SlideShare a Scribd company logo

The Information Disruption Industry and the Operational Environment of the Future

Download as PPTX, PDF
Vincent O'Neil
Vincent O'Neil

Executive Summary: Use of everyday technology to collect personal data is increasing, and as these efforts become more intrusive, popular resentment is likely to grow. If that irritation reaches a tipping point, existing privacy protection services will expand enormously—creating an Information Disruption Industry (IDI) dedicated to thwarting the collection, storage, and sale of personal data. The expanded IDI’s efforts will do direct and indirect damage to a wide range of systems—even systems unrelated to personal data collection. This likely scenario has the potential to seriously impact the information landscape in 2035, if not sooner. End of Summary I presented the paper in a webinar hosted by the Mad Scientist Initiative and Georgetown University on May 10, 2020. The complete webinar can be viewed at: https://www.youtube.com/watch?v=j2-cjW1cmrQ&t=75s

Presentations & Public Speaking
1 of 27
The Information Disruption Industry and the Operational Environment of the Future By Vincent H. O’Neil
Outline • Executive Summary • Introduction • The Expanding Information Disruption Industry • Ramifications for the Operational Environment • What to Do—First Steps • Summary
Executive Summary Use of everyday technology to collect personal data is increasing, and as these efforts become more intrusive, popular resentment is likely to grow. If that irritation reaches a tipping point, existing privacy protection services will expand enormously—creating an Information Disruption Industry (IDI) dedicated to thwarting the collection, storage, and sale of personal data. The expanded IDI’s efforts will do direct and indirect damage to a wide range of systems—even systems unrelated to personal data collection. This likely scenario has the potential to seriously impact the information landscape in 2035, if not sooner.
Collection of Personal Data People are already concerned about this collection: • Mentioning a product in an electronic communication often causes the appearance of online ads about that product • Cases such as the Cambridge Analytica scandal show large- scale collection of personal data goes on without public consent • News stories and/or personal notifications about corporate data breaches feed the belief that no collected information is safe
Popular Resentment Resentment: Bitter indignation at being treated unfairly The targets of the data collection dislike the invasion of their privacy already. That feeling is multiplied by the realization: • They’re paying for the devices (phones and cars) commonly used to track their behavior, habits, and movements • The tracking and collection is often concealed from them • Their personal devices could potentially be accessed as part of legal proceedings
The Tipping Point Public opinion could be shifted to outright resistance by news stories showing data collection can cause actual harm: • Domestic violence victims hiding from their tormentors who were uncovered by technological tracking • Conviction of innocent people through the use of circumstantial evidence gained through personal data collection • Social media analysis by employers and/or universities that rejected qualified candidates
Expansion of the Disruption Industry Entities offering services designed to thwart the collection and sharing of personal data already exist. Once people see data collection and technological tracking as a real threat, they’ll pay to protect themselves. That funding will generate the expanded IDI. The IDI’s techniques will range from covert alteration of data to the crashing of entire systems. PRECISION • Overt • Damaging • Low-margin • Stealthy • Sophisticated • High-end
Precise Disruption • Target specific information as directed by the client (movements, purchases, personal communications) • Leave other information intact (high credit score, records of education & employment) • Key goal is to do this without detection • Attracts staff from the collection industry—better pay and more socially acceptable • Will still do damage to systems: • Disruption of normal system functions • Unintended consequences • Numerous, uncoordinated actors
Imprecise Disruption • Monkey wrench-in-the-gears approach • Low-end, low-margin business • Not concerned with stealth • May crash entire systems • Cover for hackers—identifying a Trojan Horse is difficult when it arrives in the middle of a stampede • May give a significant boost to privacy protection overall: • Cast doubt on the reliability of collection efforts • Reduce the value of purchased data
Legal Acceptance • Numerous court cases (lawsuits and criminal actions) are likely to arise from this conflict • Supreme Court rulings that connect the IDI—or its clients— with the defense of individual rights will make the IDI even more socially acceptable and give it legal protection • Even if the collectors pledge to stop gathering personal information, the public is unlikely to believe it • The more precise operators could also offer a service where they monitor clients’ personal information and repair it when it’s damaged by the IDI
Continuous and Widespread Disruption The IDI will attack the collection, storage, and dissemination of personal data at every level and at every step in those processes. This will create a kaleidoscopic information landscape populated with data that requires frequent verification and systems that malfunction randomly. All of this will generate second-order effects that will be as harmful as they are unpredictable.
Second-Order Effects The increasingly interconnected nature of the technological world will magnify the impact of any disruptions and generate problems in unexpected areas. Hooking everything from household appliances to hospital information systems to the internet creates a myriad of opportunities for intentional—and unintentional—disruption.
Second-Order Effects - Example Tracking technology that utilizes the GPS system will be a particularly important target for the IDI. Disrupters seeking to prevent the collection of information regarding a client’s movements could attack the system itself or leverage systems that connect to it. The argument that barriers are in place to prevent this is not sufficient, because the tech is constantly changing. Seemingly minor adjustments to code, hardware, and protocols can create unexpected vulnerabilities.
