Israel Strikes Iran
BOTTOM LINE UP FRONT – Less than one week after Iran’s attack against Israel, Israel struck Iran early on Friday, hitting a military air base […] More
“Hey Thorne. Don’t get caught, my wife likes it here.” That was the Deputy Chief of Station’s regular advice to all case officers prior to their agent meetings. The message was clear: identify threats to the operation, mitigate those risks, and fully understand the consequences for failure – arrest, detention, interrogation for the case officer and certain imprisonment; possible torture or death – for the source.
The removal of the DCOS and his wife following an operational failure by his subordinate was more than an inconvenience. It reduced the collection capabilities of the station and increased reputational risk for the larger organization. Few people, (informants and sources in espionage parlance and customers in the business vernacular), are likely to collaborate with an organization that cannot protect their most sensitive information. The components of classical espionage – obtaining privileged information, overcoming multiple levels of security, and protecting the source of the information – have useful lessons that extend to the rest of government, industry, and more specifically, the realm of cybersecurity. Cybersecurity and espionage share fundamental and unique characteristics – the protection of valuable information, identifying risks, communicating those risks to stake holders, and mitigating the risks to accomplish the mission.
Risk is an elastic term that takes on different meanings to different constituencies; military, intelligence, law enforcement, and business professionals each have their own risk vernacular. Even within the intelligence community, risk takes on different shades and hues: from the case officer who relies on humans for plans and intentions, the technical officer who places his or her confidence in the rigor and formulas of scientific systems, to the analyst who values all collection – but none too much. Risk criteria and risk parlance change within the IC based on what can be lost – human lives, complex and expensive systems, or the trust of policymakers.
The wars in Afghanistan, Iraq, and unnamed conflict zones has brought together professionals with diverse expertise in military operations, intelligence, and law enforcement towards a common goal. The participation in joint operations and combined task forces around the world has forged a common language through common experience. That same level of collaboration and cooperation found in the war zones can be applied to challenges of cybersecurity. Borrowing terminology from high threat occupations can establish a common lexicon of risk that is applicable to the private and public sector in this ever-evolving area of operation.
The world of human intelligence operations has a rich vocabulary of operational tradecraft – terms that describe the methods and techniques used to mitigate risk. Some of these terms have a cyber security corollary and provide a point of reflection for the daunting and complex task of information security in the cyber era. Here are a few to consider:
Collect: Survey your risk factors and know your risk status.
Consequences: What are the consequences of failure?
Mitigation: What actions can be taken to reduce risk?
Continuity: In the event of compromise, how do I continue the mission?
Communications: Do my team members, up and down the chain of command, understand the risks?
Cybersecurity is fluid and dynamic – the lexicon to explain it needs to adapt as well.
Related Articles
BOTTOM LINE UP FRONT – Less than one week after Iran’s attack against Israel, Israel struck Iran early on Friday, hitting a military air base […] More
SUBSCRIBER+EXCLUSIVE INTERVIEW — While Ukraine deals with shortages of troops, munitions, and equipment for its air defenses, some Ukrainians are teaming up with foreign investors […] More
SUBSCRIBER+EXCLUSIVE INTERVIEW — With a mere 1.2 million citizens, Estonia is among NATO’s smallest members, but its contributions to Ukraine have led the pack by […] More
SUBSCRIBER+EXCLUSIVE BRIEFING — Drone weapons are part of the daily narrative of the war in Ukraine – from Russia’s use of Iranian drones against infrastructure […] More
SUBSCRIBER+ EXCLUSIVE ANALYSIS — Iran’s retaliatory strikes against Israel this weekend were both a potentially game-changing, historic first — and an underwhelming response. Historic, because […] More
SUBSCRIBER+EXCLUSIVE INTERVIEW — Ukraine was hit by a fresh round of Russian missile attacks on Thursday, strikes that targeted and damaged the country’s power grid […] More
Search