War in Cyberspace is about Definitions

Tuesday, September 18, 2012

Joel Harding


Almost immediately after posting my last blog, What will be the impact of a massive attack in cyberspace?, a good friend asked me to “define Massive”, to which I responded, tongue in cheek:  “Bigger than just me”...

It struck me with the weight of an ex-wife:  Things have not changed in 20 years, we are still stuck in what many of us call “Definitional Wars” or the struggle to get definitions approved that are not only accurate but widely accepted. 

Did you notice the word “approved” in the preceding sentence?  Approved by whom? Who gave them the authority over me?  If I was working on the Joint Staff in the Pentagon, I know that any definition in a Joint Publication would be an official definition.  It had gone through many rewrites, many reviews and been the subject of countless ‘fall on your sword’ fights. 

Sometimes the struggle was altruistic, it was about making sure the word or phrase encompassed all pertinent arguments.  Of course, much of the time the fight was about a rice bowl, which is someone’s pet project.  It could also be about money, one word could reduce one’s budget in the following budget cycle.  It was also about power, perceived power that is, of those caught up in the struggle between powerful personalities of the leaders of various groups. 

Another problem is Joint definitions must be followed by the Services – the Army, Navy, Air Force and the Marines, but the Services may have their own interpretation of how that applies within their particular Service.  This last sentence is more powerful than you might ever learn, one Service in particular is really stretching the limits…   nuff said. 

As a good friend just relayed to me, another great problem we have is with factions, there are also different camps of thinkers.  Think of Colonel John Boyd, the father of modern warfare.  His thinking was radical and forced developing fighter jets to be smaller and more nimble. 

He also invented a new way of thinking and fighting modern wars, the OODA loop.  The same thing for Special Forces, by its very nature they are unconventional and many conventional leaders are severely intimidated, so they found ways to hinder some SF operations.

I choose not to get caught up in definitional wars, as we have been for the past 15 years. A big problem is we have no real leaders who say “this is the definition” and stick with it.   We have a wonderful leader in General Alexander, for whom I have worked numerous times, so I have a little insight. He is brilliant and not constrained by conventional thinking. 

In my humble opinion he does things for the right reasons, there is no need for him to ever blow his own horn.  To digress for just one second, my biggest fear is not of Cyber Command and the National Security Agency under one leader, it is who would follow him.  I know of only one leader with the savvy, the experience and the leadership capabilities to properly lead both, but he only has two stars.

I emphasize the leadership capability because in the past the Director of NSA was an intelligence officer but did not have Title 10 Authority.  General Alexander is a career intelligence officer but as Commander of the US Cyber Command he must have Title 10 Authority and does.

A bigger problem is the constant evolution of technology and terminology.  By the time a definition is properly staffed and is published, it is usually obsolete.  For instance, an attack might be 50 pings per second.  Next month it might be 500 pings in one second.  The following year it might be 5,000 pings…  and during this time period we still are discussing 50 pings per second.

Earlier this year I discussed this problem while at a conference in Toronto, Canada, with a number of seniors.  I floated an idea which was warmly received but I am not absolutely certain it is politically correct.

Okay, I know it’s not politically correct, but it sure is the right thing to do.  Let us all agree on a working definition. Let us write it in a Wiki type format and then allow the numbers to change with the cyber-environment. 

As technology changes we can insert the proper words.  As the environment changes we can insert new numbers or new thresholds.  I think it’s worth a shot.  Do you?

Cross-posted from To Inform is to Influence

Possibly Related Articles:
Policy Cyberwar Cyber Security Attacks National Security Cyber Warfare Definitions
Post Rating I Like this!
Michael Johnson Tricky. Is it achievable, though? Loads of people talk about 'the cloud', but it still has something of an ephemeral definition, and if you really wanted to stretch it, could even cover webmail and IRC.
Look at the way 'hacker' became synonymous with 'criminal', no matter how many times it's pointed out the two are entirely different things.

Even if we somehow managed it, we might still provide varying definitions of the same thing to different audiences, if just for the sake of simplicity.
Joel Harding Yes, doable, as in possible. BUT, what we have is leadership that is risk averse. Also known as lacking the cajones necessary to properly lead. I know few leaders, outside of General Alexander, who are not afraid to act decisively and aggressively. From experience I know that General Alexander acts in order to do what is right. I once giggled (to myself) when he indicated 'just do this and then we'll find a way to make it legal'. That was a very, very private conversation which I cherish to this day. 'nuff said, ain't saying any more.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked