On Monday, I had the chance to spend my morning engaging in discussions on measuring the impact of cyber espionage. The conversation began by examining the act of "cyber" espionage and whether a helpful distinction is made by adding the prefix. Our conversation reminded me of the "electro-" era when everything new and exciting was given the prefix "electro-." Still, something about espionage conducted in and through cyberspace feels different. We ventured into case studies, and I even brought up process tracing and one of my favorite books, "Apollo, Challenger, and Columbia: The End of the Space Program," - a case study on organizational communication at NASA and how it resulted in catastrophic accidents. Thanks to the Center for Security, Innovation, and New Technology (CSINT) at American University and Trey Herr for hosting the workshop at beautiful Airlie to get us out of the city! #CyberEspionage #CaseStudies #CyberspaceSecurity #ProcessTracing
Isn’t the Airlie a fantastic place for an offsite! It’s been 10 years since doing one there, and what a decade it’s been!
The impact to government, military, industry, all or some of the above?
Engaging read, Margaret. Your insights on measuring the impact of cyber espionage are truly enlightening. Keep up the fantastic work!
Can we organize a road show of smart "cyber" people to go around explaining what's what? I'm serious. At least give lunch & learn talks for Congress staffers.
I would offer that it is simpler than some might imagine. During the Cold War, such research was sorted into the "Elements of Espionage," which can also provide a firm foundation for exploring similar behaviors in the cyber-domain. For example, tradecraft used in the physical domain has equal representation in virtual environments, but is not restricted to espionage. Overall, I would offer there are significant foundations in understanding the practice of cyber-espionage. To lean forward, the impacts of AI on espionage may offer a more challenging effort.
Congrats! Espionage or new Cyber Espionage happens. Helping to make ppl n corps aware will be an uphill battle for many corps who "just don't get it" when it comes to internal and external espionage. However, we must start somewhere! Example: company X fires or lays off a very popular mgr. That mgr still has large hooks into company X. Ex mgr still drives various security initiatives within company X, yet legally not an emoyee?. If not espionage or insider threat, what is it?
Not reading the comments but will just say... espionage tradecraft is basically the same in the persona level of the cyber domain as it has been over the last century of intrigue. If you want to understand how you counter a sophisticated and determined adversary, just ask me
Yep, whether espionage or IO, when it’s cyber-enabled, it *is* different. And those different tactics require different ways of thinking about defending against it. I just wish the Army’s top “cyber” priority this FY wasn’t EW. 😉
That looks suspiciously like the Airlie House! (We did MIT's Seminar XXI there...)
Staff Threat Intel Analyst, Adversary Tactics
5dWhat did you determine, re: measuring the impact of cyber espionage?