Developing Information SuperiorityGaining an Information Advantage to Counter the Cyber-Threat
The Defense Department defines information superiority as the ability to develop and use information in a advantageous way that denies an adversary the same capability.
Serwin, in an interview with Information Security Media Group, says the doctrine facilitates a defense against asymmetric threats in which the weaker attacker exploits information it knows about the targeted enterprise to cause damage such as pilfering trade secrets.
"A corporate executive's job is to make decisions, and the best way to make good decisions is to have the right information at the right time," Serwin says. "Information superiority will let you do that whether you're making a decision on how to increase profit or more importantly ... how to increase IT security."
In the interview, Serwin:
- Analyzes President Obama's cybersecurity executive order that promotes cyber-threat information sharing between the government and industry [see Obama Issues Cybersecurity Executive Order];
- Assesses the Cyber Intelligence Sharing and Protection Act, a bill known as CISPA that's been introduced in the House of Representatives [see Is Compromise in Offing for CISPA?];
- Opines on whether voluntary cybersecurity standards to be developed jointly by the government and industry under the executive order could morph into regulations.
Serwin also serves as the executive director of the Lares Institute, a think tank that focuses on technology, privacy and information governance, and is a partner and founding chair of the privacy, security and information management practice at the law firm of Folrey & Lardner.
A graduate of the University of San Diego Law School, Serwin earned a bachelor of arts degree in political science from the University of California at San Diego. He is a member of the California, New York and District of Columbia bar.