/* */

18 May 2007

Contrasting official lightness with private gravity

We are continually fascinated by the manner in which the private sector so far exceeds government capabilities in understanding the Parallel World. While it is one thing to know that the rapid development of IT and related innovations has been driven by the private sector for at least a generation, it is another thing entirely to realize what that means for organizations still struggling to come to terms with the implications of even the most basic of developments (such as email or even lightweight web publishing.)

To be sure, there are highly technical and very savvy individuals scattered throughout the intelligence community, dedicated to the study and analysis of such issues. But this is increasingly one area in which the open source realm may be dramatically outstripping what occurs in the vault.

By way of example, we reference recent coverage of the ongoing cyber conflict between Russia and Estonia. Again, we make no assertions regarding the incidents, their attribution, or implications beyond what others have already stated in public sources (whether accurately or not, time will tell.) But we are very interested in the increasing levels of technical sophistication and interest being applied to the analysis of current network disruption events.

While Global Guerrillas has a theory type think piece (worth examining in the overall context of John Robb’s contribution to the body of emerging 5GW theory), various Internet security shops are increasingly publishing open versions of analysis at a more technical, and tactical level. As an example of the latter we reference Arbor Network’s corporate blog posts on the subject.

We have seen enough of the failing cyber security report cards, and the constant shuffle of senior executives through the relevant government posts, to venture that the sort of quality of thought behind the focused attention paid to this incident (and others like it) would be simply alien to many otherwise nominally assigned to the responsibility of covering these key accounts. (For more background on the ongoing trials and tribulations of the federal cyber security sector, we can recommend no better and more consistent commentator than can be found at Haft of the Spear.)

Of all the areas in which public/private partnerships for enhanced analysis and intelligence production could be of value, we can see few potential accounts more clearly in need of such unique contributions. It does not take a major Beltway contractor, nor any sort of specialized access program, to accomplish significant aggregation, interpretation, and insight into these sorts of problems – and policymakers are likely to be better served by a more broadly based attempt to integrate more substantive experts into the community’s coverage of these accounts.

To be sure, this will require a culture shift, and a serious re-think of structures and processes by which intelligence is created in support of decision-maker needs to understand this new realm. But it is indeed something entirely new in form, shape, and outcomes. It simply makes no sense to continue to try to force fit industrial age organizations and Taylor inspired processes into a future where they have no place.

Labels: , , ,