1/11/2025 Episode 6: Conclusion-Why Resilience and Decentralization Are Essential for SecurityRead NowCliffNotes Security professionals must rethink their approach to modern threats. Today’s security landscape is no longer defined by traditional, large-scale conflicts. Instead, it’s shaped by gray zone warfare, cyberwarfare as non-kinetic fires, and decentralized, adaptive threats that operate outside conventional boundaries.
Robb emphasizes that most security failures stem from bad orientation—misreading the situation and relying on outdated mental models. Traditional security frameworks focus on control and centralization, but modern threats are networked, unpredictable, and constantly evolving. The solution? Shift toward resilience and decentralization, building systems that can absorb shocks and recover quickly. Brose frames cyberwarfare as non-kinetic fires, highlighting that attacks on critical infrastructure and digital systems can achieve the same disruptive impact as physical attacks without ever firing a shot. Understanding cyber threats through this lens helps security professionals realize that cyberattacks are not isolated incidents—they're part of larger geopolitical strategies designed to destabilize and erode trust. A key theme throughout is the importance of decentralized and redundant systems. Whether it’s microgrids in energy or distributed cloud storage in cybersecurity, resilience comes from removing single points of failure and ensuring critical operations continue even when parts of a system are compromised. Finally, gray zone warfare—a space between peace and open conflict—has become the new normal. Threat actors exploit gaps in traditional security systems using tactics like disinformation, economic coercion, and cyberattacks. Security professionals must adapt by embracing layered defenses, understanding the political context behind attacks, and recognizing that the battlefield is everywhere. The future of security isn’t about preventing every attack—it’s about anticipating disruptions, absorbing damage, and recovering faster
0 Comments
CliffNotes Open-source warfare and the rise of super-empowered individuals are redefining the nature of conflict in the modern era, blurring the lines between traditional warfare, cybersecurity, and politics. Historically, warfare was the domain of nation-states, fought on defined battlefields with formal declarations. Today, those boundaries have dissolved. Individuals and decentralized groups now have the power to disrupt critical infrastructure, manipulate public opinion, and even influence global events- all without the resources or formal backing of a state.
The concept of open-source warfare revolves around decentralized actors sharing tools, tactics, and knowledge in real time. This collaboration allows even small groups to achieve outsized impacts, whether through cyberattacks, disinformation campaigns, or improvised weaponry. The rise of super-empowered individuals- highly skilled actors who operate independently- further amplifies this dynamic. These individuals, using open-source tools, can influence or disrupt systems on a scale that was once unthinkable for non-state actors. CliffNotes Gray Zone Warfare refers to actions that fall between peace and open conflict, where state and non-state actors use tactics such as cyberattacks, misinformation, economic manipulation, and proxy forces to achieve strategic objectives without triggering a conventional military response. These methods exploit ambiguities in international law, making them challenging to address effectively. Examples like Russia’s use of unmarked troops in Crimea and their cyber operations targeting Ukraine’s infrastructure to show how gray zone tactics are applied in real-world scenarios.
Systems disruption, a concept that focuses on targeting the vulnerabilities in critical infrastructure such as power grids, supply chains, and communication networks. As illustrated by events like the 2024 CrowdStrike software failure, even small disruptions in these interconnected systems can create cascading effects that impact millions. Systems disruption isn’t just about causing immediate damage—it’s about destabilizing societies by undermining the structures they depend on. This discussion draws on insights from John Robb’s Brave New War, which has proven prescient in describing how modern conflicts are increasingly defined by these vulnerabilities. The societal and psychological impacts of these tactics are significant. When critical services fail, trust in institutions erodes, and the resulting instability can be as damaging as the disruptions themselves. As these strategies become more common, understanding their mechanisms and implications is vital for building more resilient systems. Books Mentioned in This Episode: 📚 Brave New War by John Robb 📚 Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath by Ted Koppel 📚 Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Andy Greenberg 📚 The Kill Chain: Defending America in the Future of High-Tech Warfare by Christian Brose CliffNotes Modern conflict has shifted from traditional battlefields to interconnected systems, where decentralization and technology redefine warfare. Christian Brose’s The Kill Chain outlines how outdated, centralized systems hinder the U.S. military’s ability to respond to threats in a world defined by AI, automation, and cyber capabilities. Brose critiques the reliance on slow, hierarchical decision-making and legacy platforms, emphasizing the need for speed and adaptability in modern warfare.
Cyberwarfare, which Brose terms "non-kinetic fires," breaks free from conventional constraints like geography and resources. Attacks can be launched globally with minimal investment, prioritizing disruption over destruction. John Robb’s Brave New War complements this by focusing on systems disruption, where adversaries exploit vulnerabilities in infrastructure to destabilize larger powers. Cyberwarfare embodies this approach, allowing small groups or individuals to wield disproportionate influence with precision and minimal risk. For cybersecurity professionals, these frameworks are essential. Understanding the kill chain’s emphasis on detection, decision-making, and action aligns directly with modern cyber defense. The future of security depends not just on technical solutions but on adopting the speed, adaptability, and strategic thinking that define today’s conflicts. The information age demands resilience and a deeper grasp of the strategies shaping both physical and digital threats. CliffNotes Unfortunately, scammers are everywhere these days, and they’re constantly finding new ways to manipulate people. It could be a fake charity asking for donations or a romantic interest trying to pull at your heartstrings, their tactics are designed to trick you into trusting them. It’s easy to think, “That won’t happen to me,” but it can happen to anyone. My great aunt, for instance, lost $45,000 to a charity scam because she genuinely believed she was helping build a church in Ghana. It wasn’t until she tried to wire another $100,000 that a banker noticed something was wrong and stepped in.
