ArchiveOODA CommunityOODA OriginalSecurity and Resiliency

November 2021 OODA Network Member Meeting: Cyber Regulatory Bodies, Metaverse Metrics and New Data Boundaries discussed

To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.

To encourage openness of discussion, these sessions take place with Chatham House rules, where participants are free to use the information in the meeting but are asked not to directly quote or identify other participants (we also keep privacy in mind when preparing summaries of these sessions, like the one that follows).

The November call began with the announcement of the availability of the Stratigame report on Monday, 11/22/21 (see below).  The membership was also encouraged to be on the lookout for revised dates for upcoming salons.

Topics for discussion on the November Monthly call were:

  • Deep Fakes and the Digital Ledger
  • Ford/GlobalFoundries Strategic Partnership
  • General Feedback on the OODA Loop Research Agenda
  • Space
    • Space Junk, Satellites, and Leo Labs
    • NASA Lunar Telescope
  • Life Sciences
    • Atrial Fibrillation Detection Watch
    • Satellite-Connected Telemetry Collection and Analysis
  • The Metaverse
    • The hype cycle surrounding the metaverse
    • Metaverse use case
    • Metaverse metrics
  • New Data Approaches
    • The framing and contextualization of data
    • Ideas for policymakers
    • Data boundaries – more creative use cases
    • Automation
  • Cryptocurrency and Blockchain
    • The Helium Network
  • Cybersecurity
    • Signal to Noise Ratio
    • IEEE P7000 Efforts
    • CVE 5.0 and New Standards Bodies
    • The Future of CISA and Regulatory Bodies
    • The Dearth of Cybersecurity Professionals
  • Final General Topics
    • Intermodal Supply Chain Disruption
    • Different Groups, Different Political Motives for Worker Shortage
    • The Global State of Drones (weaponized and otherwise)
    • Nonstate actor activities in the underground/dark economy (and how nation-states leverage this activity)

Scenario Planning for Global Computer Chip Supply Chain Disruption: Results of an OODA Stratigame

November Monthly Call – Discussion

Deep Fakes and the Digital Ledger:  At the top of the conversation, a member requested research on the topic of “use cases of NFTs, traceability, deep fakes, and the digital ledger structure to watch when somebody uses an image and edits an image in the place that it wasn’t intended.”

Ford/GlobalFoundries Strategic Partnership: A member mentioned the recent announcement by Ford and GlobalFoundries.  Those on the call were directed via chat to the recent OODA Loop analysis, including a brief history (with a useful market metrics graph) of GlobalFoundries and the “high risk/low rewards” crisis which caused the chip manufacturing outsourcing by the semiconductor industry in the first place: Ford Motor Company Commits to Chip Collaboration with GlobalFoundries, Including Expansion of Manufacturing.  The membership was directed to research which placed the GlobalFoundries partnership in Ford’s larger strategic maneuverings:

“This partnership is now part of a strong portfolio of ongoing, bold strategic moves by Ford, including ending production in India and taking a $2 billion hit in the process; setting up a new EV battery center in southeast Michigan; investing $11 billion with South Korea-based energy company SK Innovations in new electric vehicle manufacturing plants (which will be built in Kentucky and Tennessee and is the largest manufacturing investment ever by the company);  partnering with Argo AI to launch self-driving cars with Lyft by the end of the year (see above): and the “hotly anticipated battery-electric version of Ford’s bestselling vehicle,” the F-150 Lightning (available in 2022).”

Also:  Ford Motor Company Announces Pricing of $2.0 Billion Convertible Notes Offering | Ford Media Center

The following categories were introduced as the agenda for the call:  geopolitical, space, life sciences, the metaverse, new data and new data analytics, cybersecurity, and automation.

General Feedback on the OODA Loop Research Agenda

A member shared some feedback on the OODA Loop research agenda, mentioning that there are “plenty of think tanks, universities, individuals, that are looking at geopolitical issues. Where there are fewer is the geo-context of technology, the geostrategic impacts of exponential and modern technologies, and how the technologies impact all of the regional issues and the global issues.”

The member suggested moving the focus just a little bit, continuing to look at the important issues, but looking more at the geotechnical impacts of the technology.  The member offered an imaginative framing of what we should be looking for:  what if supercomputing and sensors make oceans transparent or at least translucent, what does that do to nuclear deterrence? And how likely is it that oceans will really become translucent?  Or, If 3-D Printing becomes ubiquitous and creates foodstuffs  – what will that do to global hunger and geopolitical instabilities, resource limitations, costs?

Space

Leo Labs:  A global, ground-based radar to track space junk business model was discussed.

A member highlighted the work of Leo Labs:  LeoLabs | The Mapping Platform for Space – especially considering the recent Russian anti-satellite [ASAT] test which broke up their Cosmos 1408 satellite, resulting in “an in orbit, debris-generating event that now has the International Space Station at risk”.