Ramifications for the Operational Environment The expanded IDI has the potential to seriously impact the operational environment in 2035— if not sooner. Most US military technology is created by civilian businesses, and modified versions can be sold in non-military markets. That intersection alone has the potential to render many military systems vulnerable. Former military personnel will also join the ranks of disrupter organizations, bringing valuable knowledge about the setup, operation, and weaknesses of those systems. Additionally, the confused nature of the information landscape will assist actual enemy actors in their attempts to attack government and military systems.
Non-Military Targets These attacks won’t necessarily need to be directed at military targets: Disruptions of civilian communication systems will have a negative impact on deployed troops who have gotten used to being able to contact their loved ones. Other disruptions such as compromised credit scores and frozen bank accounts cannot help but distract deployed soldiers from their missions and focus their attention back home.
GPS Disruption Revisiting the previous example regarding the GPS system, any disruption of satellite location functionality could have enormous consequences for the operational environment. Lost units, misdirected supplies, and errant ordnance are just a few of the potential ramifications. No matter how advanced the technology becomes, it’s only going to be as accurate as the information it uses and as secure as the other systems it accesses.
Support Systems Use of civilian technology for maintenance and logistical functions leaves these vital areas open to the effects of any disruptions that occur in those systems worldwide. Patches and updates for these products are usually mandatory and, while they may be designed to address a problem or shortcoming in the existing system, they could also carry code or information from disrupter organizations.
What to Do—First Steps Operating in this future environment calls for a broad approach designed to prepare for and manage the wide- ranging impact of the expanded IDI. A supervisory authority should be tasked to direct this effort, and every level of the national defense apparatus has a role.
Verify the Data Establish a mechanism to continuously verify information and generate alerts: The national defense apparatus uses many technological systems, frequently with overlapping capabilities. That overlap could be leveraged to verify information used across these systems and provide warning when data is inaccurate or a function has been disrupted. The systems don’t need to interface to create these verification capabilities—on the contrary, connection would make them vulnerable to the same threats. As an example, this mechanism could provide ongoing checks that geographical location A is actually situated at geographical location A—and raise a red flag when one system says it is not.
Ask, “What If?” Conduct wargaming at all levels: The operational environment includes a multitude of systems that could be impacted by the IDI. The supervisory authority mentioned earlier should require the owners/operators of each system to identify every system that connects to it and every entity that uses it. Each of those systems and entities will undergo similar analysis, creating a continuously updated nodal diagram showing how these separate factors influence each other. That will be the start point for wargaming the possible results of disruptions anywhere across those nodes.
Create Redundancy Identify substitutes and replacements: No amount of wargaming or testing will prevent disruptions. Commands and units must be ready to lose systems and keep functioning until those systems are available again. Lessons learned in the wargaming will help identify key capabilities that must be maintained. It will also identify systems that might be leveraged to do the different tasks of the missing system in an emergency. When no such temporary replacement can be found, or when a system is simply too important, the creation of a redundant system may be necessary.
Repair the Damage Fix broken systems quickly: Identifying the “last functioning point” before a disruption can help recover a malfunctioning system. Frequent archiving of data and programming can offer a chance of “resetting” the system to an earlier point that brings it back into operation. Lessons learned from cyber attacks and security breaches that occur in peacetimes should be analyzed for techniques that can be applied during wartime. Existing disaster recovery and data recovery programs, both public and private, could be good sources of additional tips and techniques for this.
Identify Quick Fixes Analyze field-expedient solutions: The supervisory authority should create a “best practices” center that solicits, verifies, tests, and disseminates information on variations, substitutions, and workarounds developed in the field. These best practices should be promulgated widely, so that people working with System A will be aware of a workaround in System B that can also be applied to System A in an emergency.
Provide Incentives Encourage innovation and participation: Get everyone involved in conducting “What if?” analysis and identifying field expedients by creating a rewards program. Money, public acknowledgment, medals, and promotions can help motivate people to ask these questions and come up with solutions ahead of time.
Train With Manual Options Train with manual options: Leverage the results of the “what if?” analysis and field expedients to identify every possible means of manual intervention or substitution when a system—or part of a system—is disrupted. Make training on these manual options mandatory, and include them in all operational manuals. No matter how much effort goes into preparing for the loss of a system, the force must be ready to do without a system for a protracted period of time when necessary. When a substitute system isn’t available and a manual option is, the force needs to be trained and ready to use that manual option.
Summary • Popular resentment of personal data collection is likely to cause a dramatic expansion of the Information Disruption Industry (IDI) • The IDI’s efforts will do direct and indirect damage to a wide range of technological systems—even systems unrelated to personal data collection. • This likely scenario has the potential to seriously impact the information landscape in 2035, if not sooner. • Operating in this future environment calls for a broad approach designed to prepare for and combat the wide- ranging impact of the IDI.
About the Author Vincent H. O’Neil is a risk manager, writer, and public speaker. He holds degrees from West Point and The Fletcher School. He’s also the author of the Frank Cole mystery novels from St. Martin’s Press and the Sim War military science fiction series (written as Henry V. O’Neil) from HarperCollins. www.vincenthoneil.com www.linkedin.com/in/vincenthoneil