Scammers exploit trust, emotion, and often our personal interests (OPSEC OPSEC OPSEC). Take, for example, my college roommate who almost got conned while selling a laptop on Craigslist. She was contacted by someone claiming they needed the laptop for their son in Africa, a story that hit close to home for her since she had been on mission trips there, which I suspect was found out through looking at her social media. The scammer likely used that personal connection to try to make the story believable, hoping she wouldn’t question it. Luckily, she sensed something wasn’t right when they asked for money to cover shipping and backed out just in time. Then there are romance scams which can be even more painful. In my hometown, a woman flew to the UK to meet a man she thought she had been in an online relationship with, only to realize he didn’t exist. Before she even made the trip, she had already sent him money, believing he needed it for his flight. Scammers in these situations spend months building trust before asking for financial help, making it harder for the victim to realize what’s happening until it’s too late. The key to avoiding these situations is understanding how scammers operate. A great way to do that is by learning from two concepts: Pre-Incident Indicators (PINS) from The Gift of Fear by Gavin de Becker and the OODA loop developed by military strategist Col. John Boyd. De Becker emphasizes the importance of trusting your gut—our instincts are designed to protect us, but too often we ignore them. If something feels off, don’t rationalize it away, it’s probably off. Recognizing the early PINS, like someone pushing for urgency or refusing to take “no” for an answer, can help you catch a scam before it goes too far. The OODA loop—Observe, Orient, Decide, Act—helps you take control of a situation by slowing things down. Scammers want you to feel rushed, so you don’t have time to think critically. The loop allows you to step back, assess the situation, and decide on the best course of action without being pressured into a decision. The bottom line is this: scammers rely on confusion, emotional manipulation, and most importantly speed to achieve their objective. The more you can recognize their tactics, the better able you’ll be to avoid falling into their traps. If something feels wrong, trust yourself and take the time to verify the details. The Future of War is Decentralized Christian Brose's The Kill Chain fits into John Robb's Brave New War worldview through a shared recognition of how modern warfare is increasingly defined by technology, decentralization, and the exploitation of system vulnerabilities. Both authors articulate how traditional military doctrines and approaches are becoming obsolete in the face of rapidly evolving threats that leverage technology and asymmetric tactics.
In The Kill Chain, Brose emphasizes that the U.S. military must transition from an outdated model of warfare, which relies on heavy, centralized, and hierarchical systems, to one that is networked, decentralized, and automated. This is in direct alignment with Robb’s view of modern conflict, where networked actors—whether state or non-state—exploit the interconnectedness of global systems to disrupt, degrade, and destabilize powerful adversaries. Robb describes how global guerrillas use these networks to operate in small, autonomous groups, bypassing traditional state hierarchies to attack vulnerable infrastructure. Brose and Robb both argue that the future of conflict is not about large, conventional forces clashing head-on. Instead, it’s about how fast and effectively forces can operate within a distributed, digital network that connects sensors, decision-makers, and weapons systems. Brose’s kill chain is a system designed to integrate these capabilities at speed, while Robb’s global guerrillas are adept at targeting the weak links in such systems to bring them down. From Robb’s worldview, the ability of non-state actors and smaller forces to act quickly, adaptively, and asymmetrically is key. Brose, too, is concerned with the speed of decision-making and action in military operations. He emphasizes the need to automate parts of the kill chain with AI and autonomous systems to match the speed of modern threats, which aligns with Robb’s emphasis on networked, fast-moving actors who can outmaneuver larger, slower bureaucratic systems. Robb’s systems disruption theory is central to Brave New War. It argues that future wars will be less about physical destruction and more about disrupting the complex, interconnected systems that modern states and societies depend on. In Robb’s view, global guerrillas don’t need to defeat a state militarily; they only need to disrupt the systems that allow the state to function i.e. power grids, communication networks, and financial systems. This strategy of targeting critical infrastructure with minimal resources is designed to create cascading failures, causing widespread chaos and undermining state power. The Kill Chain echoes this vulnerability. Brose argues that the U.S. military’s overreliance on large, centralized systems, such as aircraft carriers and advanced fighter jets—makes it highly susceptible to disruption. Adversaries like China and Russia have focused on developing systems designed to disable or disrupt these legacy platforms by attacking their command-and-control infrastructure, sensors, and communications; the kinds of targets Robb’s global guerrillas would aim for in a conflict. Both Brose and Robb emphasize the growing importance of cyber warfare as the key tool for systems disruption. For Robb, cyberattacks are the ultimate non-kinetic fires ( a term that suck with me after reading The Kill Chain) or a way for small, decentralized actors to create massive effects on a technologically advanced adversary by attacking the digital infrastructure that underpins its military and civilian systems. Brose describes how adversaries can exploit U.S. military vulnerabilities with cyberattacks, jamming sensors, blinding satellites, or injecting false data into decision-making systems, effectively breaking the kill chain before it can even begin. Robb’s Brave New War is built around the idea of asymmetric warfare, where smaller, less powerful actors can challenge larger states by using unconventional tactics and low-cost, high-impact attacks. He also introduces the concept of open-source warfare, where tactics, techniques, and technologies are shared across decentralized networks of non-state actors, enabling them to rapidly innovate and adapt. Brose’s The Kill Chain acknowledges this asymmetric threat but from the perspective of state-on-state conflict. He describes how China and Russia, instead of trying to match the U.S. militarily with traditional platforms, have adopted asymmetric strategies that focus on neutralizing America’s strengths. These adversaries invest in capabilities designed to disable U.S. power projection by attacking weak points in its command-and-control infrastructure, electronic warfare, and space-based assets. Brose’s warnings about this shift align with Robb’s vision of how smaller or less-resourced actors can use asymmetric tactics to outmaneuver and disrupt a more powerful adversary. Additionally, Robb’s idea of open-source insurgency ties directly into the nature of cyber warfare, which Brose sees as critical in future conflicts. In Robb’s framework, tools for systems disruption, like cyber exploits, can be shared across a global network of actors, allowing even small groups to gain access to powerful technologies that can cripple a state’s infrastructure. Brose’s analysis echoes this by highlighting how easily cyber tools can be developed or acquired by both state and non-state actors, further amplifying the asymmetric potential of modern warfare. Both Robb and Brose agree that the U.S. military must adapt if it hopes to remain competitive in the future of warfare. For Brose, this means