My latest op-ed in SC Magazine:
It is tough being in cybersecurity. Defense is a cost center, and it’s hard to find meaningful metrics to demonstrate success. Interest in security is also cyclical: Major breaches stir action, but as time passes, interest and resources wane, though the threat is still there. Yet the biggest problem with cybersecurity is ourselves. Before we can succeed, all of us must agree to change.
Read the whole thing.
Beltway Bandits offering up expensive and cumbersome gaming solutions to Uncle Sam: look out!
I was sitting at a picnic table Thursday afternoon talking with a revolutionary who last year bombed an American Apparel store.
I didn’t think she was all that dangerous. As far as I could tell, she was just a big-time radical in the Second Life virtual world.
My Second Life alter ego, Caro Zohari (an avatar who has much
nicer hair than I do), was interviewing a spokeswoman for the Second
Life Liberation Army (SLLA), an “avatar rights” group that has sprung
up in the Linden Lab-created virtual world with the objective of
fomenting a “democratic revolution” to oppose Linden’s supposedly
Couple of things strike me:
- Assuming SL doesn’t but the kibosh on madness like this, it would be an interesting way to test out a variety of pol-mil-legal responses to terrorist, insurgent, or radical activist activity; not just the sticks but the carrots too. A live political and military science lab if you will.
- People who are going to dismiss this as just game play are ignoring the potential to radicalize otherwise “normal” people via this medium. There are some people who can’t separate fantasy from reality and the consequences can be grave.
- Do the normal rules of HUMINT and SIGINT apply in SL? Do we assume everyone in SL is a “US Person” or do we take advantage of the fact that no one online knows you’re a dog and maximize the medium for both the actual take and the lessons learned?
If Linden let’s the activity continue, I could see the need for a weapons toolkit that allows for real-world flexibility but does not impact the underlying system; you want targets to suffer losses for the sake of realism, you don’t want rouge external malcode shutting down the system. Maybe its artificial (ahem) but you want to keep the experiment going as long as possible I would think.
Maybe this is where you get some preliminary answers to questions about the effectiveness of generational warfare.