In April 2020, A U.S Space Command press release also reported that a satellite “behaved similarly to previous Russian satellites that exhibited characteristics of a space weapon, conducted maneuvers near a U.S. Government satellite that would be interpreted as irresponsible and potentially threatening in any other domain. ” A subsequent follow-up statement in December 2020 described the event as having actually “demonstrated an on-orbit kinetic [ASAT] weapon.”  After the monthly meeting, a member provided the following images from Leo Labs:

Orbit path of Cosmos 1408 satellite prior to breakup – Courtesy of Leo Labs

 

International Space Station and Cosmo 1408 orbital debris – Courtesy of Leo Labs

NASA Lunar Telescope:  Based on direct experience with the project, a member shared that “NASA is planning to build a telescope on the moon on a very specific crater bed that has the best view of the earth. Unfortunately, it is the crater everybody wants.  After NASA announced their plan, China announced that they would get to the crater first and take it. So this is a brand new legal area: by international treaty, nobody owns the moon. But what if a nation-state ‘squats’ on that crater?”

Life Sciences

Atrial Fibrillation Detection Watch:  a new product to compete with the Apple Watch was discussed, and the regulatory requirements in various countries for product approval.  Regulation in the biotech industry is a concern. New product approval will be tough based on how varied the regulatory requirements are in each country. The regulatory environment in the drone market was discussed and how it ironed itself out over time.  The “Quantified Self”, personal data and the sheer amount of data, and the various ways that data can be compromised were also discussed.  New approaches to data and cybersecurity will be needed to address the demands of this market.

Satellite-Connected Telemetry Collection and Analysis:  Telemetry will be collected and analyzed. New fact patterns and their business implications are unclear in this space: geography, citizen concepts of geography, citizenship, legal entities, medical, data types. How did these concepts impact the hardware creation question? Are they managed through licensing as parts of the app?  If they are satellite-connected, a member suggested that “the satellite thing wrecks a lot of the traditional geopolitical regulatory regimes, unless you do it through satellite/spectrum regulation.”

The Metaverse

The hype cycle surrounding the metaverse: Cloud computing, big data, and mobility also had tiresome, overexposed hype cycles in the run-up to their market reality and success.  Nvidia is using the term “omniverse” as branding for the promise of an online, networked immersive, graphics-rich interactive environment.   Retailers are using the term hyper-verse – connecting the retail space with the virtual.  A member shared a recent experience survey his company performed asking the question:  Should they put resources into this or not?  And if so, how much?  It is an important business decision. The member used the following methodology to assess the current hype cycle surrounding the metaverse:  company data sources, visualization capabilities, and search capability to do an analysis of the number of citations in journals, the number of patents being filed, the number of references to topics like metaverse and the correlation between the metaverse and other key terms like digital twins.  The member concluded that the metaverse ‘space’ was worth watching.

Metaverse use case:   They call it Delta Tissue, and the idea is the creation of a digital twin of human tissue to accelerate clinical trials.

Metaverse metrics:  A member offered some market quant on the metaverse:  “In all of 2020, in all of the corporate earning calls,  there were seven mentions of the metaverse.  So far in 2021, there have been 127. That is the growth curve to date.  Facebook is hiring 10,000 people in Europe to work on the metaverse.”  The member also reminded everyone on the call to not forget the role adult content and the dark economy played in the early commercialization of broad internet innovations.  The use cases will be surprising and hard to predict. The USG was also a laggard in its realization of the impact of certain innovations and this member expects them not to understand the metaverse until it is broadly deployed and the market is proven and democratized.  The $22 billion Integrated Visual Augmentation System (IVAS) contract between the U.S. Army and Microsoft was also discussed.

New Data Approaches

The framing and contextualization of data:  A member explained “when data is collected and for a specific purpose – you create a database or an instance of something called a data lake – When data moves out of that construct and is included with other data or put into another process that may be outside of the control boundary or the design boundary, often there’s no context that goes with that data. I would love to talk more about contextualizing data, not necessarily data self-protecting, but some provenance and contextualization when it crosses control boundaries or crosses purpose or crossing design boundaries.”

Ideas for policymakers:  People are struggling with the metaverse or the so what? around big data – whatever it is –  putting that into plain English or providing some examples or explaining why what is being described is important – in as straightforward a manner as possible. That would help the understanding of what is going on and its implications.

Data boundaries – more creative use cases:  Many people trust their data to a steward, ie., here are 10 bits of data because I want a credit card. There is no piece of paper or a contract for reinforcement of that data transaction. That data can be used in the way that no one expects it to be used.  There are more use cases on this topic we need to explore.

Automation:  Smart construction and smart buildings technologies were discussed.  Are the technologies (sensors, new glass innovations, other material science innovations) used in this market technically automation or data acquisition? Robotics and data was also mentioned briefly as an area for further research.

Cryptocurrency and Blockchain

The Helium Network:  An economic model for a network build-out, which is at the intersection of automation and cryptocurrency, is the Helium Network.

