Lessons learned from US agents who operate in enemy territory have been captured for years and transformed into a code of conduct popularly known as “Moscow Rules.” Those old rules existed for a reason. Real-world experience proved their effectiveness when agents had to operate in the presence of adversaries.
Since modern cyber defenders are also frequently required to operate in the presence of adversaries there are lessons from these old Moscow Rules relevant to cyber defense.
With that as an introduction, the following is a modified list of the old Moscow Rules designed to help the cyber defender under fire.
Consider these as “Moscow Rules for Cyber Operations”
I like this one: