The State of US Cybersecurity: Not So Good Rebekah Mintzer, Corporate Counsel May 30, 2014 | 1 Comments share share by mail share on linkedin Facebook share on twitter share on google+ Share With Email Send Thank you for sharing! Your article was successfully shared with the contacts you provided. print reprints The "2014 U.S. State of Cybercrime Survey" shows that companies are not doing the work needed to prevent the next cybercrime disaster. Sign up for a free digital membership and get great benefits like: Already Registered? Sign In now Unlimited free access to Corporate Counsel and Law Technology News online 5 free articles* every 30 days, from other ALM publications Exclusive discounts on ALM events and products CC Corporate Counsel digital newsletter, plus your choice of more than 30 digital newsletters Access on the device of your choice: smartphone, tablet, or desktop Create Account with LinkedIn Register Now *May exclude premium content VIEW COMMENTS ( 1 ) ADD COMMENT What's being said Sign In Terms & Conditions Don O‘Neill May 30, 2014 Simply put, the situation is dire.The most essential attributes of security are trustworthiness, protection, and resilience. Security is defined as the condition of being protected against danger or loss. Software assurance is the level of confidence that software is free from vulnerabilities. It involves trustworthiness and no exploitable vulnerability, justifiable confidence in predictable execution, and conformance through planned and systematic multidisciplinary activities.Simply put, the goal of Cyber Security is to assure the trustworthiness, security, and resiliency of software components, systems, and systems of systems of all kinds including those used in national defense and the nation’s critical infrastructure. Resiliency is the ability to anticipate, avoid, withstand, mitigate, and recover from the effects of adversity whether natural or manmade under all circumstances of use.Issues surrounding security include:1. The Cyber Security gap between complete correctness and sufficient correctness continues to grow and with it the opportunities for adversarial exploitation. Closing the gap requires behavior computation, the net effect of program operations spanning all possible behaviors where the preferred outcome is full behavior nothing more.2. Cyber Security foundations are lacking; 3. Cyber Security practice is ad hoc, not well understood, and ineffective; 4. Cyber Security training and certification programs do not yield the capability to secure large scale software intensive systems; 5. Research programs are misdirected and promise what they cannot deliver; 6. STEM initiatives cannot deliver results needed; 7. Executives and senior managers are disconnected from the realities they face; 8. Privacy, civil liberties, information sharing liability concerns represent increasing resistance and barriers to achieving Cyber Security. Comments are not moderated. To report offensive comments, click here. Preparing comment abuse report for Article# 1202657217557 Send Thank you! This article's comments will be reviewed.