Is it Time for a New Cyber Threat Metaphor?

CTO Bob Gourley wrote an article at about a talk Secretary of Defense Leon Panetta gave at the Symantec conference in DC yesterday.

As [Sec. Panetta] has done before, he chose to invoke a metaphor in his depiction of the threat. He warned of the potential of potentially devastating cyber attacks… attacks that could take down our nation’s power, water, transport and communications infrastructure and bring the nation to its knees. He drew parallels to the devastating paralysis and horrific economic impacts of Hurricane Sandy, warning that a Cyber Pearl Harbor would be much worse.

Gourley’s stance, as he reveals as the article continues, is that continuing to use the term “Cyber Pearl Harbor” in 2014 “makes many in the community think the person saying it is trying to scare them into an over hyped threat, and that then makes them think all cyber security threats are over hyped.” He suggests (to the reader, and to Sec. Panetta) that it would be better to use terms relating to infections, like cyber flu. In his opinion (and also that of his colleagues), this better reflects the type of threats we face now:

Many of my friends are using metaphors that come from life sciences. Most attacks today are ongoing operations that need continuous prevention, treatment and mitigation like an infection.

What do you think? Is it time to retire the phrase “Cyber Pearl Harbor” in favor of a term like “Cyber Flu”? Does that term carry enough weight?

Check out the article – where Winn gets a shout-out for originally coining the phrase – here:

Leave your reply