1 / 12

THE INFORMATION WARFARE THREAT AND THE ROLE OF THE PRIVATE SECTOR

THE INFORMATION WARFARE THREAT AND THE ROLE OF THE PRIVATE SECTOR. Bruce Berkowitz September 19, 2000. THE INFORMATION WARFARE THREAT -- WHAT IS IT?. Objectives: Deception Exploitation Denial Destruction

glen
Télécharger la présentation

THE INFORMATION WARFARE THREAT AND THE ROLE OF THE PRIVATE SECTOR

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. THE INFORMATION WARFARE THREAT AND THE ROLE OF THE PRIVATE SECTOR Bruce Berkowitz September 19, 2000

  2. THE INFORMATION WARFARE THREAT -- WHAT IS IT? • Objectives: • Deception • Exploitation • Denial • Destruction • IW Includes A Variety Of Operations, Many Have Been Used For Years -- Even Centuries, e.g., ECM; SIGINT; PSYOPS; etc • New Threat: Computer Network Attack • The Information Revolution Is Bringing These Measures Into Critical Mass -- Combination Of Dependency And Availability Of Cyber Weapons

  3. POTENTIAL ADVERSARIES • Not Talking About Pranksters, Hackers & Criminals • The Threats Are Terrorists, Foreign Intelligence, & Foreign Military • Distinctive Features: • Likely To Be Coordinated With Larger Military Operations • These Adversaries Play For Keeps And Are Professionals • If You Detect An Intruder, It Probably Is Not The IW Threat That You Should Be Worried About • Many Foreign Military Organizations Have Developed IW Strategy & Doctrine • China, India, Russia, Israel, Etc.

  4. THE IW THREAT AND THE PRIVATE SECTOR • Commercial Systems Are At Least As Likely -- And Probably More Likely -- To Be Targets • Commercial Targets Are Usually Less Well Protected • Often Not Considered In Military Planning • Current Policy Is A “Work In Progress” -- Is Protecting The Commercial Infrastructure The Responsibility of NIPC? USSPACECOM? DTRA? NSTAC? • Military Forces Are Critically Dependent On Commercial Information Systems & Infrastructure • Communication • Transportation • Production • Bottom Line: Commercial Systems Are A Tempting Target

  5. INHERENT DIFFICULTIES OF GOVERNMENT-PRIVATE SECTOR COOPERATION • Defense Is A Public Good -- Who Pays? • Defense Planners Lack Leverage -- And Getting Worse • Commercial Standards Today Are Set By Industry, Not The Government • Government Is A Less Important Customer -- Has Less Influence On Commercial Design • IW Defense Can Conflict With Ability To Compete In The Market -- Costs Money & Threatens Proprietary Information • Commercial Sector Does Not Understand The IW Threat

  6. HUGE CULTURAL GAP • “The Plaid Shirts & Sandals” Versus The “Wingtips And Suits” • Government’s Transgressions: • Encryption • Immigration • Antitrust • Private Sector Transgressions • Laissez Faire To A Fault • Privacy Hypocrisy -- Industry Is Probably A Bigger Violator Than The Government, And Reluctant To Implement Remedies (Note “Data Mining” Market -- Doubleclick, Amazon, etc.)

  7. FIXING THE PROBLEM • The Good Guys All Have Compatible Objectives • The Military & Intelligence Communities: Security Against Foreign Attack • The Public: Privacy • Law Enforcement: Catching Criminals • E-Commerce: Stopping E-Crime • What Do We Need To Do? • Improve Relations Between Industry And Government • Encourage And Facilitate Better Understanding Of The Threat By The Private Sector • Provide Incentives And Assistance Where Appropriate • Address Legal And Ethical Issues

  8. FIX RELATIONS BETWEEN GOVERNMENT AND INDUSTRY • Take Advantage Of The Entrance Of A New Administration • Replace Personnel • Revise Policies -- Technology Controls, Immigration, Antitrust, etc. • Clarify Responsibilities Within Government And Ensure Continuity Of Communications To Provide I&W

  9. IMPROVE UNDERSTANDING OF THE THREAT BY THE PRIVATE SECTOR • Education • Disseminate More Information About The Threat Among The General Public • Encourage “Street Smart” Computing • Increase Consumer Awareness Of Security • Preparing Against The Threat Should Be A Professional Skill Within The IT Community • Facilitate Industry Security Standards-- During Development As Well As An Operating Practice • Teach Sophisticated Security Skills, e.g., The Art Of Deception • Message -- Beating A Deep-Pocketed, Determined IW Opponent Is The Ultimate Hack

  10. FACILITATE ACTION BY THE PRIVATE SECTOR • Implement Indirect Incentives To Encourage Security, Differentiate Players In The Market • Liability Statutes • Disclosure Statutes (How Safe Is Your Bank?) • Improve Information Sharing By Private Sector • Where “Public Goods” And “Competitiveness” Conflict, Provide Subsidies • Government Can Share Expertise In Security Technology, Tactics, Training • Offset Costs Of Special Measures

  11. ADDRESS LEGAL AND ETHICAL ISSUES • What Is An “American Company,” Anyway? • Multinational Corporations • Global Market For Capital, Ownership -- And Labor • “Government Jurisdiction” Is A Brand; Policy Should Encourage Companies To Buy Into A Package Of Benefits In Exchange For Cooperation • Fiduciary Issues • When Must A Company Serve Shareholders? Customers? The Government? • When Do National Security Interests Coincide With Shareholder Interests? When Do They Conflict?

  12. CONCLUDING OBSERVATIONS • “Hence to fight and conquer in all your battles is not supreme excellence; supreme excellence consists in breaking the enemy's resistance without fighting. “ • Sun Tzu • “I'll tell you what war is about. You've got to kill people, and when you've killed enough, they stop fighting. “ • Curtis LeMay

More Related