«Workshop held 9-10 January 2008 in Arlington, VA Prepared for US Strategic Command Global Innovation and Strategy Center (USSTRATCOM/GISC) Prepared ...»
Decision Making: This sub-category of psychology is particularly important when considering the cyber domain, and includes risk sensitivity, emotion, cognitive style, decision modes (typology), and neuroscience. Its influences range from neurological functioning to more social influences (emotional attachment to symbols). As we noted earlier, the immense amount of information available in the cyber world requires filtering; the manner in which people attend to messages in the cyber world and the ways they process those messages will require attention if appropriate models of how a motivated and capable actor decides to act.
Also included in the model above is a broad category called Language. Symbolic communication is fundamental to nearly every aspect of human life and permeates all elements of the typology. Language includes not only traditional linguistic concepts such as knowledge of particular language/dialect used, grammar, lexicon, and phonetics, but also the socially appropriate use of language/dialect(s) in different social contexts.
Deterring VNSA in CyberspaceChapter Summary
This chapter seeks to lay the social and top-level technical considerations for life in the global, interconnected world. The three sub-chapters that follow this one (Barnett, Axtell and Steinberg) represent divergent but no less reasonable perspectives on the potential successes of the US government in dealing with VNSA use of cyberspace, as well as a likely technological future viewpoint. Barnett advises that the US work hard to foster the development of the Internet for all, be resilient in the face of attacks and not try to own the problem cautioning that it may take a non-state actor to deal with a non-state actor. In support of this final point, workshop panelist John Robb cautioned that, “deterrence within the small group context is best accomplished by working like a participant in the system and not an owner.” (Robb, 2008) Axtell describes the co-evolutionary effects that seem to be taking place among all of the players in the Age of Cyberspace, also cautioning against the US taking too much ownership and thus control of the potential solution space.
It should also be clear that a meaningful typology to help the US and its allies understand the complex environment is more critically needed than ever thought possible when the Strategic Deterrence SMA began almost a year ago. The broad typology under development is an attempt to expand approaches to understanding and deterring VNSA. The thoughts captured in this chapter and sub-chapters, as well as succeeding chapters all seem to point to the need to understand Deterrence 2.0 as having only a few parallels to Cold War deterrence. The parallels (and convergences) that do exist, however, seem to show that when it is possible to find something of the adversary’s to place at risk, old fashioned deterrence might still work (if that’s the way the US wishes to play the game in the Information Age).
Deterring VNSA in Cyberspace
2.A Deterrence in the 21st Century by Thomas P. M. Barnett, Enterra Solutions The definition of deterrence in the 21st century I like to leave Cold War analogies back in the 20th century, because they all tend to speak toward the preservation of the international status quo instead of managing a dynamic process such as we face today with globalization. Our problem with globalization isn’t that it’s geographically stuck and needs defending, but rather that it’s spreading at a rate that we can’t easily manage in terms of handling all of the new threats suddenly inside the “tent” that—until recently—included a mere one-tenth or so of the global population—namely, the West.
Because threats can come from all angles in a service-oriented architecture (SOA) world, and because our definitions of crisis/war today are much “lower” than in previous ages (e.g., anything with a loss of life, anything that triggers business or network discontinuity, anything with significant environmental impact, anything with significant property loss), trying to define universes of non-state actors with nefarious ambitions becomes a hugely ambitious affair.
Likewise, limiting your perspective to just non-state actors with violent intentions misses too much of these actors’ ambitions to steer the course of human events by creating unacceptably high returns on investment (i.e., their attempted or successful one-time action triggering an exponentially more expensive lasting response from us).
Or as I like to joke, be grateful Richard Reid didn’t shove that bomb up his rear-end instead of just sticking it in his shoe....
Because of the rising complexity of SOA-enabled global business platforms that bind our economy with those of states featuring less robust legal and security rule sets, we are necessarily made more vulnerable to the nefarious ambitions of violent non-state actors. However, as a practical reality, those ambitions, to the rather limited extent they are realized on a daily basis, rarely rise above the “white noise” of snafus and discontinuities created unintentionally or intentionally by nonviolent non-state actors throughout these ever-expanding global networks (a.k.a., “stupid” people operating what David Isenberg calls “stupid networks”).
As such, to the extent that violent non-state actors succeed in their efforts, they provide a clarifying function that focuses public and private sector attention to existing vulnerabilities.
However, if we unreasonably elevate the importance of such violent non-state actors, we’re likely to damage our own capacity for day-to-day resilience rather than expand it—the iatrogenic effect.
My definition of deterrence in the 21st century has little to do with moving as far to the left of “boom” as possible. As globalization reformats traditional societies, the root causes of violent non-state actors will be exacerbated in the short and medium run but ultimately mitigated over the long haul by the extension of rule sets accompanying those expanding networks. Confusing friction (the social anger caused by the reformatting process) with the force (globalization’s Deterring VNSA in Cyberspace penetration of traditional societies) is deeply unhelpful, because conflating the two dynamics muddies causality: the more successful globalization is, the sharper the local resistance to its advance.
As such, I believe it is necessary to accept the notion that the threats from violent and nonviolent non-state actors (both intentional and unintentional) will rise in coming years, and rather than attempt to go significantly “left of boom” to deal with root causes (a task better left to friendly non-state actors), I think the national security community should focus on protecting its own networks and working hand-in-glove with the private sector to do the same, with its definition of deterrence being, Anything you (the enemy) can throw at me, I can counter faster and better.