Recommended

Top cited managing information technology articles
Top cited managing information technology articlesTop cited managing information technology articles
Top cited managing information technology articles
IJMIT JOURNAL
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Version 3.6 Powerpoint March10
Version 3.6 Powerpoint March10Version 3.6 Powerpoint March10
Version 3.6 Powerpoint March10jpmccormack
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemEnterprise Technology Management (ETM)
 
Managing insider threat
Managing insider threatManaging insider threat
Managing insider threatmilliemill
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
ijcsit
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Jim Kaplan CIA CFE
 

Recommended

Top cited managing information technology articles
Top cited managing information technology articlesTop cited managing information technology articles
Top cited managing information technology articles
IJMIT JOURNAL
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Version 3.6 Powerpoint March10
Version 3.6 Powerpoint March10Version 3.6 Powerpoint March10
Version 3.6 Powerpoint March10jpmccormack
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
james morris
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemEnterprise Technology Management (ETM)
 
Managing insider threat
Managing insider threatManaging insider threat
Managing insider threatmilliemill
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
ijcsit
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Jim Kaplan CIA CFE
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
The Security of Things Forum
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
IRJET Journal
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
researchinventy
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
ChristopherAntonius
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
Global Business Events - the Heart of your Network.
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary
 
IT Position of Trust Designation
IT Position of Trust DesignationIT Position of Trust Designation
IT Position of Trust Designation
Murray Security Services
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
FireEye, Inc.
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
Sravan Ankaraju
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Sarah Nirschl
 
