With so much attention given to the topic of cybersecurity, it is no wonder that our staff paid particular attention to the presentation, papers, and demonstrations at the recently held Black Hat-DefCon Conference from July 30th to August 1st, 2010. A particular case in point was the presentation and discussion by Sam Browne about the topic of IPv6 – the Internet Protocol version 6.
Our staff believes that this presentation should make all of us even more uneasy about the current state of cybersecurity – hopefully enough to spur more of us into action so as to better address both the current and ongoing vulnerabilities related to cybersecurity.
For those of us who are not as familiar with the topic of IPv6, perhaps a little background may be in order….
The transition to IPv6 is necessary to deal with the growing exhaustion of IPv4 addresses. The older protocol, which is based on a 32-bit addressing system, yields about four billion unique numbers, fewer than the seven billion humans who populate the planet. At the current usage rate, the allocation of free addresses could be used up by June of next year, according to some estimates. IPv6, by contrast, is a 128-bit scheme that allows for over 3.4×1038 addresses, which ought to keep the world going for quite some time.
Given that supposition of why it is necessary to move to IPv6, you would expect that more people would be all over this topic … and especially since Mr. Browne’s presentation offers some scary thoughts to consider and some “what-if” scenarios of risk mitigation that IT security and information security specialists might want to have on their “to-do” lists — sooner rather than later.
Click here to read a recent posting on this topic by the Homeland Security News Wire website, and be sure to view the link to the slides presented by Mr. Browne in his presentation.
We would like to thank the Homeland Security News Wire for bringing our attention to this cyber security topic of interest to organizations both large and small.
And please pass this information along to those information security management, risk assessment, risk analysis, enterprise risk management, and business impact analysis team members in your organization. Also, if your organization is working on its private sector preparedness and readiness level, perhaps those PS-Prep team members should also include this topic in their reading libraries and potential future agenda listings.