ArchiveOODA OriginalSecurity and Resiliency

Cybersecurity Sensemaking: USG Initiatives and Updates

The Cybersecurity Sensemaking page was recently updated with the USG Cybersecurity Initiatives and Updates page. We need to make sense of and look at the patterns  found between interagency cybersecurity initiatives, cybersecurity organizations, and private sector partnerships (specifically the technology sector) throughout the USG. In the pilot stages of this research, we will first try to address the facile complaint about the USG (usually offered by non-subject matter experts retroactively only after a crisis emerges): “The USG left-hand does not know what the USG right hand is doing.”  To start, a compilation of current government agency and private sector partnership activity in the domain will ground our research.  

We will then generate an analysis of business issues and strategic insights based on the following thematic research areas which emerged from our recent OODA Loop August 2021 monthly meeting (OODA Loop – August 2021 OODA Loop Monthly Meeting Generates Actionable Insights Into A Chaotic World) – namely: 

Cybersecurity: Pessimism is easy. What are we going to do about it? 

According to the DHS, 85% of the critical infrastructure in the U.S. is owned by the private sector and regulated by the public sector. Operating and protecting critical infrastructure will require not only technological innovation in cybersecurity – but innovation in the business models generated by and formal structure of the working relationship between public and private entities.  

Recently appointed intel leaders such as Chris Inglis, Inaugural National Cyber Director, Jen Easterly, CISA Director, and Ann Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology show great promise. Former CISA Director Chris Krebs, based on his private sector experience, left a high bar for current Director Easterly, especially in innovative approaches to public/private collaboration.  

But the fact remains:  past public/private partnership attempts by the USG in a variety of domains have often been met by frustration and disillusionment. That leaves OODA Loop with a core research question:   Is cyber and will cyber be any different? What are the private sector and government incentives structures?  How do they differ?  How are they the same?  How can they and how should they be strategically aligned?  A key focus of our analysis will be solutions-based opportunities for the private sector and the potential role the OODA Loop network could play through the collective intelligence and institutional knowledge of the membership.  

WWII, Manhattan Project, and Marshal Plan-style mobilizations to multiple existential threats
 

Cybersecurity.  Cyberwar.  Climate Change.  Future Pandemics. Exponential Technologies (like AI and Quantum computing). We have multiple existential threats running parallel to each other, on top of a fragile, polarized democracy, the growth of fascist leaders worldwide, the recent fall of Kabul, and the emergence of great power competition with China and Russia.  

Without fail, when discussing these current challenges and threats, the U.S. history of mobilizing in World War II is mentioned as the model of public/private effort. It was not only successful and impressive, but it also scaled and met the challenge. Rosie the Riveter is etched into our collective historical memory. We were at one time historically, the experts on mobilization. However, many government agencies did not exist during WWII.  

Our research questions include:  What were the legal environment, the moral environment, and/or the difference in intergovernmental management structure during WWII and the post-WWII mobilization relative to today? What does that mean as it relates to the cybersecurity mobilization at the scale required in the years ahead?  Does centralized USG-level operational scale even matter in an age of networks, network platforms, and network effects? What structural problems can OODA Loop illuminate and intervene upon based on this historical framing as a tool for analysis of current USG cybersecurity activities?  What and where, if any, are the interagency opportunities to the threats at hand? Where are opportunities being missed and risk enhanced, not mitigated, by sclerotic legacy thinking and malignant, political, silo-based organizational behavior?  

Broad Challenges Across Multiple Threats
 

An OODA Loop network member recently offered on the fall of Kabul: “Information as the center of gravity in the adversary campaign was not properly taken into consideration. And it was that information component that led to the breaking of the backbone of the defensive forces.” Which positions the following area for exploration:  Is cybersecurity clearly the strategic vector on which public/private collaboration is most vital? Larger issues facing the global information ecosystem impact all threat environments and create challenges across a variety of domains, including cybersecurity.  Issues such as cyber information warfare, strategic communications, influence warfare, disinformation, preparedness, farsightedness (foresight), escalation, climate resiliency, stability, risk calculation, messaging, and signaling. How much, if at all, do formal USG cybersecurity efforts design intersections, quantifiable benchmarks, and outcomes for these broad structural, operational, and communications challenges – all of which cut across the multiple strategic, existential, exponential threats faced by the U.S. government?  

OODA Loop Research and Analysis

Research, analysis, and insights will be published as standalone posts in the weeks and months ahead and will be cross-referenced on the USG Cybersecurity Initiatives and Updates page as well.  

Please feel free to collaborate with us as we embark on this research effort. For now, we have provided initial links to secondary and primary research documents for your perusal. Please free to send us any links or resources you feel offer insights into the modus operandi of a government agency with which you have experience, business literature articles, or links that offer profiles of or insights into companies or organizations which are doing things differently in their collaboration with the public sector – or your general thoughts, feedback, and comments on this area of research:  dtp@ooda.com 

 USG Cybersecurity Initiatives and Updates | OODA Loop      

Permalink: https://www.oodaloop.com/usg-cybersecurity-initiatives-and-updates/   

Cybersecurity Sensemaking | OODA Loop

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real-world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along its journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this megatrend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for business and governments

From the very beginning of the pandemic, we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.