breaking away from the obsession with legacy systems like aircraft carriers and embracing new technologies like artificial intelligence, automation, and space-based surveillance. He advocates for the U.S. military to move towards a distributed, networked system of warfare where the kill chain is automated and decisions are made at machine speed. Robb’s prescription for surviving in this new environment is similar. He advocates for a more resilient, decentralized system, where the state adopts the same kind of adaptive, networked thinking that its adversaries use. For both authors, the future is about speed, agility, and flexibility, not overwhelming firepower or centralized control. In Robb’s world, the state that can out-think and out-adapt its adversaries will survive, while the one that clings to legacy platforms will be left vulnerable to systems disruption and decentralized attacks. In Robb’s framework, non-state actors like global guerrillas use open-source tactics and systems disruption to paralyze more powerful adversaries, a strategy that is echoed in Brose’s analysis of how China and Russia are developing asymmetric capabilities to disable the U.S. military’s kill chain. Both authors warn that the future of warfare will be determined not by who has the most firepower, but by who can best adapt to the challenges of this networked, decentralized, and technology-driven world. The Kill Chain Recently, I finished this book on the way to WWHF. The Kill Chain: Defending America in the Future of High-Tech Warfare by Christian Brose is an examination of the United States’ military vulnerabilities in the face of rapid technological advancements and the shifting nature of modern warfare.
Brose, who served as the staff director of the Senate Armed Services Committee and as a senior advisor to Senator John McCain, leverages his insider perspective to offer a sobering critique of how the U.S. military is failing to adapt to the challenges of a new era defined by AI, automation, and cyber capabilities. The “kill chain” concept refers to the sequence of detecting a threat, deciding on a response, and taking action to neutralize it. Traditionally, this process involved human decision-makers at each stage, but modern warfare demands faster, more automated processes. Brose argues that America's military kill chain is slow, centralized, and heavily reliant on legacy systems that are vulnerable to disruption. The Kill Chain contends that the United States is locked into an outdated model of warfare, one that emphasizes traditional platforms like aircraft carriers, fighter jets, and tanks. These systems, Brose argues, belong to an era of industrial-age warfare that is quickly becoming obsolete in the face of information-age threats. Today’s conflicts are increasingly defined by “data, sensors, autonomous systems,” and the ability to leverage these technologies to achieve real-time decision-making and action; essentially, how quickly and effectively a military can complete its “kill chain.” Brose paints a stark picture of how adversaries like China have studied the U.S. military's strengths and weaknesses and developed strategies to counter them. Rather than attempting to match the United States platform for platform, China has focused on developing capabilities that can exploit the vulnerabilities of America's complex, interconnected military systems. These capabilities include advanced cyberwarfare tools, electronic warfare systems, and precision-guided missile technology designed to target the weak links in America's kill chain. The book explores how China’s investment in these areas is part of a broader strategy to neutralize America’s advantages. China has invested in anti-ship ballistic missiles that can target U.S. aircraft carriers, developed advanced electronic warfare capabilities that can jam or blind U.S. surveillance systems, and built extensive cyber capabilities to compromise American military networks. These developments challenge the dominance of the U.S. military, as they can render its traditional platforms ineffective before they can even enter the battlefield. Brose makes the case that the United States is at risk of losing its strategic edge because it has not adequately adapted to this shift. The U.S. military's focus on maintaining and expanding expensive legacy systems leaves it poorly positioned to counter adversaries who are innovating more rapidly and adopting strategies that focus on disrupting America’s ability to respond effectively. The Kill Chain does not shy away from critiquing the entrenched bureaucracy of the Pentagon and the defense-industrial complex. Brose highlights how the procurement process is bogged down by inefficiency, resistance to change, and an obsession with maintaining traditional platforms. He argues that this mentality has led to a situation where the U.S. spends billions on legacy systems that may never be effective in a future conflict. Brose is particularly critical of the U.S. defense budget's emphasis on sustaining existing programs rather than investing in new technologies. He contrasts this with China’s approach, where the focus is on developing capabilities that can counter the United States’ strengths and exploit its weaknesses. This difference in strategic thinking, Brose suggests, has created a scenario where the U.S. could be outmaneuvered in a future conflict, not because it lacks resources, but because it has failed to innovate and adapt. One of the more urgent messages in The Kill Chain is the need for the United States to integrate emerging technologies like artificial intelligence and autonomous systems into its military strategy. Brose argues that these technologies are not just enhancements to existing capabilities but are the keys to unlocking a new model of warfare where decisions can be made at machine speed. In a world where threats emerge and change rapidly, relying on human decision-making in the kill chain can be a fatal flaw. Brose envisions a future where AI-enabled systems can identify, track, and prioritize threats autonomously, with human oversight serving as a guide rather than the primary decision-maker. This shift would enable the military to operate faster and more efficiently, adapting to threats in real-time rather than relying on slow, hierarchical chains of command. Brose highlights that the private sector is already leading in many of these areas, with companies like SpaceX and Palantir driving advancements in AI, space-based surveillance, and data analysis. He advocates for greater collaboration between the Department of Defense and these innovative private companies, arguing that such partnerships are essential if the U.S. military is to harness cutting-edge technology and maintain its competitive edge. Brose argues that America must embrace a new way of thinking about warfare—one that prioritizes speed, agility, and the ability to operate across a distributed, networked battlefield. This requires a willingness to take risks, to abandon the comfort of legacy platforms, and to invest in technologies that can make the military more effective in an era of information warfare. He also emphasizes that the future of warfare will not be won by having more tanks or aircraft carriers but by building systems that can see, think, and act faster than those of adversaries. This means focusing on developing the infrastructure for autonomous drones, space-based sensors, and AI-driven analysis tools that can turn data into action in milliseconds Into the Gray Zone Gray zone warfare occupies the ambiguous space between peace and open conflict, where actors engage in aggressive activities that fall short of conventional war. These actions are designed to achieve strategic objectives while avoiding direct military confrontation and maintaining plausible deniability. Gray zone tactics exploit gaps in international law and norms, making it difficult for targets to justify a forceful response.