Ijnsa050201
Ijnsa050201Ijnsa050201
Ijnsa050201
IJNSA Journal
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesJerry Harding
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
Joey Jablonski
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
L007 Managing System Security (2016)
L007 Managing System Security (2016)L007 Managing System Security (2016)
L007 Managing System Security (2016)
Jan Wong
 
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
Pace IT at Edmonds Community College
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET Journal
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
illustro
 

More Related Content

What's hot

Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
The Security of Things Forum
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
IRJET Journal
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
researchinventy
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
ChristopherAntonius
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
Global Business Events - the Heart of your Network.
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary
 
IT Position of Trust Designation
IT Position of Trust DesignationIT Position of Trust Designation
IT Position of Trust Designation
Murray Security Services
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
FireEye, Inc.
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
Sravan Ankaraju
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Sarah Nirschl
 
Ijnsa050201
Ijnsa050201Ijnsa050201
Ijnsa050201
IJNSA Journal
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesJerry Harding
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
Joey Jablonski
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
L007 Managing System Security (2016)
L007 Managing System Security (2016)L007 Managing System Security (2016)
L007 Managing System Security (2016)
Jan Wong
 
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
Pace IT at Edmonds Community College
 

What's hot (20)

Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
 
IT Position of Trust Designation
IT Position of Trust DesignationIT Position of Trust Designation
IT Position of Trust Designation
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_Hill
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
 
Ijnsa050201
Ijnsa050201Ijnsa050201
Ijnsa050201
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security Practices
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
L007 Managing System Security (2016)
L007 Managing System Security (2016)L007 Managing System Security (2016)
L007 Managing System Security (2016)
 
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
PACE-IT, Security+ 2.1: Risk Related Concepts (part 2)
 

Similar to The Information Disruption Industry and the Operational Environment of the Future

IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET Journal
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
illustro
 
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
IJMIT JOURNAL
 
An Improved Method for Preventing Data Leakage in an Organization
An Improved Method for Preventing Data Leakage in an OrganizationAn Improved Method for Preventing Data Leakage in an Organization
An Improved Method for Preventing Data Leakage in an Organization
IJERA Editor
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 
1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)
Aida Harun
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
Laura Martin
 
Fast and fire-walled IOT healthcare-Baseer
Fast and fire-walled IOT healthcare-BaseerFast and fire-walled IOT healthcare-Baseer
Fast and fire-walled IOT healthcare-Baseer
AbdulBaseer (Baseer) Mohammed
 
Cyber Security and the CEO
Cyber Security and the CEOCyber Security and the CEO
Cyber Security and the CEO
Micheal Axelsen
 
Pharmaceutical companies and security
Pharmaceutical companies and securityPharmaceutical companies and security
Pharmaceutical companies and security
Juliette Foine
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
D0261019025
D0261019025D0261019025
D0261019025theijes
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
IRJET Journal
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
SecurityMetrics
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsFrederic Roy-Gobeil, CPA, CGA, M.Tax.
 
8MAN-Public_Sector_Data_and_Information_Security_Survey 2016
8MAN-Public_Sector_Data_and_Information_Security_Survey 20168MAN-Public_Sector_Data_and_Information_Security_Survey 2016
8MAN-Public_Sector_Data_and_Information_Security_Survey 2016Andi Robinson
 

Similar to The Information Disruption Industry and the Operational Environment of the Future (20)

IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
13421ijmit03Engineering Life Cycle Enables Penetration Testing and Cyber Oper...
 
An Improved Method for Preventing Data Leakage in an Organization
An Improved Method for Preventing Data Leakage in an OrganizationAn Improved Method for Preventing Data Leakage in an Organization
An Improved Method for Preventing Data Leakage in an Organization
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)1639(pm proofreading)(tracked)
1639(pm proofreading)(tracked)
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
 
Fast and fire-walled IOT healthcare-Baseer
Fast and fire-walled IOT healthcare-BaseerFast and fire-walled IOT healthcare-Baseer
Fast and fire-walled IOT healthcare-Baseer
 
Cyber Security and the CEO
Cyber Security and the CEOCyber Security and the CEO
Cyber Security and the CEO
 
