Beware the Double Cyber Gap

I’ve somehow been invited onto yet another star-studded panel in Washington DC – on October 11 at the 2016 AFCEA DC Cybersecurity Summit. I don’t recommend many cyber conferences or events, as they’ve become overly frequent and unfocused. This one’s different, and brings together acknowledged senior experts from multiple federal agencies, including the Department of Homeland Security, Department of Defense, intelligence community and others from industry. If cyber’s your game you should be there, the line-up of speakers is truly impressive.

(It’s too late to register online, but on-site registration is available for the first day at the venue, DC’s Grand Hyatt on H Street downtown. The second day, which is classified sessions at TS/SCI at a separate location, is already sold out, but Day 1 still has a few seats left.)

I realize, though, that most of my readers will not be in attendance, so I thought I’d share a few highlights which I expect from my own panel, titled “Partnering with Industry for Innovation – DIUx” and focusing on DoD’s new Defense Innovation Unit Experimental (now in Version 2.0!) and its partnerships in government and the private sector.

Our session participants:

  • Moderator: Francis Rose, Host, Government Matters on ABC 
  • Charles Nelson, Deputy Director for Outreach, U.S. Cyber Command Capabilities Development Group (CDG)
  • Lewis Shepherd, Private Consultant on Advanced Technologies and Strategic Innovation
  • Sean Singleton, Director of Engagement, DIUx
  • Russell Stern, CEO, Solarflare Communications
  • Maj Gen Robert “Wheels” Wheeler (Ret.), Senior Advisor, DIUx

We intend to cover the DIUx approach to work with innovative companies (in Silicon Valley and across the United States) for new solutions and technologies for warfighters.

But I also intend to discuss a certain two-sided disparity: the Double Cyber Gap.

If you’re of a certain age, you can’t help thinking about national security strategy as momentary scenes from “Dr. Strangelove” flicker by in your mind. I’ve always loved Stanley Kubrick’s 1964 satirical nuclear black comedy, which answered the question, “What would happen if the wrong person pushed the wrong button in a nuclear-armed world?” One of the many classic moments is a send-up of the era’s bipolar worry about superpower equipoise, with a “Doomsday Machine Gap” and its inevitable successor, a “Mineshaft Gap.”

Kubrick was skewering the mindset of the “Missile Gap” controversy, which was fresh in his mind as he wrote the screenplay during President Kennedy’s term; JFK had won office in 1960 in part by attacking Vice President Richard Nixon for ignoring an imminent Soviet “Missile Gap” superiority. As Wikipedia summarizes, “Kennedy is credited with inventing the term in 1958 as part of the ongoing election campaign, in which a primary plank of his rhetoric was that the Eisenhower administration was weak on defense. It was later learned that Kennedy was apprised of the actual situation [no actual gap] during the campaign, which has led scholars to question what the (future) president knew and when he knew it. There has been some speculation that he was aware of the illusory nature of the missile gap from the start, and was using it solely as a political tool, an example of policy by press release.”

You can read the New York Times retrospective look (it popped the Missile Gap bubble originally in a 1961 story), and go through a valuable collection of the CIA’s now declassified documents from the era. But what’s relevant is the notion of early warning about a perceived or real disparity between opposing forces. Unfortunately that’s what I see developing, in a couple of very significant ways.

The Double Cyber Gap

Picture in your mind both faces of a double-sided coin. The Double Cyber Gap consists of two linked phenomena:

  1. The Post-Snowden Gap: there’s a newly demonstrable political or ideological cleavage between Silicon Valley commercial technology companies and their erstwhile innovation partners in DoD and the US intelligence community. The Apple/FBI dispute over decrypting the San Bernardino bombing-case iPhone was only one dramatic example; others aren’t played out in open media. I’ve written and spoken about that gap for the past few years as I’ve watched it yawn open, and have tried to limit its width in my government advisory roles and while consulting for tech firms. DIUx works to that goal as well, though the Secretary of Defense himself acknowledged that its first highly-touted incarnation was a failure.
  2. The Capability-Adoption Gap: Those same commercial companies aim their innovations to the widest possible market – meaning globally. For advanced cyber capabilities (dual-use as defensive or offensive) or other digital disruptions, very predictably we know that early adopters will include nation-state government agencies (including in Russia and China), hacking communities, and individual cyber criminals working on their own illicit agendas.