Cyberattacks have emerged as a quintessential tool of gray zone warfare, operating in the space with particular effectiveness. It allows state and non-state actors to inflict significant damage on adversaries without crossing the threshold that would trigger traditional military retaliation. This ambiguity makes cyberattacks especially attractive for those seeking to advance their interests while minimizing the risk of escalation. Common gray zone tactics include cyberattacks, disinformation campaigns, economic coercion, and the use of proxy forces. In the cyber domain, these methods often target critical infrastructure, financial systems, and government networks. Such attacks can disrupt essential services, undermine public trust, and cause economic damage without physical destruction. The 2015 and 2016 attacks on Ukraine's power grid, attributed to Russia, are examples of this approach. By temporarily disabling portions of the grid, the attackers demonstrated their capabilities and instilled fear without triggering a military response. The attribution problem inherent in many cyberattacks further aligns them with gray zone tactics where sophisticated actors can mask their identity, use false flag operations, or leverage compromised systems in neutral countries to launch attacks. Obfuscation creates plausible deniability, complicating diplomatic and military responses. Even when technical evidence points to a specific nation, proving state sponsorship to a level that justifies retaliation often remains challenging. Russia's actions in Ukraine provide a clear example of gray zone warfare beyond just cyberattacks. The 2014 annexation of Crimea involved the use of "little green men, " unmarked troops that Russia initially denied were its own. This allowed Russia to achieve its objective while muddying the waters of international response. Similarly, Russia's ongoing support for separatist forces in eastern Ukraine, combined with its cyber operations against Ukrainian infrastructure, exemplifies the nature of gray zone tactics. Cyber espionage operates in a similar gray area. While espionage is an age-old practice, the scale and scope enabled by cyber tools blur the lines between intelligence gathering and active measures. Massive data breaches like the U.S. Office of Personnel Management hack, attributed to China, illustrate how cyber espionage can have strategic implications beyond mere information collection. The use of cyber tools for election interference represents another facet of gray zone warfare. Disinformation campaigns, hack-and-leak operations, and attacks on voting infrastructure can undermine democratic processes and sow discord without direct military involvement. The alleged Russian interference in the 2016 U.S. presidential election demonstrated the potency of these tactics in shaping geopolitical outcomes while maintaining a veneer of deniability. Healthcare ransomware attacks are a prime example of gray zone conflict tactics, targeting critical infrastructure in a way that disrupts societies without provoking traditional military responses. By attacking healthcare systems, cyber-criminals, sometimes linked to state actors or allowed to act with certain restrictions from their territory, exploit vulnerabilities to cause significant harm, such as hindering patient care and sowing public fear. These operations leverage the anonymity and plausible deniability inherent in cyberspace, allowing perpetrators to put pressure on adversaries covertly by "throwing sand in the gears". The increased targeting of healthcare facilities (in my opinion), following geopolitical events like the Ukraine invasion, underscores how such cyberattacks have become key tools in gray zone strategies, blurring the lines between peace and open conflict. Protecting our data and systems is no longer just about preventing theft or disruption, it's about safeguarding national security and economic stability. The future of conflict is in cyberspace and cybersecurity professionals must see themselves on the front lines of this evolving form of warfare. Final Review John Robb's "Brave New War" and his "Global Guerrillas" blog, despite being penned in 2007, remain eerily prescient reads for today's cybersecurity practitioners. Robb, a former Air Force officer turned analyst, dissects the evolving nature of conflict in a world where traditional power structures are increasingly vulnerable to decentralized, networked threats.