Pharmaceutical companies and security
Pharmaceutical companies and securityPharmaceutical companies and security
Pharmaceutical companies and security
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
D0261019025
D0261019025D0261019025
D0261019025
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
 
8MAN-Public_Sector_Data_and_Information_Security_Survey 2016
8MAN-Public_Sector_Data_and_Information_Security_Survey 20168MAN-Public_Sector_Data_and_Information_Security_Survey 2016
8MAN-Public_Sector_Data_and_Information_Security_Survey 2016
 

More from Vincent O'Neil

Focused Cooperation: A Counterintuitive Approach to Managing Global Problems
Focused Cooperation: A Counterintuitive Approach to Managing Global ProblemsFocused Cooperation: A Counterintuitive Approach to Managing Global Problems
Focused Cooperation: A Counterintuitive Approach to Managing Global Problems
Vincent O'Neil
 
Spheres of Influence: Managing Hidden Risks
Spheres of Influence: Managing Hidden RisksSpheres of Influence: Managing Hidden Risks
Spheres of Influence: Managing Hidden Risks
Vincent O'Neil
 
Writing Dialogue: You're the Director
Writing Dialogue: You're the DirectorWriting Dialogue: You're the Director
Writing Dialogue: You're the Director
Vincent O'Neil
 
Writing Action Scenes: You'll be Lucky to Survive
Writing Action Scenes: You'll be Lucky to SurviveWriting Action Scenes: You'll be Lucky to Survive
Writing Action Scenes: You'll be Lucky to Survive
Vincent O'Neil
 
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
Vincent O'Neil
 
The Never-ending Brainstorm
The Never-ending BrainstormThe Never-ending Brainstorm
The Never-ending Brainstorm
Vincent O'Neil
 
Writing in Different Genres: Why, Why Not, and How To
Writing in Different Genres: Why, Why Not, and How ToWriting in Different Genres: Why, Why Not, and How To
Writing in Different Genres: Why, Why Not, and How To
Vincent O'Neil
 
Using Excel to plot your story and more
Using Excel to plot your story and moreUsing Excel to plot your story and more
Using Excel to plot your story and more
Vincent O'Neil
 
Create the Certainty, Control the Crisis
Create the Certainty, Control the CrisisCreate the Certainty, Control the Crisis
Create the Certainty, Control the Crisis
Vincent O'Neil
 
Cap Everything
Cap EverythingCap Everything
Cap Everything
Vincent O'Neil
 
Yes, You CAN Write!
Yes, You CAN Write!Yes, You CAN Write!
Yes, You CAN Write!
Vincent O'Neil
 
Building a risk management system that works
Building a risk management system that worksBuilding a risk management system that works
Building a risk management system that works
Vincent O'Neil
 
Discard at your own risk
Discard at your own riskDiscard at your own risk
Discard at your own risk
Vincent O'Neil
 
Getting into character
Getting into characterGetting into character
Getting into character
Vincent O'Neil
 
Rebuilding financial risk management
Rebuilding financial risk managementRebuilding financial risk management
Rebuilding financial risk management
Vincent O'Neil
 
Openings workshop
Openings workshopOpenings workshop
Openings workshop
Vincent O'Neil
 
Writing The Basic Essay
Writing The Basic EssayWriting The Basic Essay
Writing The Basic Essay
Vincent O'Neil
 

More from Vincent O'Neil (17)

Focused Cooperation: A Counterintuitive Approach to Managing Global Problems
Focused Cooperation: A Counterintuitive Approach to Managing Global ProblemsFocused Cooperation: A Counterintuitive Approach to Managing Global Problems
Focused Cooperation: A Counterintuitive Approach to Managing Global Problems
 
Spheres of Influence: Managing Hidden Risks
Spheres of Influence: Managing Hidden RisksSpheres of Influence: Managing Hidden Risks
Spheres of Influence: Managing Hidden Risks
 
Writing Dialogue: You're the Director
Writing Dialogue: You're the DirectorWriting Dialogue: You're the Director
Writing Dialogue: You're the Director
 
Writing Action Scenes: You'll be Lucky to Survive
Writing Action Scenes: You'll be Lucky to SurviveWriting Action Scenes: You'll be Lucky to Survive
Writing Action Scenes: You'll be Lucky to Survive
 
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
The Brute Force and Ignorance Approach: Writing when you have no plan, no plo...
 
