Microsoft asks government to stay out of its cyber attack response in Australia

I can see what Microsoft are driving at with their statement. My initial reaction was 100% agreement. Then I thought of all those hospital-based shows (especially ER) where the attending physician gives a running commentary so that the other staff can learn and comment, and I remembered my own advanced driving training where you have to provide a running commentary whilst driving. Explaining what you’re doing whilst doing it initially makes life difficult but actually forces a more thoughtful, rational approach to.a problem. Now I’m not quite so sure about Microsoft’s statement…:

Having already highlighted concerns with the Bill before it entered Parliament, Microsoft in its submission [PDF] to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) has reiterated its belief that governmental intervention undermines the objectives of the proposed legislation.

“Microsoft has significant concerns about this authority …  we believe that a policy allowing for direct governmental intervention would undermine the government’s objectives of defence and recovery,” it wrote.

“Rather, in many cases, it is the individual organisations themselves, and not the government, that are best positioned to determine how to appropriately respond to and mitigate the impact of cyber incidents.

“It would take a preclusive amount of time for the government to come into a live incident, properly understand the fact pattern, the technologies in play and the challenges of any decisions, and then be able to direct an appropriate response.”

According to Microsoft, this contributes to what military strategists have referred to as the “Fog of War”.

It’s a concept that has been applied to cyber incident responses, where additional risk is introduced during the initial phases of an ongoing crisis because the ability of subject matter experts and network defenders to adequately respond is hampered by an onslaught of information requests, speculation, and well-intended ideas from individuals or organisations when the malicious activity is yet to be fully understood by anyone.

Original article