I thought this brief question-and-answer session, Richard Clarke: Preparing For A Future Cyberwar by Kim S. Nash extracted the essence of advanced persistent threat problems and how to address them. I'd like to publish the whole article, but instead I'll highlight my favorite sections:
Nash: How can the federal government protect companies?
Clarke: Do more. As a matter of law and policy, the federal government should actively counter industrial espionage.
Most U.S. government counterintelligence operations are focused on intelligence against the government, not companies, and most of those are focused on spies. It's a very 20th-century approach.
Until someone makes law or policy changes that say the U.S. Cyber Command can defend AT&T or Bank of America, it doesn't have the legal authority to do that. I think it should. The government also has to explain the threat to corporations.
Clarke: Until CEOs and boards of directors are faced with black-and-white evidence that they have lost a terabyte of information and that this has resulted in some other company beating them to market, until they have their noses rubbed in it, they're reluctant to do anything special...
Often, the CIO really needs board-level commitment and CEO commitment, not just of resources but to policies necessary for protection. Most of the time, all people want the CIO to do is keep the network up and costs down. As a result, many CIOs have been hired for their expertise in those areas, not for expertise in figuring out how to make a resilient network that resists attack.
Clarke: It should be the federal government's responsibility to tell companies not only when they've been attacked but when others have been, such as their competitors, so they realize this sort of thing is going on...
[S]ometimes companies don't know they've been hacked. But frequently they realize after the fact. You don't know you've lost information until a knockoff of your product or some competing products start showing up in the marketplace.
I agree with all of these sentiments.
Incidentally I started read the library copy of Cyber War but decided I needed to take notes in the margins. So, I bought a copy from Amazon.com. I plan to finish it and review it by the end of the month.