The core thesis revolves around what Robb terms "open-source warfare" a concept where loosely affiliated groups can share tactics, techniques, and procedures to wage asymmetric warfare against nation-states and large organizations. Sound familiar? It's essentially describing the modern threat landscape cybersecurity professionals grapple with daily. Robb's analysis of how these groups can exploit systemic vulnerabilities to cause cascading failures is particularly relevant. He argues that by targeting critical nodes in complex systems - be it infrastructure, supply chains, or information networks , otherwise small groups can inflict disproportionate damage. This mirrors the potential impact of well-executed cyberattacks on our interconnected digital systems. The book's exploration of "super-empowered individuals" those who can leverage technology to punch far above their weight is downright prophetic. In an era where a single hacker with the right tools can potentially cripple a multinational corporation, Robb's warnings feel less like speculation and more like a playbook for the threats we face. What makes "Brave New War" particularly valuable is its focus on resilience and adaptability as key defensive strategies. Robb argues for decentralized, resilient systems that can withstand and quickly recover from attacks - a philosophy that aligns closely with modern cybersecurity best practices like zero trust architecture and defense-in-depth strategies. For cybersecurity practitioners, "Brave New War" offers a broader context for understanding the threat landscape we operate in. It's not just about protecting networks, but rather it's about comprehending how those networks fit into larger, vulnerable systems that adversaries seek to exploit. In a field that often gets bogged down in technical minutiae, Robb's strategic-level analysis provides a valuable big-picture perspective. It's a reminder that effective cybersecurity isn't just about firewalls and patches, it's about understanding the evolving nature of conflict in a networked world. Is it a comfortable read? Hell no. Robb's vision of decentralized, networked threats exploiting our systemic vulnerabilities is downright unsettling. But it's precisely this discomfort that makes "Brave New War" a must-read. It challenges our assumptions, broadens our threat models, and ultimately makes us better prepared to face the brave new world of cyber conflict. I highly recommend this book and following Robb. Brave New War: Amazon John Robb: Solutions Robb's advocacy for resilience through decentralization has gained traction across various sectors, though implementation often lags behind recognition of its importance. The energy sector provides a prime example with the emergence of microgrids as a practical application of Robb's ideas. These small-scale, local energy systems can operate independently of the larger grid, enhancing community resilience against both physical and cyber attacks. The development of microgrids in Puerto Rico following Hurricane Maria demonstrates how decentralization can bolster communities in the face of natural disasters and potential attacks.
Widespread implementation of such decentralized systems remains a challenge. Regulatory hurdles, entrenched interests, and the inertia of existing infrastructure often impede progress. The tension between the recognized need for resilient, decentralized systems and the practical difficulties of overhauling established infrastructure highlights an ongoing struggle in realizing Robb's vision. In cybersecurity, Robb's concept of open-source security has seen significant adoption. Information Sharing and Analysis Centers (ISACs) in various industries and the Cyber Threat Alliance exemplify this approach, facilitating the sharing of threat intelligence among organizations. This collaborative model allows defenders to share information and strategies as readily as attackers, creating a more robust collective defense. The rise of bug bounty programs and responsible disclosure policies in the tech industry also aligns with Robb's vision of harnessing collective intelligence for defense. These initiatives have proven effective in identifying and addressing vulnerabilities before malicious actors can exploit them. However, the open nature of these programs also creates potential risks, as information about vulnerabilities could potentially be misused if not carefully managed. Robb's emphasis on adaptive, network-centric defense has influenced military doctrine, with concepts like the U.S. military's "Multi-Domain Operations" reflecting a more flexible, interconnected approach to warfare. In the corporate world, the adoption of agile methodologies in cybersecurity represents a step towards the kind of adaptive defense Robb envisioned. Despite these advancements, many organizations still struggle to match the speed and flexibility of their adversaries. The gap between the ideal of rapid, adaptive defense and the reality of organizational constraints highlights the ongoing relevance of Robb's warnings. Balancing the need for agility with the requirements of security and stability remains a significant challenge for many institutions. The importance of building social capital, strong, trust-based networks within and between communities is particularly relevant in the face of information warfare and social media manipulation. Initiatives focused on digital literacy, fact-checking networks, and community resilience programs would ideally align with this aspect of Robb's thinking, but that has yet to be determined. Robb's advocacy for localism and community empowerment has seen mixed implementation. Community policing initiatives and local emergency response teams reflect this philosophy, empowering communities to take an active role in their own security and governance. The rise of cryptocurrency and blockchain technologies represents an interesting development in this space, potentially providing tools for local economic empowerment and decentralized governance structures. However, the trend towards centralization in many aspects of governance runs counter to Robb's recommendations. The tension between local empowerment and the need for coordinated responses to large-scale challenges present an ongoing dilemma in implementing Robb's ideas. Implementation of Robb's proposed solutions face significant hurdles. Institutional inertia, short-term thinking, and the complexities of coordinating decentralized systems all pose challenges to realizing his vision of a more resilient society. Moreover, some of Robb's ideas, particularly around localism and decentralization, can be challenging to reconcile with the realities of an increasingly interconnected global economy and the scale of transnational threats. Super-Empowered Individuals: The Rise of Non-State Actors Another idea present in John Robb's "Brave New World" is the the emergence of super-empowered individuals has reshaped power dynamics in ways that challenge traditional governance and security paradigms. While these actors have driven innovation and progress in many sectors, their outsized influence also presents significant risks to societal stability.
On the positive side, super-empowered individuals have been catalysts for transparency and technological advancement. Whistleblowers like Edward Snowden exposed government overreach, sparking crucial debates about privacy and surveillance. In the tech world, entrepreneurs like Elon Musk have pushed the boundaries of what's possible in electric vehicles and space exploration, influencing entire industries through sheer force of will and innovation. The financial sector in particular has seen similar disruption. The anonymous creator(s) of Bitcoin, known as Satoshi Nakamoto, launched a revolution in digital currencies that's challenged traditional banking systems and concepts of value. This innovation has opened up new possibilities for financial inclusion and decentralized economic models. However, on the flip side, social media platforms, while democratizing information flow, have also become breeding grounds for disinformation campaigns. Bad actors can now rapidly spread false narratives, manipulating public opinion and potentially destabilizing political systems. The speed and reach of these platforms often outpace traditional fact-checking mechanisms, creating an environment ripe for exploitation. In cybersec, we see this as individual hackers and small groups have demonstrated an alarming ability to cause outsized disruption. The 2014 hack of Sony Pictures, attributed to a small team of North Korean-linked operatives, embarrassed a multinational corporation and created international tensions. More recently, ransomware attacks by groups like DarkSide have shown how a handful of skilled individuals can disrupt critical infrastructure and extort millions from large organizations. The financial influence of super-empowered individuals has also shown a darker side. We've seen how a single tweet from a prominent figure can send shockwaves through entire markets, highlighting the precarious nature of systems vulnerable to individual whims. This volatility poses risks not just to investors, but to economic stability more broadly. These developments present significant challenges for governance and security frameworks. Traditional power structures and regulatory systems were designed to handle nation-state actors or formal organizations. They often struggle to contend with the fluid, unpredictable nature of small groups, much less individual actors empowered by technology. The speed at which these individuals can act often outpaces the ability of institutions to respond effectively. Looking forward, it's clear that new approaches to security and governance are needed. These must be flexible enough to harness the positive potential of super-empowered individuals while mitigating the risks they pose. This might involve rethinking regulatory frameworks, developing new models of public-private cooperation, and fostering digital literacy to create a more resilient society. The trend of individual empowerment will likely accelerate as technology continues to evolve. Advancements in AI, biotechnology, and other emerging fields will likely create new avenues for individuals to exert transformative influenc not seen in previous generations. Open-Source Warfare and The Democratization of Conflict Continuing with Brave New War by John Robb. The rise of open-source warfare presents us with complex challenges and opportunities. While it has undeniably empowered non-state actors and individuals, this openness also offers potential benefits for defenders and security professionals.