Cybersecurity

Signal to Noise Ratio:  A member pointed out that, like geopolitical coverage, cybersecurity is a very crowded space. What is the OODA Loop niche?  what is the angle to differentiate from all the noise? What are you going to say that is truly different and interesting?

The conversation went on to identify three approaches OODA Loop is using (and will continue to use) to differentiate its research and coverage of the market:

  1. Focusing on organizations and markets that are starting to build on the saturated “high level” conversation (i.e. The Six Pillars of the  Cyberspace Solarium Commission – 2021 Annual Report on Implementation or our recent NATO/ DoD Ethical AI Principles analysis) by surfacing more reports, research, and design models which are specifically concerned with the next phase of ‘standing up’ operations.  The recent OODA Loop “Cyber NTSB” analysis was also shared with the group in the chat, which relates to the DHS/CISA effort to launch a Cybersecurity Safety Review Board (CSRB).   We are looking for regulatory frameworks and innovative business models, which are getting traction and standardizing within government agencies and the private sector.
  2. One member noted:  “From a business perspective, we are looking for those types of efforts [described above] to stabilize, receive validation from the market and standardize – so that we can start building and get into more of an implementation and operations mindset.  The challenge for OODA Loop is finding the definitive research that validates high-level principles, frameworks, new architectures, business models, and modes of value creation in the cybersecurity marketplace, i.e. finding the core 6-7 research items amongst the millions out there, providing context (frameworks) and market validation, then moving on to the more pressing organizational and regulatory design and implementation issues.”
  3. OODA is still delivering to current customers and brings a practitioner’s perspective to the table.

IEEE P7000 Efforts:  Regarding approach #1 above, a member shared the IEEE 7000™ Projects | IEEE Ethics In Action in A/IS – IEEE SA approach, specifically the project area with which he has specific experience:  P7014 – Standard for Ethical considerations in Emulated Empathy in Autonomous and Intelligent Systems (ieee.org)   Other P7000 topics of interest:  IEEE P7002 – IEEE Draft Standard for Data Privacy Process; P7011 – Standard for the Process of Identifying and Rating the Trustworthiness of News Sources (ieee.org); and P7012 – Standard for Machine Readable Personal Privacy Terms (ieee.org)

The member went on to praise the IEEE for “trying to get ahead of what is going to be a couple of decades of thorny ethical challenges in building some of these things.  It is a different flavor of work for the IEEE. They are not telling you what to think, but they are telling you how to think about it.”  The following IEEE resource was also discussed:  Ethically Aligned Designs for Business.

CVE 5.0 and New Standards Bodies:  Another member was very specific in his request for a follow-up area of research and voiced frustration for his organization at the cybersecurity market:  “One of the things that I have trouble tracking is the different standards bodies and getting to the “So What?” components.  For example, CVE 5.0 is coming out.  That is going to really enable a lot more things for our capability, but there are lots of those types of things happening. And there are different bodies being created with a very robust agenda like [CISA Director] Easterly and the team [at CISA].  So the research question is, with these new changes and new potential standards bodies:  Are they working?  Are they starting to deliver things to the market?  If so, what is the “So What?” for vendors and users of products that we may need to think about?”

The Future of CISA and Regulatory Bodies:  Another member moved the discussion to the role of CISA:  “It has been an open question:  will CISA be used as a regulatory body? If you listen to [CISA Director] Easterly, I would say no.  What is going to be the regulatory body when it comes to the government (if the government is a laggard behind commercial)?    How are they going to do enforcement and put out the regulations to the commercial sector?  And how will they do updates and what/how they report? I’m very curious to have people weigh in.”

The Dearth of Cybersecurity Professionals:   Workforce development issues in cybersecurity were discussed in the context of the broader labor shortage issues in the economy. While the Fortune 500 can afford to find, hire, and provide professional development opportunities to CISO-level candidates, what about the cybersecurity needs of the 18M small businesses in the U.S.?

Final General Topics Discussed

Intermodal Supply Chain Disruption:  Why is the Naval Air Station Alameda not being used for surplus containers at the Port of LA/Long Beach?  What are the direct disincentives for people to enter the job market right now?  Based on recent reports, there is just not enough infrastructure to actually put containers on chassis’ and get them where they need to go.  The point was made that the longshoreman union and the private sector control the supply chain and that the mainstream media will forget and then remember – and then forget again – that the USG has very few levers to alleviate the supply chain issues for the next few months.

Different Groups, Different Political Motives for Worker Shortage:  A member pointed out that these issues are not all about ‘one container’ – and that there are a variety of different forces that are contributing factors to the environment in which we are operating right now:  “We should have a broader view when we talk about the supply chain. It’ is not about a container. It is about the people throughout the whole system who are upset right now.”

The Global State of Drones (weaponized and otherwise) and non-state actor activities in the underground/dark economy (and how nation-states leverage this activity) were also discussed.  Be on the lookout for follow-up research and posts on this topic.

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for business and governments

From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.