You can practically draw a cyclical diagram of the progression of advanced cyber techniques and technologies, with their adoption passing rapidly from commercial bleeding-edge users to foreign actors and malevolent individuals… and then, tardily if at all, to mainline US government agencies, long after their potency is being exploited by adversaries, or reverse-engineered and exceeded.

The Double Cyber Gap presents DoD with nearly a Hobson’s Choice. DoD can rely increasingly on commercial cyber technologies because of their rapid innovation and disruption – but only while realizing that it won’t be gaining any advantage over foreign adversaries, who are adopting the same commercial capabilities and likely deploying them even faster. It’s deeply problematic for US cybersecurity strategy, and a potentially fatal flaw for DoD’s related “Third Offset” strategy as well.

Let me illustrate that “no-choice-at-all” dilemma with an intriguing behind-the-scenes story, an excerpt from a new profile of Silicon Valley entrepreneur (Y Combinator co-founder) Sam Altman, who is now not only driving his YC startups but also the new OpenAI artificial intelligence research company he has co-founded with Elon Musk and others. The excerpt presents the AI vector of what I’m calling the Double Cyber Gap:

This spring, Altman met Ashton Carter, the Secretary of Defense, in a private room at a San Francisco trade show. Altman wore his only suit jacket, a bunchy gray number his assistant had tricked him into getting measured for on a trip to Hong Kong. Carter, in a pin-striped suit, got right to it. “Look, a lot of people out here think we’re big and clunky. And there’s the Snowden overhang thing, too,” he said, referring to the government’s treatment of Edward Snowden. “But we want to work with you in the Valley, tap the expertise.”

“Obviously, that would be great,” Altman said. “You’re probably the biggest customer in the world.” The Defense Department’s proposed research-and-development spending next year is more than double that of Apple, Google, and Intel combined. “But a lot of startups are frustrated that it takes a year to get a response from you.” Carter aimed his forefinger at his temple like a gun and pulled the trigger. Altman continued, “If you could set up a single point of contact, and make decisions on initiating pilot programs with YC companies within two weeks, that would help a lot.”

“Great,” Carter said, glancing at one of his seven aides, who scribbled a note. “What else?”

Altman thought for a while. “If you or one of your deputies could come speak to YC, that would go a long way.”

“I’ll do it myself,” Carter promised.

As everyone filed out, Chris Lynch, a former Microsoft executive who heads Carter’s digital division, told Altman, “It would have been good to talk about OpenAI.” Altman nodded noncommittally. The 2017 U.S. military budget allocates three billion dollars for human-machine collaborations known as Centaur Warfighting, and a long-range missile that will make autonomous targeting decisions is in the pipeline for the following year. Lynch later told me that an OpenAI system would be a natural fit.

Altman was of two minds about handing OpenAI products to Lynch and Carter. “I unabashedly love this country, which is the greatest country in the world,” he said. At Stanford, he worked on a DARPA project involving drone helicopters. “But some things we will never do with the Department of Defense.” He added, “A friend of mine says, ‘The thing that saves us from the Department of Defense is that, though they have a ton of money, they’re not very competent.’ But I feel conflicted, because they have the world’s best cyber command.” Altman, by instinct a cleaner-up of messes, wanted to help strengthen our military—and then to defend the world from its newfound strength.

Altman is patriotic, and thoughtful – very. But his conversation with Secretary Carter might best have begun with that private reluctance he shared only with the reporter later.

Even though the Double Cyber Gap is palpable, in Altman’s thinking and elsewhere, there are ways around that Hobson’s Choice dilemma. I share those with my consulting clients and we’ll be addressing them and new ideas at the Cybersecurity Summit as well. I hope to see you there, but I’d be interested in hearing your thoughts also  (comments below or email).