Open-source approaches have revolutionized cybersecurity efforts. Many defense strategies now rely on community-driven threat intelligence sharing and open-source tools. This collaborative model has allowed for rapid identification of new threats and the development of countermeasures at a pace that often outstrips traditional, closed security systems. However, this same openness that strengthens defense can also be exploited by malicious actors. The freely available nature of many hacking tools and cyber warfare techniques means that sophisticated attack capabilities are no longer the sole domain of nation-states or well-funded criminal organizations. A skilled individual with internet access can potentially wield cyber weapons that were once the exclusive purview of government agencies. This duality creates a constantly shifting security landscape. Defenders must remain vigilant, adapting their strategies as quickly as new threats emerge. At the same time, they can leverage the collective knowledge and resources of the open-source community to bolster their defenses. The challenge moving forward lies in striking a balance and harnessing the innovative potential and rapid adaptation of open-source approaches while mitigating the risks they pose to security and stability. This may require a fundamental reevaluation of traditional security paradigms, focusing less on controlling information and more focus on networked resilience and adaptability. As Robb noted, in this Brave New War, the ability to quickly adapt and learn from a distributed network may prove more crucial than conventional advantages in resources or manpower. This shift demands a new approach to security, one that embraces openness and collaboration while remaining clear-eyed about the potential risks. Ultimately, open-source warfare has irrevocably altered the nature of conflict and security in our interconnected world. How we navigate this new reality will shape the future of global security for decades to come. Systems Disruption: Exploiting Interconnected Vulnerabilities Continuing with John Robb's "Brave New War" which introduced a prescient concept that has become increasingly relevant in our interconnected world: systems disruption. Robb argued that in modern conflicts, targeting critical infrastructure could cause widespread chaos and undermine a state's ability to maintain control. This strategy, focusing on exploiting vulnerabilities in complex systems rather than engaging in direct combat, has proven remarkably accurate in predicting the nature of modern threats.
The core of Robb's insight lies in recognizing the inherent fragility of our interconnected systems. As societies have become more technologically advanced, they've also become more dependent on complex networks of infrastructure from power grids and water supplies to financial systems and communication networks. While these interconnected systems offer tremendous benefits in terms of efficiency and capability, they also present a significant vulnerability. A well-placed attack (or bad update in the case of Crowdstrike) on a critical node can have cascading effects, causing disruptions far beyond the initial point of impact. Robb's concept goes beyond traditional notions of sabotage or infrastructure attacks. He recognized that in a world of complex, interdependent systems, relatively small actions could have disproportionately large effects. This asymmetry is particularly appealing to non-state actors or smaller powers who lack the resources for conventional military confrontations. By targeting key vulnerabilities in critical systems, these actors can potentially cause widespread disruption and chaos without the need for large-scale military operations. The psychological aspect of systems disruption is another key element of Robb's analysis. He understood that beyond the immediate physical or economic impacts, successful attacks on critical infrastructure could erode public confidence in the state's ability to provide basic services and security. This loss of confidence can be as damaging as the physical disruption itself, potentially leading to social unrest or political instability. Robb's foresight in identifying the potential for systems disruption has been validated repeatedly in recent years. Cyber attacks on power grids, ransomware targeting healthcare systems, and disruptions to financial networks have all demonstrated the vulnerability of our interconnected world, the Colonial Pipeline ransomware incident is a good example of this. These incidents have shown that Robb's concept of systems disruption is not just a theoretical construct, but a real and present danger in modern conflicts. As our reliance on technology continues to grow, so too does the potential for systems disruption. The rise of the Internet of Things, the increasing digitization of critical infrastructure, and the growing sophistication of cyber weapons all point to a future where the risks of systems disruption are likely to increase rather than diminish. In response to these threats, Robb emphasized the need for resilience in our critical systems. This means not just hardening defenses, but also building redundancy and adaptability into our infrastructure. The goal is to create systems that can withstand attacks or disruptions and quickly recover, rather than cascading into widespread failure. The CrowdStrike incident of July 19, 2024 serves as a good illustration of the risks inherent in centralized systems, particularly as it relates to cybersecurity. CrowdStrike, a major player in the cybersecurity industry, experienced a critical software update failure that cascaded into a widespread outage affecting millions of devices across various sectors. The incident began with a seemingly routine software update to CrowdStrike's Falcon platform. However, a misconfiguration in the update caused the security software to malfunction, effectively disabling endpoint protection for a vast number of clients simultaneously. This single point of failure in a centralized system rapidly escalated into a crisis affecting financial institutions, healthcare providers, energy companies, and government agencies. I experienced this first hand with my work laptop and later that morning trying to take the CCSP at a testing center as all the computers were BSOD. Banks reported disruptions in transaction processing systems, hospitals faced interruptions in accessing patient records, and several power plants had to switch to manual operations due to concerns about compromised industrial control systems. The ripple effects of this outage highlighted how deeply embedded CrowdStrike's services had become in critical infrastructure across multiple industries. What makes this incident particularly noteworthy is that it wasn't the result of a malicious attack, but rather an internal error, however this is what a crippling cyber attack could look like. This underscores a key vulnerability of centralized systems even without external threats, they can still fail catastrophically. The concentration of so many critical services under one provider created a single point of failure that, when compromised, had far-reaching consequences. The CrowdStrike outage should serve as a wake-up call about the dangers of over-reliance on centralized cybersecurity solutions and systems. It demonstrated how the very systems designed to protect against disruption can themselves become vectors for widespread disruption when they fail. This incident reinforces the need for diversity and redundancy in critical systems, echoing John Robb's warnings about the vulnerabilities created by our interconnected, centralized infrastructure. Networked Warfare In 2007, John Robb's "Brave New War" introduced a radical new framework for understanding conflict in the 21st century. At the time, Robb's predictions may have seemed speculative, but they have since proven to be disturbingly accurate. Robb argued that the future of warfare would be dominated not by nation-states and traditional military forces, but by decentralized, networked insurgencies and super-empowered individuals who would leverage technology to disrupt societies in ways previously unimaginable.
