SYS-CON MEDIA Authors: Zakia Bouachraoui, Yeshim Deniz, Carmen Gonzalez, Liz McMillan, Pat Romanski

Blog Feed Post

INSA Report: Cyber Intelligence… Setting the landscape for an emerging disciple

The Intelligence and National Security Alliance (INSA) is a group of professionals bound by a common desire to enhance the national security of the United States. Members include experts who have seen the brutal realities of international affairs and have also seen the impact of sound policy on our nation’s well being. INSA is a not-for-profit, nonpartisan, private sector organization which seeks to provide a forum for thought leadership.

One of the many significant areas INSA has been contributing ideas to is the issue of Cyber Operations.  Many of INSA’s contributions to this discipline have been via a very active Cyber Council led by one of our nation’s foremost national strategic planners, Ms. Terry Roberts. She leads a team of volunteers who seek to advance issues across a broad front in the cyber domain.

Terry and the INSA staff have just released a new document which, in my opinion, makes incredible contributions to national security discussion. The document, titled “Cyber Intelligence… Setting the landscape for an emerging discipline“, is one I believe belongs in every household in America. No kidding. We need more dialog on issues like this, and we need that dialog to be based on the well reasoned assessments of people who have truly seen both the threat and our own capabilities against it, and this document does that very well.

Let me give you a feel for why I think this is a revolutionary document. One is the documents articulation of cyber threat dynamics. It is true that you can pick up any book by any security expert or any pseudo security expert and read articulations of the threat. And for the most part the experts and pseudo experts are all just borrowing from each other anyway because there are just so many ways to say “hacker or hacker group or criminal organization or nation state.”  Articulations and definitions of the threat have a place, but we have had those taxonomies for decades now and copying them from book to book is not helping us find greater awareness or insights into what we should be doing about them.

Meanwhile, the US and other governments have direct experience and information on cyber threats that cannot be released due to classification rules or the threat to ongoing operations. So the really important stuff is not being brought out to be dissected and debated and learned from.

A group like INSA must still operate in classification guidelines and the professionals there would never even come close to violating their oaths to protect. But their deep national security expertise and awareness has allowed them to add color and context to the threat in ways no other organization could possibly do. The result is an articulation of cyber threat dynamics that is important, understandable, and compelling.

Another contribution this document makes is an insightful strategic view into the costs of defense and failure to defend. This is not a simple equation, and the context provided here contributes significantly to the dialog.

The document also offers a very elegant/advanced tutorial into the role and purpose of intelligence in the cyber arena. This section and its framework holds truths which should prove to be insightful to generations of cyber intelligence professionals.

Perhaps the greatest achievement of this document, however, is its articulation of areas for further discussion and review. The items and issues captured there are in definite need of informed dialog. Which brings us back to the importance of the overall document: we need a broader swath of our citizens engaged in an informed dialog on these important cyber issues. Getting this document into the hands of every citizen in the country would be a GREAT way to do that.

So, now it is your turn citizen. Please download the document, read it, think about it and enhance your contributions to the cyber dialog underway today.

Find it here: http://www.scribd.com/doc/62196647/Insa-Cyber-Intelligence-2011
Insa Cyber Intelligence 2011

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

Latest Stories
Most modern computer languages embed a lot of metadata in their application. We show how this goldmine of data from a runtime environment like production or staging can be used to increase profits. Adi conceptualized the Crosscode platform after spending over 25 years working for large enterprise companies like HP, Cisco, IBM, UHG and personally experiencing the challenges that prevent companies from quickly making changes to their technology, due to the complexity of their enterprise. An accomp...
In addition to 22 Keynotes and General Sessions, attend all FinTechEXPO Blockchain "education sessions" plus 40 in two tracks: (1) Enterprise Cloud (2) Digital Transformation. PRICE EXPIRES AUGUST 31, 2018. Ticket prices: ($295-Aug 31) ($395-Oct 31) ($495-Nov 12) ($995-Walk-in) Does NOT include lunch.
Eric Taylor, a former hacker, reveals what he's learned about cybersecurity. Taylor's life as a hacker began when he was just 12 years old and playing video games at home. Russian hackers are notorious for their hacking skills, but one American says he hacked a Russian cyber gang at just 15 years old. The government eventually caught up with Taylor and he pleaded guilty to posting the personal information on the internet, among other charges. Eric Taylor, who went by the nickname Cosmo...
Transformation Abstract Encryption and privacy in the cloud is a daunting yet essential task for both security practitioners and application developers, especially as applications continue moving to the cloud at an exponential rate. What are some best practices and processes for enterprises to follow that balance both security and ease of use requirements? What technologies are available to empower enterprises with code, data and key protection from cloud providers, system administrators, inside...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Early Bird Registration Discount Expires on August 31, 2018 Conference Registration Link ▸ HERE. Pick from all 200 sessions in all 10 tracks, plus 22 Keynotes & General Sessions! Lunch is served two days. EXPIRES AUGUST 31, 2018. Ticket prices: ($1,295-Aug 31) ($1,495-Oct 31) ($1,995-Nov 12) ($2,500-Walk-in)
Contino is a global technical consultancy that helps highly-regulated enterprises transform faster, modernizing their way of working through DevOps and cloud computing. They focus on building capability and assisting our clients to in-source strategic technology capability so they get to market quickly and build their own innovation engine.
The vast majority of businesses now use cloud services, yet many still struggle with realizing the full potential of their IT investments. In particular, small and medium-sized businesses (SMBs) lack the internal IT staff and expertise to fully move to and manage workloads in public cloud environments. Speaker Todd Schwartz will help session attendees better navigate the complex cloud market and maximize their technical investments. The SkyKick co-founder and co-CEO will share the biggest challe...
DevOpsSUMMIT at CloudEXPO will expand the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike. Recent research has shown that DevOps dramatically reduces development time, the amount of enterprise IT professionals put out fires, and support time generally. Time spent on infrastructure development is significantly increased, and DevOps practitioners report more software releases and higher quality. Sponsors of DevOpsSUMMIT at CloudEXPO will b...
There's no doubt that blockchain technology is a powerful tool for the enterprise, but bringing it mainstream has not been without challenges. As VP of Technology at 8base, Andrei is working to make developing a blockchain application accessible to anyone. With better tools, entrepreneurs and developers can work together to quickly and effectively launch applications that integrate smart contracts and blockchain technology. This will ultimately accelerate blockchain adoption on a global scale.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
FinTech Is Now Part of the CloudEXPO New York Program. Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses. Accordingly, attendees at the upcoming 22nd CloudEXPO | DXWorldEXPO November 12-13, 2018 in New York City will find fresh new content in two new tracks called: FinTechEXPO New York Blockchain E...
In addition to 22 Keynotes and General Sessions, pick from 40 technical sessions in two tracks: (1) DevOpsSUMMIT (2) Cloud-Native & Serverless. EXPIRES AUGUST 31, 2018. Ticket prices: ($295-Aug 31) ($395-Oct 31) ($495-Nov 12) ($595-Walk-in) Does NOT include lunch. DevOps Institue Certification DevOps Institute Two-Day DevOps Certification Program EXPIRES AUGUST 31, 2018. Ticket prices: ($995-Aug 31) ($1,095-Oct 31) ($1,195-Nov 12) ($1,395-Walk-in)
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...