The Never-ending Brainstorm
The Never-ending BrainstormThe Never-ending Brainstorm
The Never-ending Brainstorm
 
Writing in Different Genres: Why, Why Not, and How To
Writing in Different Genres: Why, Why Not, and How ToWriting in Different Genres: Why, Why Not, and How To
Writing in Different Genres: Why, Why Not, and How To
 
Using Excel to plot your story and more
Using Excel to plot your story and moreUsing Excel to plot your story and more
Using Excel to plot your story and more
 
Create the Certainty, Control the Crisis
Create the Certainty, Control the CrisisCreate the Certainty, Control the Crisis
Create the Certainty, Control the Crisis
 
Cap Everything
Cap EverythingCap Everything
Cap Everything
 
Yes, You CAN Write!
Yes, You CAN Write!Yes, You CAN Write!
Yes, You CAN Write!
 
Building a risk management system that works
Building a risk management system that worksBuilding a risk management system that works
Building a risk management system that works
 
Discard at your own risk
Discard at your own riskDiscard at your own risk
Discard at your own risk
 
Getting into character
Getting into characterGetting into character
Getting into character
 
Rebuilding financial risk management
Rebuilding financial risk managementRebuilding financial risk management
Rebuilding financial risk management
 
Openings workshop
Openings workshopOpenings workshop
Openings workshop
 
Writing The Basic Essay
Writing The Basic EssayWriting The Basic Essay
Writing The Basic Essay
 

Recently uploaded

Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
Access Innovations, Inc.
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
faizulhassanfaiz1670
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
eCommerce Institute
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
OECD Directorate for Financial and Enterprise Affairs
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
Vladimir Samoylov
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
OWASP Beja
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Access Innovations, Inc.
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Orkestra
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
IP ServerOne
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 

Recently uploaded (16)

Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 

The Information Disruption Industry and the Operational Environment of the Future