RIP Justice Antonin Scalia

Supreme Court Justice Scalia passed away today. My wife Kathryn Ballentine Shepherd, a semi-retired attorney, has worked at the Supreme Court since 2003 (in the Curator’s KBS and Scalia.jpgOffice, giving Chambers tours and lectures on the  history of the Court and its Justices). Through her I’ve met and spent quite a bit of time with Justice Scalia over the years, and always enjoyed his writing and analyses, his humor and humanity. You see here a recent photo of Kathryn joking with him at the Supreme Court – he really seemed to love spending time with her, joshing with her in front of crowds (perhaps because she was a smart lawyer as well), and he always seemed to steer visiting friends to her for a “private” tour.

I was at Chief Justice Rehnquist’s funeral in 2005; he was deeply loved by the Supreme Court “family.” On today’s Court, the most-loved by them in my observation: Antonin Scalia.

One of the funnier moments in my recollection was at a 2006 Supreme Court Historical Society reenactment of the Aaron Burr treason trial held in the Court’s actual Chambers one evening, with Justice Scalia playing the role of the actual trial judge, Chief Justice John Marshall. Scalia peered down from the bench as the DC attorneys recruited for the event began to play out their own roles – among them Scalia’s own son Eugene, a powerhouse lawyer in his own right. “Chief Justice Marshall” (Justice Scalia) looked over his glasses and boomed out, “OK, who’s next – it says here your name is, um, Scall-ee-a, Scall-eye-a, what kind of name is that??” The audience roared with laughter. That was the common reaction to his ever-present, ever-witty humor.

For seven years I’ve recycled an old Reagan-era joke (it was originally about Thurgood Marshall), updating it for the Obama Administration and asking, “Who’s the most important conservative in Washington DC? Justice Scalia’s doctor.” In today’s hyper-politicized era, we’re about to see why….

 

Slow-Live-blogging #NASASocial for CRS7 Launch

093FB4EE629C000080400003-attachment-1-FOTBF8

I was really giddy at being selected by NASA to participate in the agency’s innovative “NASA Social” program, where social-media personalities are credentialed and allowed to cover NASA rocket launches. Launch is scheduled for Sunday June 28 at 10:21 AM EDT – fingers crossed for good weather :).

I’ll be updating every couple hours or so over the weekend, and will definitely take good advantage of the tweets and photos of my colleague attendees (with credit of course!). The items follow in chronological order:

Continue reading

Twitter Search as a Government case study

In addition to periodic think-pieces here at Shepherd’s Pi, I also contribute a monthly online column over at SIGNAL Magazine on topics relating to intelligence. This month I keyed off a recent discussion I had onstage at the 2015 AFCEA Spring Intelligence Symposium with Elon Musk, particularly a colloquy we had on implications of the emerging cleavage (post-Edward Snowden) between Silicon Valley technology companies and their erstwhile innovation partners, U.S. intelligence agencies.

Continue reading

Meet the Future-Makers

Question: Why did Elon Musk just change his Twitter profile photo? I notice he’s now seeming to evoke James Bond or Dr. Evil:

twitter photos, Elon v Elon

I’m not certain, but I think I know the answer why. Read on… Continue reading

Insider’s Guide to the New Holographic Computing

In my seven happy years at Microsoft before leaving a couple of months ago, I was never happier than when I was involved in a cool “secret project.”

Last year my team and I contributed for many months on a revolutionary secret project – Holographic Computing – which is being revealed today at Microsoft headquarters.  I’ve been blogging for years about a variety of research efforts which additively culminated in today’s announcements: HoloLens, HoloStudio for 3D holographic building, and a series of apps (e.g. HoloSkype, HoloMinecraft) for this new platform on Windows 10.

For my readers in government, or who care about the government they pay for, PAY CLOSE ATTENTION.

