Amidst the backdrop of Napa Valley vineyards, Concentric hosted the brilliant minds of US National Security the Honorable Sue Gordon and retired Admiral Mike Rogers along with some of our esteemed clients to discuss the “New Security Paradigm”. At Concentric, we have seen a significant shift in the security landscape over the last few years, but especially over the last few months, that is impacting both our clients and how we perceive “risk” significantly. As was discussed at Concentric’s First Annual Security Conference, this is as a result of the advancements in technology, the role of disinformation, and, ultimately, a lack of trust within our society.
“The problem set has evolved to whoever can put technology to use faster.” – Sue Gordon.
Left to right: Vice Admiral (Ret.) Mike LeFever, Honorable Sue Gordon
The world has changed from physical to digital. This change can be tracked on a graph that would show a slow but noticeable change throughout the 90’s and 00’s, but at a much steeper trajectory in the last 10 years. “Man has always had to deal with disruptive technology”, said Mike Rogers “but never at this pace”. Any intelligence professional can tell you that while the abundance of data is helpful, there is a fine line-which was superseded years ago-of when “too much” is a very real problem. Sue Gordon explained that while we should be in a data abundance boone, we are instead in a “bane”. Not only do we struggle with finding the “signal within the noise”, we also don’t trust tools that could do it for us automatically. We still are adamant that humans maintain the advantage on analysis and judgement, although their ability to analyze all available data is now impossible. While we continue to search for these solutions, our foes aren’t worried about maintaining those same standards. Instead, they’re crossing boundaries that not only are we not/won’t, but nor have we identified what that means for us in the new digital space. Is a cyber attack an act of war? If there are no casualties does it still mandate a response? How do we even define “casualty” in a digital environment? These are the questions our near-peers aren’t waiting for us to answer; they’re instead consistently pushing boundaries without response.
“Truth has its own sound.” – Sue Gordon
“You have a right to your own opinion, not your own facts. – Mike Rogers
Unfortunately, we don’t need to look internationally to see the impact of this digital boone. Nationally, we see this data abundance be directly related to the toxicity of disinformation. Rogers called out that our current “information disorder” is problematic and that we need to get back in the habit of thinking more critically. “We are falling into bad habits [of self validation] as we consistently put ourselves in microcosms that reinforce our own biases and build walls”. At the individual and citizen level, we can do our part by fact checking and source validating. At the higher levels, however, there is a more innate responsibility that comes with authority/position to ensure not complicit in spreading false information. Organizationally, Gordon recommended we re-instill the standards that were upheld at the beginning of print and radio: a pedigree for those putting out information is required and sources have been validated. It seems a lofty goal in the realm of the open internet, but we only need to look “back” as recently as COVID to see the ramifications of not having these standards. We will always maintain that freedom of expression is a cornerstone of our society, but that expression also being “trusted and true” should also be equally prioritized.
“Disruptive President at a disruptive time” -Mike Rogers
Left to right: Admiral (Ret.) Mike Rogers, Roderick Jones
Some say the Trump Administration was the impetus for our current state of distrustful society. Rogers would say the President merely represented a disruptive era that continues today. As an example, Rogers pointed to right after President Kennedy was assassinated; the country was similarly divided until (literal) perspective was garnered from the success of Apollo 8 as we saw the world from space for the first time. While we have missed a few opportunities for that invaluable-and healing-perspective, we do have the ability to rebuild that inherent trust. The damage that was unique to the Trump administration, Rogers pointed out, was that his main message was “disruption is good” and “institutions are bad and must be attacked”. We continue to see that inherent distrust today. Unfortunately, in the midst of the chaos, “extremes look attractive” as well as “totalianarism”. While our collective focus seems to be continually more individual-based, we have the ability to redirect that focus to the greater good and cyber extortion could be just that opportunity on both the national and international scale.
Rogers recommends approaching cyber extortion events in the same vein as aviation safety maintenance. Currently, when an aviation mishap occurs, there is an automatic forensic investigation that results in immediate and collaborative change. Airlines, supply chains, and individuals all participate in the investigation with the acknowledgment that doing so is for the “greater good”. As a result of the focus, we very rarely-if ever-have aviation mishaps for the same reason. One unfortunate incident results in the betterment of the rest. In the cyber extortion realm, we could mimic that blameless and collaborative effort after each incident. However, right now, there is no trust between victims and the government that they won’t be punished for ransom payments or inadequate cyber security precautions.
The “new security paradigm” brings with it a digital violence not understood within our societal norms. While we adjust appropriate responses, we can focus on transparency: both from the government and amongst each other. The obligation is moral, fundamental, and universally attributed to hold ourselves to a higher standard and behave in a trustworthy fashion. Only then can we start to address, and potentially remove, these new security risks.