This book, which I picked up as a freshman polisci major in 2007 shaded many of the papers I wrote, and as I sit here in 2024 writing this, the world has seen Robb's vision unfold in real-time. From the rise of ISIS to the ongoing conflict in Ukraine, from cyber attacks on critical infrastructure to the influence of tech billionaires on global affairs, the concepts outlined in "Global Guerrillas" have moved from the realm of theory to stark reality. When Robb introduced the concept of networked warfare in "Global Guerrillas" in 2007, it represented a radical shift from traditional military doctrine. Robb envisioned a world where decentralized groups, operating without rigid hierarchies, would challenge state powers through adaptability and resilience. Today, this form of warfare has become the norm rather than the exception, with many parallels to what we see in the cybersec world. The evolution of cyber warfare provides a perfect parallel to the rise of networked warfare in physical space. In many ways, cyber threat actors were the vanguard of this decentralized, agile approach that's now reshaping conventional conflicts. In cybersecurity, we've long observed how decentralized hacking groups and state-sponsored actors consistently outmaneuver more traditional, hierarchical defense structures. Consider groups like Anonymous or the countless ransomware gangs operating today. They function as loose collectives, often with members spread across the globe, coordinating their efforts through encrypted channels and dark web forums. This structure allows them to rapidly adapt to new security measures, share zero-day exploits, and launch coordinated attacks that are difficult to attribute or counter. This dynamic, which emerged in the digital worlds first due to the inherent nature of the internet as a decentralized network, has now manifested in physical conflicts. The ongoing war in Ukraine serves as a prime example of networked warfare in action, mirroring the tactics we've seen in cyberspace. Ukrainian forces, bolstered by volunteer battalions and local defense groups, initially employed a networked approach that allowed them to effectively resist a larger, more conventionally structured Russian military. These decentralized units operated with high autonomy, making decisions on the ground without waiting for orders from a central command. This flexibility proved crucial in responding to the fluid and unpredictable nature of the conflict, especially during the early days of the 2022 Russian invasion. However, the effectiveness of Ukraine's networked warfare tactics didn't go unchallenged. As the conflict progressed, Russian forces began to adapt, albeit slowly and at great cost. This adaptation underscores a key aspect of networked warfare - it's not a silver bullet, but rather a constantly evolving approach. Russia's shift became evident in several ways. They increased autonomy for frontline commanders and adopted smaller, more mobile units. Their information sharing improved, though still not matching Ukraine's speed. The integration of mercenary groups like Wagner, which often operated with more autonomy than traditional military units, allowed for more flexible tactics. Russia also ramped up efforts to disrupt Ukrainian communications through enhanced electronic warfare capabilities. This evolution mirrors what we see in cybersecurity, where threat actors and defenders are locked in a constant arms race of tactical innovation. The side that adapts faster and more effectively gains a temporary advantage, until the other side catches up. As many of us know, the attackers almost always have the advantage. The lesson here isn't that networked warfare doesn't work, but rather that its effectiveness depends on continual evolution and the ability to stay one step ahead of the opponent. Ukraine's initial success came from being more adept at networked operations than Russia. As Russia has slowly closed that gap, the conflict has entered a new phase where both sides are employing elements of networked warfare. This dynamic isn't unique to Ukraine. We've seen similar patterns play out in various conflicts around the world. The rise and fall of ISIS demonstrated how a decentralized network could rapidly gain territory and influence across multiple countries, challenging traditional state powers. Their use of social media for propaganda and recruitment mirrored tactics used by cyber threat actors. In Mexico, drug cartels operate through highly decentralized networks that extend their influence across vast territories and even into international markets. This structure makes them incredibly resilient and difficult to dismantle, much like persistent cyber threat groups. The 2020 protests and riots in the United States saw decentralized groups like Antifa rapidly mobilize and coordinate actions across multiple cities, often outmaneuvering more hierarchical law enforcement structures. The prevalence of networked warfare poses significant challenges to traditional military and security structures in both cyber and physical domains. State actors are being forced to adapt, moving away from rigid command hierarchies towards more flexible, mission-oriented command structures. However, this adaptation is often slow and hampered by institutional inertia. In cybersecurity, defenders often find themselves playing catch-up, constrained by organizational hierarchies, compliance requirements, and the need to protect vast attack surfaces. The "assumed breach" mentality that's become prevalent in cybersecurity is a tacit acknowledgment that networks will be compromised, the goal is now to detect and respond rapidly rather than trying to create an impenetrable perimeter. This mindset has carried over to physical conflicts. Ukrainian forces, adopting an approach similar to modern cybersecurity practices, operate under the assumption that Russian forces will break through at some point. Their networked structure allowed them to rapidly detect incursions and respond flexibly, much like a well-designed incident response plan in cybersecurity. The line between cyber and physical warfare will likely continue to blur. The skills and mindset required to operate effectively whether you're a cyber defender or a military strategist are remarkably similar. Adaptability, decentralized decision-making, and the ability to function as part of a resilient network are becoming the core competencies of modern conflict, regardless of the domain. The success of networked actors in recent conflicts, both in cyberspace and on physical battlefields, underscores Robb's prescient understanding of how technology and social dynamics would reshape modern warfare. However, it also highlights that networked warfare isn't a static concept, but a dynamic, evolving approach that requires constant innovation to remain effective. As the 21st century marches on, the ability to operate in a networked, decentralized manner and to continually evolve these tactics will likely become even more critical in determining the outcome of conflicts, both large and small, in all domains of warfare. The challenge for both state and non-state actors will be the continuous adaptation and innovation to stay ahead in this new generation of warfare. Inoreader I've noticed a lot of people in the Simply Cyber community each morning asking how to stay consistently informed about the latest cybersecurity news.
