Houthi Red Sea Attacks and the Impact on the Global Order
SUBSCRIBER+EXCLUSIVE INTERVIEW – For months, Yemen’s Houthis have been launching repeated missile and drone attacks againstcommercial and military ships in the southern Red Sea and […] More
“Hey Thorne. Don’t get caught, my wife likes it here.” That was the Deputy Chief of Station’s regular advice to all case officers prior to their agent meetings. The message was clear: identify threats to the operation, mitigate those risks, and fully understand the consequences for failure – arrest, detention, interrogation for the case officer and certain imprisonment; possible torture or death – for the source.
The removal of the DCOS and his wife following an operational failure by his subordinate was more than an inconvenience. It reduced the collection capabilities of the station and increased reputational risk for the larger organization. Few people, (informants and sources in espionage parlance and customers in the business vernacular), are likely to collaborate with an organization that cannot protect their most sensitive information. The components of classical espionage – obtaining privileged information, overcoming multiple levels of security, and protecting the source of the information – have useful lessons that extend to the rest of government, industry, and more specifically, the realm of cybersecurity. Cybersecurity and espionage share fundamental and unique characteristics – the protection of valuable information, identifying risks, communicating those risks to stake holders, and mitigating the risks to accomplish the mission.
Risk is an elastic term that takes on different meanings to different constituencies; military, intelligence, law enforcement, and business professionals each have their own risk vernacular. Even within the intelligence community, risk takes on different shades and hues: from the case officer who relies on humans for plans and intentions, the technical officer who places his or her confidence in the rigor and formulas of scientific systems, to the analyst who values all collection – but none too much. Risk criteria and risk parlance change within the IC based on what can be lost – human lives, complex and expensive systems, or the trust of policymakers.
The wars in Afghanistan, Iraq, and unnamed conflict zones has brought together professionals with diverse expertise in military operations, intelligence, and law enforcement towards a common goal. The participation in joint operations and combined task forces around the world has forged a common language through common experience. That same level of collaboration and cooperation found in the war zones can be applied to challenges of cybersecurity. Borrowing terminology from high threat occupations can establish a common lexicon of risk that is applicable to the private and public sector in this ever-evolving area of operation.
The world of human intelligence operations has a rich vocabulary of operational tradecraft – terms that describe the methods and techniques used to mitigate risk. Some of these terms have a cyber security corollary and provide a point of reflection for the daunting and complex task of information security in the cyber era. Here are a few to consider:
Collect: Survey your risk factors and know your risk status.
Consequences: What are the consequences of failure?
Mitigation: What actions can be taken to reduce risk?
Continuity: In the event of compromise, how do I continue the mission?
Communications: Do my team members, up and down the chain of command, understand the risks?
Cybersecurity is fluid and dynamic – the lexicon to explain it needs to adapt as well.
Related Articles
SUBSCRIBER+EXCLUSIVE INTERVIEW – For months, Yemen’s Houthis have been launching repeated missile and drone attacks againstcommercial and military ships in the southern Red Sea and […] More
SUBSCRIBER+ EXCLUSIVE — When U.S. and British officials filed charges of cyberespionage and imposed sanctions against China Monday, for a campaign which they said had […] More
OPINION / EXPERT PERSPECTIVE — On the night of March 22, four masked individuals armed with automatic weapons entered the Crocus City Hall in the […] More
SUBSCRIBER+ EXCLUSIVE INTERVIEW — While wars rage in Ukraine and Gaza, the past week has seen a spike in tensions over a global conflict that […] More
SUBSCRIBER+ EXCLUSIVE ANALYSIS — Along with expressions of sympathy for the victims and pledges to bring the perpetrators to justice, Russia’s response to Friday’s deadly […] More
OPINION / EXPERT PERSPECTIVE – The death toll from last week’s terrorist attack inside a concert hall in a suburban Moscow neighborhood is now at […] More
Search