It’s real. I’ve worn it, used it, designed 3D models with it, explored the real surface of Mars, played and laughed and marveled with it. This isn’t Einstein’s “spooky action at a distance.” Everything in this video works today:

These new inventions represent a major new step-change in the technology industry. That’s not hyperbole. The approach offers the best benefit of any technology: empowering people simply through complexity, and by extension a way to deliver new & unexpected capabilities to meet government requirements.

Holographic computing, in all the forms it will take, is comparable to the Personal Computing revolution of the 1980s (which democratized computing), the Web revolution of the ’90s (which universalized computing), and the Mobility revolution of the past eight years, which is still uprooting the world from its foundation.

One important point I care deeply about: Government missed each of those three revolutions. By and large, government agencies at all levels were late or slow (or glacial) to recognize and adopt those revolutionary capabilities. That miss was understandable in the developing world and yet indefensible in the United States, particularly at the federal level.

I worked at the Pentagon in the summer of 1985, having left my own state-of-the-art PC at home at Stanford University, but my assigned “analytical tool” was a typewriter. In the early 2000s, I worked at an intelligence agency trying to fight a war against global terror networks when most analysts weren’t allowed to use the World Wide Web at work. Even today, government agencies are lagging well behind in deploying modern smartphones and tablets for their yearning-to-be-mobile workforce.

This laggard behavior must change. Government can’t afford (for the sake of the citizens it serves) to fall behind again, and  understanding how to adapt with the holographic revolution is a great place to start, for local, national, and transnational agencies.

Now some background… Continue reading

Intelligence Technology, Waiting for Superman

…or Superwoman.

Amid the continuing controversies sparked by Edward Snowden’s whistleblowing defection revelations, and their burgeoning effects on American technology companies and the tech industry worldwide, the afflicted U.S. intelligence community has quietly released a job advertisement for a premier position: the DNI’s National Intelligence Officer for Technology.

You can view  the job posting at the USAJOBS site (I first noticed it on ODNI’s anodyne Twitter feed @ODNI_NIC), and naturally I encourage any interested and qualified individuals to apply. Keep reading after this “editorial-comment-via-photo”:

How you'll often feel if you take this job...

How you’ll often feel if you take this job…

Whether you find the NSA revelations to be infuriating or unsurprising (or even heartening), most will acknowledge that it is in the nation’s interest to have a smart, au courant technologist advising the IC’s leadership on trends and directions in the world of evolving technical capabilities.

In the interest of wider exposure I excerpt below some of the notable elements in the job-posting and description…. and I add a particular observation at the bottom.

Job Title: National Intelligence Officer for Technology – 28259

Agency: Office of the Director of National Intelligence

Job Announcement Number: 28259

Salary Range: $118,932.00  to  $170,000.00

Major Duties and Responsibilities:

Oversees and integrates all aspects of the IC’s collection and analytic efforts, as well as the mid- and long-term strategic analysis on technology.

Serves as the single focal point within the ODNI for all activities related to technology and serves as the DNI’s personal representative on this issue.

Maintains senior-level contacts within the intelligence, policymaking, and defense communities to ensure that the full range of informational needs related to emerging technologies are met on a daily basis, while setting strategic guidance to enhance the quality of IC collection and analysis over the long term.

Direct and oversee national intelligence related to technology areas of responsibility; set collection, analysis, and intelligence operations priorities on behalf of the ODNI, in consonance with the National Intelligence Priorities Framework and direction from the National Security Staff.

In concert with the National Intelligence Managers/NIOs for Science and Technology and Economic Issues, determine the state of collection, analysis, or intelligence operations resource gaps; develop and publish an UIS which identifies and formulates strategies to mitigate gaps; advise the Integration Management Council and Integration Management Board of the gaps, mitigation strategies, progress against the strategies, and assessment of the effectiveness of both the strategies and the closing of the intelligence gaps.

Direct and oversee Community-wide mid- and long-term strategic analysis on technology. Serve as subject matter expert and support the DNI’s role as the principal intelligence adviser to the President.

Oversee IC-wide production and coordination of NIEs and other community papers (National Intelligence Council (NIC) Assessments, NIC Memorandums, and Sense of the Community Memorandums) concerning technology.

