operating_in_Cyberspace_July_2011.pdf