In short, rather than threatening reciprocal and proportional punishment (amazingly hard to achieve), it’s better to dramatically reduce the attacking actor’s perceived benefits—to wit, proving them illusory and meaningless. So as much as the media derides President Bush’s “shopping mall” strategy, living well is the best revenge and the best deterrent display.
I argue, as does my company (Enterra Solutions), that the dynamic management of rule sets (e.g., compliance, security, performance metrics, systems integration) is the best path forward for creating resiliency in the face of an unlimited pool of potential threats, not going upstream to deal with motivations per se, a job better left to friendly non-state actors in the private sector.
Recognizing the national security community’s biases on this subject There are a number of unfortunately pervasive biases inside the national security community that fuel unrealistic ambition for “left of boom” solutions to violent non-state actors.
First, there is the assumption that new technologies are persistently transcendent: wiping out the previous paradigm and “changing everything.” Americans love to make a fetish out of technology, especially within our military. Instead of seeing them as tools and recognizing we’ve gone through similar mechanism breakthroughs in the past (e.g., it’s still called “wire fraud,” so phishing isn’t exactly new), we tend to be the ones who ascribe almost magical capacities to new technologies, whereas it’s our less advanced brethren around the planet who more readily focus in on the most practical applications--despite our usual condescension on the subject.
Second, there is the totally unsupported assumption that all new technologies favor our enemies overwhelmingly in comparison to ourselves, leaving them to serve as the fountainhead of real innovation while we’re allegedly always in a defensive, reactive crouch (I know, it sounds almost too stupid to write).
While it is true that criminals and other informal economy types tend to exploit new communications technologies faster than business or the general population (i.e., the first anything usually involves pornography), there is no lasting or pervasive advantage that accrues to nefarious non-state actors over time, as history demonstrates decade after decade. The “Wild West” only stays wild for so long.
Deterring VNSA in Cyberspace Third, all new technology creates “chaos” and thus is uncontrollable, in turn establishing the long-term permanent advantage of nefarious non-state actors, who—again--become the main source of innovation within these domains over time (the super-populated world of Dr. Evils).
In obvious contrast to this notion is a fourth bias that says all new technologies favor those seeking systematic control over others—the Orwellian perspective. Oddly enough, it’s the merging of these two diametrically-opposed ideas within the national security community that fuels the most ambition to go as far “left of boom” as possible: if we don’t control the non-state actors as soon as possible, all will be reduced to complete chaos, or—worse—the terrorists will soon be controlling our brains with the same evil technologies.
The reality, of course, is that each new wave of technological advance creates more freedom for individuals, not less, and more systematic capacity for self-governance and resilience, not less.
Still, these worst-case biases within the national security community are quite pervasive, speaking to that cohort’s innate tendency to focus on dangers instead of opportunities.
Thank God for the private sector.
Finally, there is the sad tendency among Americans to view all global history and global grievances as stemming from past and present American action (“We alone created this monster that never would have arisen without our complicity!”). We believe we run the world and cause all relevant world history. We believe Washington runs America and the Defense Department is the only truly capable change agent inside the USG, ergo, the Defense Department can be used to change the world, using the Trojan horse of “interagency.” If that sounds like the neocon worldview that served us so badly in postwar Iraq, then you’re paying attention.
Again, the argument I offer through Enterra Solutions is that the national security community should view the spread of networks through globalization’s advance as an opportunity--not a danger. The more our networks extend, the greater the transparency for our intelligence community, the more the private sector becomes the pervasive and less resisted agent of rule-set enforcement, and the more resilient communities can become—both in the advanced and lessadvanced portions of the global economy.
Competition is nothing. Co-optation and co-evolution are everything. In the private sector IT industry, everyone is simultaneously a client, a distributor, a supplier, a competitor, and an ally.
The need to view the current phase of globalization as a period of frontier integration Understanding that we’re in a period of vast frontier integration ensures that we’ll pursue more suitable responses to violent non-state actors and to non-state actors in general.
The relatively rapid extension of globalization from its narrow, Western-based roots (North America, Western Europe, industrialized Asia) to its current, near-global embrace is the most important historical fact of our age. Jump back to the early 1980s and you’ll find a mere tenth of the human population connected deeply by markets and security regimes that had moved past zero-sum definitions of defense. But race ahead to 2008, only a quarter-century later, and we Deterring VNSA in Cyberspace now face a global economy that deeply connects as much as three-quarters of the global population.
Depending on how you count, this is roughly a five to ten-fold increase in the absolute number of people reasonably considered to be relatively deeply embedded in the globalization process, with all the mass violence in the system being ghettoized—to no one’s surprise—in those regions of the world that are poorly or only thinly connected (such as through the export of commodities alone) to the global economy—or what I call the “Non-integrating Gap” that extends from the Caribbean Rim of Latin America through much of Africa to southwest, central and southeast Asia.
The challenge we face now is how to rapidly extend the West’s long-established security rule sets across this far more expansive geographic swath of the world—i.e., the emerging markets of Asia and Latin America and the former Soviet Union.
A good historical comparison here is the challenge faced by the United States in the period immediately preceding and following the Civil War. Having watched it’s territory roughly quadruple in the first half of the 19th century, America was forced to engage in massive frontier integration and infrastructural build-out. Not surprisingly, this was a seemingly chaotic affair dominated by all sorts of “uncontrollable” non-state actors, both good and bad.