Liaise and collaborate with senior policymakers in order to articulate substantive intelligence priorities to guide national-level intelligence collection and analysis. Regularly author personal assessments of critical emerging technologies for the President, DNI, and other senior policymakers.

Develop and sustain a professional network with outside experts and IC analysts, analytic managers, and collection managers to ensure timely and appropriate intelligence support to policy customers.

Brief senior IC members, policymakers, military decisionmakers, and other major stakeholders.

Review and preside over the research and production plans on technology by the Community’s analytic components; identify redundancies and gaps, direct strategies to address gaps, and advise the DNI on gaps and shortfalls in analytic capabilities across the IC.

Determine the state of collection on technology, identify gaps, and support integrated Community-wide strategies to mitigate any gaps.

Administer National Intelligence Officer-Technology resource allocations, budget processes and activities, to include the establishment of controls to ensure equities remain within budget.

Lead, manage, and direct a professional level staff, evaluate performance, collaborate on goal setting, and provide feedback and guidance regarding personal and professional development opportunities.

Establish and manage liaison relationships with academia, the business community, and other non-government subject matter experts to ensure the IC has a comprehensive understanding of technology and its intersection with global military, security, economic, financial, and/or energy issues.

Technical Qualifications:

Recognized expertise in major technology trends and knowledge of analytic and collection issues sufficient to lead the IC.

Superior capability to direct interagency, interdisciplinary IC teams against a range of functional and/or regional analytical issues.

Superior interpersonal, organizational, and management skills to conceptualize and effectively lead complex analytic projects with limited supervision.

Superior ability to work with and fairly represent the IC when analytic views differ among agencies.

Superior communication skills, including ability to exert influence with senior leadership and communicate effectively with people at all staff levels, both internal and external to the organization, to give oral presentations and to otherwise represent the NIC in interagency meetings.

Expert leadership and managerial capabilities, including the ability to effectively direct taskings, assess and manage performance, and support personal and professional development of all levels of personnel.

Superior critical thinking skills and the ability to prepare finished intelligence assessments and other written products with an emphasis on clear organization, concise, and logical presentation.

Executive Core Qualifications (ECQs):

Leading People: This core qualification involves the ability to lead people toward meeting the organization’s vision, mission, and goals. Inherent to this ECQ is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts. Competencies: Conflict Management, Leveraging Diversity, Developing Others, and Team Building

Leading Change: This core qualification involves the ability to bring about strategic change, both within and outside the organization, to meet organizational goals. Inherent to this ECQ is the ability to establish an organizational vision and to implement it in a continuously changing environment. Competencies: Creativity and Innovation, External Awareness, Flexibility, Resilience, Strategic Thinking, and Vision.

HOW YOU WILL BE EVALUATED:

You will be evaluated based upon the responses you provide to each required Technical Qualifications (TQ’s) and Executive Core Qualifications (ECQ’s). When describing your Technical Qualifications (TQ’s) and Executive Core Qualifications (ECQ’s), please be sure to give examples and explain how often you used these skills, the complexity of the knowledge you possessed, the level of the people you interacted with, the sensitivity of the issues you handled, etc. Your responses should describe the experience; education; and accomplishments which have provided you with the skills and knowledge required for this position. Current IC senior officers are not required to submit ECQs, but must address the TQs.

Only one note on the entire description, and it’s about that last line: “Current IC senior officers are not required to submit Executive Core Qualifications, but must address the Technical Qualifications.”  This is perhaps the most important element in the entire description; it is assumed that “current IC senior officers” know how to lead bureaucratically, how to manage a staff – but in my experience it cannot be assumed that they are necessarily current on actual trends and advances in the larger world of technology. In fact, some might say the presumption would be against that currency. Yet they must be, for a variety of reasons never more salient than in today’s chaotically-evolving world.

Good luck to applicants.

[note: my title is of course a nod to the impressive education-reform documentary “Waiting for Superman“]

 

%d bloggers like this: