ArchiveCyberDisruptive TechnologyOODA Original

Software Ate The World: Now it is both a corporate and national security threat

In 2011 Marc Andreessen published an essay in the Wall Street Journal titled “Why Software Is Eating the World.” The words in the title brought into focus trends we had all seen, and did so in a very succinct way. The article captured the fact that broad technological shifts were underway where software companies were poised to take over large swaths of the economy.

With every sector of the economy, every element of critical infrastructure and every component of government now dependent on IT and software, clearly software has eaten the world.

But another trend developed and accelerated right along with this one.  New adversarial dynamics are underway, and these dynamics should inform decision making for leaders in any business in an open society. This post provides an overview of some adversary actions, insights into how adversary actions will increase risk to corporate America, and recommendations for actions all of us should consider in response.

Use of Software In Closed Societies

Leaders in closed societies use software to improve their ability to maintain control by monitoring and surveilling people. Software is also used to restrict access to information and/or manipulate perceptions. Some nations, like China, have built infrastructure they consider critical just to promulgate propaganda (for example, the Publicity Department of the Communist Party of China). Most all other closed societies also use software to ensure communications can be censored and also retained for further exploitation against people the state will want to target.

Adversaries have also continued trends of cyber espionage and attack. What started with a few isolated incidents in the 1990’s have grown to a constant series of unauthorized intrusions into companies, governments, non-profits and critical infrastructure. All indications are that closed nation’s will continue to seek ways to steal intellectual property and position themselves to conduct strategic attacks via commercial infrastructure.

Closed societies have also seen the power of using software to automate operations against elections. The examples which are front of mind are election interference through social media accounts, including automating the creation of millions of accounts then automating how those accounts spread messages. Closed societies have also used new software enabled tools to target citizens of open nations for recruitment and influence.

New Issues For Corporate America

The use of software by closed societies has become a national security issue. It is also a topic of concern for business leaders. If criminals supported by a nation, or the nation itself, is stealing intellectual property that cuts into future revenue and can even threaten the existence of a company. If an adversarial nation is using corporate resources as part of an attack that puts the business at risk and also degrades the ability of the company to use its own IT. Additionally, if businesses are attacked by adversary social media campaigns that can damage brand and hurt the business as well.

What Executives Should Do About New Software Enabled Threats

For the last decade, cybersecurity professionals have established methods, models and frameworks that capture best practices for raising corporate defenses. Companies that leverage best practices can mitigate many threats of breach and can prepare to respond once the inevitable surprise happens. Best practices are still important and all executives should understand that appropriate attention has to be applied to defense of your infrastructure.

But in the age of well resourced automated attacks and full spectrum information warfare, defense is not enough. Leaders need to be more proactive than ever.

Our recommendations:

  • Understand the new vulnerabilities to corporate missions and functions, including software enabled vulnerabilities to your supply chain. Proactively seek out ways to mitigate these vulnerabilities. Overwhelmed with the problem? Consider a red team or table top exercise.
  • Collaborate to meet advanced threats. No one firm can do it alone. This includes proactively building relationships with law enforcement and federal organizations who can help take action against adversary nations when required. It also means working closer than ever with partners and even competitors to mount more collective defense.
  • Educate the workforce on the nature of the new threats. All employees need to understand they have a role to play in defending the company, and all should also understand their home IT systems should be made more resilient to attack. There are things they can do to make it harder for adversaries to use home IT to attack the workforce.
  • Consider how you engage with elected officials at local, state and federal levels. This is a societal problem that will require collective action. To the degree you can inform that collective action with your expertise that action will be more effective.

We will continue our reporting on this serious strategic issue in a coming post titled: Software Has Become A National Security Vulnerability

Software Has Become A National Security Vulnerability


Become A Member

OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.

You can chose to be an OODA Loop Subscriber or an OODA Network Member. Subscribers get access to all site content, while Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.


Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency


The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community

Bob Gourley

Bob Gourley

Bob Gourley is the co-founder and Chief Technology Officer (CTO) of OODA LLC, the technology research and advisory firm with a focus on artificial intelligence and cybersecurity which publishes Bob is the co-host of the popular podcast The OODAcast. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.