  • 1. The Information Disruption Industry and the Operational Environment of the Future By Vincent H. O’Neil
  • 2. Outline • Executive Summary • Introduction • The Expanding Information Disruption Industry • Ramifications for the Operational Environment • What to Do—First Steps • Summary
  • 3. Executive Summary Use of everyday technology to collect personal data is increasing, and as these efforts become more intrusive, popular resentment is likely to grow. If that irritation reaches a tipping point, existing privacy protection services will expand enormously—creating an Information Disruption Industry (IDI) dedicated to thwarting the collection, storage, and sale of personal data. The expanded IDI’s efforts will do direct and indirect damage to a wide range of systems—even systems unrelated to personal data collection. This likely scenario has the potential to seriously impact the information landscape in 2035, if not sooner.
  • 4. Collection of Personal Data People are already concerned about this collection: • Mentioning a product in an electronic communication often causes the appearance of online ads about that product • Cases such as the Cambridge Analytica scandal show large- scale collection of personal data goes on without public consent • News stories and/or personal notifications about corporate data breaches feed the belief that no collected information is safe
  • 5. Popular Resentment Resentment: Bitter indignation at being treated unfairly The targets of the data collection dislike the invasion of their privacy already. That feeling is multiplied by the realization: • They’re paying for the devices (phones and cars) commonly used to track their behavior, habits, and movements • The tracking and collection is often concealed from them • Their personal devices could potentially be accessed as part of legal proceedings
  • 6. The Tipping Point Public opinion could be shifted to outright resistance by news stories showing data collection can cause actual harm: • Domestic violence victims hiding from their tormentors who were uncovered by technological tracking • Conviction of innocent people through the use of circumstantial evidence gained through personal data collection • Social media analysis by employers and/or universities that rejected qualified candidates
  • 7. Expansion of the Disruption Industry Entities offering services designed to thwart the collection and sharing of personal data already exist. Once people see data collection and technological tracking as a real threat, they’ll pay to protect themselves. That funding will generate the expanded IDI. The IDI’s techniques will range from covert alteration of data to the crashing of entire systems. PRECISION • Overt • Damaging • Low-margin • Stealthy • Sophisticated • High-end
  • 8. Precise Disruption • Target specific information as directed by the client (movements, purchases, personal communications) • Leave other information intact (high credit score, records of education & employment) • Key goal is to do this without detection • Attracts staff from the collection industry—better pay and more socially acceptable • Will still do damage to systems: • Disruption of normal system functions • Unintended consequences • Numerous, uncoordinated actors
  • 9. Imprecise Disruption • Monkey wrench-in-the-gears approach • Low-end, low-margin business • Not concerned with stealth • May crash entire systems • Cover for hackers—identifying a Trojan Horse is difficult when it arrives in the middle of a stampede • May give a significant boost to privacy protection overall: • Cast doubt on the reliability of collection efforts • Reduce the value of purchased data
  • 10. Legal Acceptance • Numerous court cases (lawsuits and criminal actions) are likely to arise from this conflict • Supreme Court rulings that connect the IDI—or its clients— with the defense of individual rights will make the IDI even more socially acceptable and give it legal protection • Even if the collectors pledge to stop gathering personal information, the public is unlikely to believe it • The more precise operators could also offer a service where they monitor clients’ personal information and repair it when it’s damaged by the IDI
  • 11. Continuous and Widespread Disruption The IDI will attack the collection, storage, and dissemination of personal data at every level and at every step in those processes. This will create a kaleidoscopic information landscape populated with data that requires frequent verification and systems that malfunction randomly. All of this will generate second-order effects that will be as harmful as they are unpredictable.
  • 12. Second-Order Effects The increasingly interconnected nature of the technological world will magnify the impact of any disruptions and generate problems in unexpected areas. Hooking everything from household appliances to hospital information systems to the internet creates a myriad of opportunities for intentional—and unintentional—disruption.
  • 13. Second-Order Effects - Example Tracking technology that utilizes the GPS system will be a particularly important target for the IDI. Disrupters seeking to prevent the collection of information regarding a client’s movements could attack the system itself or leverage systems that connect to it. The argument that barriers are in place to prevent this is not sufficient, because the tech is constantly changing. Seemingly minor adjustments to code, hardware, and protocols can create unexpected vulnerabilities.
  • 14. Ramifications for the Operational Environment The expanded IDI has the potential to seriously impact the operational environment in 2035— if not sooner. Most US military technology is created by civilian businesses, and modified versions can be sold in non-military markets. That intersection alone has the potential to render many military systems vulnerable. Former military personnel will also join the ranks of disrupter organizations, bringing valuable knowledge about the setup, operation, and weaknesses of those systems. Additionally, the confused nature of the information landscape will assist actual enemy actors in their attempts to attack government and military systems.
