BLUF: The author argues that active defense requires more nuanced response methodologies against threat actors who have access to nation states’ TTPs, and emphasizes the importance of contextualizing the use of force, especially in relation to attribution.
The limitations of current “best practices” in the context of “cyberwar” against attackers with access to the tactics, techniques, and procedures of nation states are explored in a presentation by the author. The notion of “Active Defense” is discussed and the author argues for a more nuanced approach that is able to be contextualized as a framing of the use of force; the importance of attribution is also discussed, particularly in light of the very specialized and delicate practice of intelligence gathering. Source…