re: Should CIOs Hire Cyber Pinkertons?
The strategy of "The best defense is a good offense" doesn't seem to apply in cyberspace.
If someone DDoSes your organization, do you DDoS them back? Is that an effective use of resources? Find me an accounting organization that would sign off on that sort of thing, doubt one exists.
The biggest problem with cyberdefense is that the greatest defense in the world can be defeated with something as simple as social engineering - how does one defend against social engineering attacks in an ironclad way? Remove the man from the control loop? Ever seen War Games?
You also run into the differences in national laws as a stumbling block to being able to fight back. Laws in the US are different from those in, say, France, Botswana or Tajikistan - but each one is connected and has systems that either can or have been compromised and can be used in a cyber attack.
The ability to route attacks through different countries is a hinderance as well - what laws apply when you're a company in the US and you are being attacked by packets that are getting routed through France, Botswana and Tajikistan? Where's the jurisdiction of record? What's considered an act of war may not be an act of war in another jurisdiction.
It's going to get messy and muddy - clarity will come when dissecting the first major multi-national cyber conflict. We can only hope that those writing the history know what the truth really is.