  • 15. Non-Military Targets These attacks won’t necessarily need to be directed at military targets: Disruptions of civilian communication systems will have a negative impact on deployed troops who have gotten used to being able to contact their loved ones. Other disruptions such as compromised credit scores and frozen bank accounts cannot help but distract deployed soldiers from their missions and focus their attention back home.
  • 16. GPS Disruption Revisiting the previous example regarding the GPS system, any disruption of satellite location functionality could have enormous consequences for the operational environment. Lost units, misdirected supplies, and errant ordnance are just a few of the potential ramifications. No matter how advanced the technology becomes, it’s only going to be as accurate as the information it uses and as secure as the other systems it accesses.
  • 17. Support Systems Use of civilian technology for maintenance and logistical functions leaves these vital areas open to the effects of any disruptions that occur in those systems worldwide. Patches and updates for these products are usually mandatory and, while they may be designed to address a problem or shortcoming in the existing system, they could also carry code or information from disrupter organizations.
  • 18. What to Do—First Steps Operating in this future environment calls for a broad approach designed to prepare for and manage the wide- ranging impact of the expanded IDI. A supervisory authority should be tasked to direct this effort, and every level of the national defense apparatus has a role.
  • 19. Verify the Data Establish a mechanism to continuously verify information and generate alerts: The national defense apparatus uses many technological systems, frequently with overlapping capabilities. That overlap could be leveraged to verify information used across these systems and provide warning when data is inaccurate or a function has been disrupted. The systems don’t need to interface to create these verification capabilities—on the contrary, connection would make them vulnerable to the same threats. As an example, this mechanism could provide ongoing checks that geographical location A is actually situated at geographical location A—and raise a red flag when one system says it is not.
  • 20. Ask, “What If?” Conduct wargaming at all levels: The operational environment includes a multitude of systems that could be impacted by the IDI. The supervisory authority mentioned earlier should require the owners/operators of each system to identify every system that connects to it and every entity that uses it. Each of those systems and entities will undergo similar analysis, creating a continuously updated nodal diagram showing how these separate factors influence each other. That will be the start point for wargaming the possible results of disruptions anywhere across those nodes.
  • 21. Create Redundancy Identify substitutes and replacements: No amount of wargaming or testing will prevent disruptions. Commands and units must be ready to lose systems and keep functioning until those systems are available again. Lessons learned in the wargaming will help identify key capabilities that must be maintained. It will also identify systems that might be leveraged to do the different tasks of the missing system in an emergency. When no such temporary replacement can be found, or when a system is simply too important, the creation of a redundant system may be necessary.
  • 22. Repair the Damage Fix broken systems quickly: Identifying the “last functioning point” before a disruption can help recover a malfunctioning system. Frequent archiving of data and programming can offer a chance of “resetting” the system to an earlier point that brings it back into operation. Lessons learned from cyber attacks and security breaches that occur in peacetimes should be analyzed for techniques that can be applied during wartime. Existing disaster recovery and data recovery programs, both public and private, could be good sources of additional tips and techniques for this.
  • 23. Identify Quick Fixes Analyze field-expedient solutions: The supervisory authority should create a “best practices” center that solicits, verifies, tests, and disseminates information on variations, substitutions, and workarounds developed in the field. These best practices should be promulgated widely, so that people working with System A will be aware of a workaround in System B that can also be applied to System A in an emergency.
  • 24. Provide Incentives Encourage innovation and participation: Get everyone involved in conducting “What if?” analysis and identifying field expedients by creating a rewards program. Money, public acknowledgment, medals, and promotions can help motivate people to ask these questions and come up with solutions ahead of time.
  • 25. Train With Manual Options Train with manual options: Leverage the results of the “what if?” analysis and field expedients to identify every possible means of manual intervention or substitution when a system—or part of a system—is disrupted. Make training on these manual options mandatory, and include them in all operational manuals. No matter how much effort goes into preparing for the loss of a system, the force must be ready to do without a system for a protracted period of time when necessary. When a substitute system isn’t available and a manual option is, the force needs to be trained and ready to use that manual option.
  • 26. Summary • Popular resentment of personal data collection is likely to cause a dramatic expansion of the Information Disruption Industry (IDI) • The IDI’s efforts will do direct and indirect damage to a wide range of technological systems—even systems unrelated to personal data collection. • This likely scenario has the potential to seriously impact the information landscape in 2035, if not sooner. • Operating in this future environment calls for a broad approach designed to prepare for and combat the wide- ranging impact of the IDI.
  • 27. About the Author Vincent H. O’Neil is a risk manager, writer, and public speaker. He holds degrees from West Point and The Fletcher School. He’s also the author of the Frank Cole mystery novels from St. Martin’s Press and the Sim War military science fiction series (written as Henry V. O’Neil) from HarperCollins. www.vincenthoneil.com www.linkedin.com/in/vincenthoneil