My answer is Inoreader. This RSS feed reader has been a game-changer for keeping up with cyber news. Inoreader has a free and a $10 monthly paid option. I use the free version, though paid, it looks like it has its benefits. After you sign up, add 'Cybersecurity Insiders' and 'Cyber Intelligence' to your feeds. These are excellent sources for the latest in cybersecurity developments and insights. Under a particular feeds drop-down setting, you can also go under the "More like this" option to find similar feeds to add if you wish. Create a dedicated 'Cybersecurity' folder in your Inoreader to keep your focus sharp and your information stream uncluttered. You can adjust the setting to your preferences on how long items stay in your feed or only to show unread items. I'm not unique in doing this; I saw this a few years ago from someone on Linkedin and wanted to pass it along now. Go check it out, they have a handy guide for getting started. My Forgotten Hobby from the Fading Tech Frontier In 2004, the internet was a different world. Social media was in its infancy, smartphones didn't exist, and the web was still very much a digital frontier. It was in this context that I stumbled upon Mike Outmesguine's "Wi-Fi Toys". In 2004 was a teenager with more curiosity than sense, thumbing through a book that would unknowingly pop into my memory as I relearned a lot of networking basics.
"Wi-Fi Toys" was like a cookbook for tech mischief, filled with projects and was a gateway to a world of possibility. My pride and joy, and magnum opus of this time in my life was a war driving rig cobbled together from a basic laptop which was little more than a word processor with a WiFi card slot. I'd modified a wireless card with some coax cable and solder, a DIY hack that made me feel like a proper nerd and a skill I regrettably let lapse until last year. This setup became my trusty sidekick, mapping WiFi networks in my hometown long before I understood the privacy implications. This setup came in handy a few years later when my family disconnected the internet when I went off to college. The irony? While I was unknowingly engaging in actual network exploration, I thought I was hot stuff for accessing IRC via telnet on school computers. I wince thinking back on my misplaced pride, then again, I was barely 16 and found something no one else around me was doing, and considered it like a game. The book delved into antenna theory, which like soldering, I wish I remembered more of now that I've gotten into HAM radio. The DIY antenna projects, Pringles can designs, cantennas, biquad builds were more than just fun tinkering. They provided real-world lessons in signal propagation and gain, offering a ground-level understanding of wireless networking's physical layer whether I realized it or not. Today, the only projects from the book that might still hold water are the antenna designs and possibly the solar WiFi repeater concept. But even these are largely outclassed by off-the-shelf products for most applications. The DIY solar repeater, while an interesting project, would be a security nightmare in today's landscape. You might argue it could be useful for a farm in an area with no cell service, but even that's a stretch given solutions like Starlink. One project I vividly remember was the car-to-car video conferencing setup. By today's standards, it was about as elegant as a brick phone, but back then? The idea of video calling between moving vehicles blew my mind. It was peak "because we can" energy, the kind of wonderfully impractical experiment that defined that era of tech tinkering. But here's the kicker, and my biggest regret. After high school, I put all of this aside. This passion, this knack for hands-on tech exploration, got shelved as I pursued other directions. It wasn't until years after college that I rediscovered my love for tinkering with technology. Looking back, I can't help but wonder: what if I'd recognized this passion for what it was? Where might I be now if I'd nurtured that spark instead of letting it smolder? Don't get me wrong, the experience wasn't wasted. That ground-level understanding of how networks function? It's been invaluable in my cybersecurity career which I didn’t even plan on getting into until 2019, even as the technical details have evolved and I had to learn more than just the absolute basics. "Wi-Fi Toys" taught me to think creatively about technology, to understand systems by building and occasionally breaking them. I keep this book on my shelf now, a sort of personal time capsule. It reminds me of an era when the internet still felt like uncharted territory, before it became the highly regulated, security-conscious space we have today. For anyone just starting in tech or cybersecurity, the projects in "Wi-Fi Toys" might seem quaint or even ancient. But the underlying lesson? That's timeless. Get your hands dirty. Dive deep into systems. That kind of hands-on understanding is crucial, even if the tools and challenges have changed. Like most things, the only constant is change. What's cutting-edge today will be obsolete tomorrow. The real skill isn't in mastering any particular technology, but in cultivating that curiosity and adaptability that helps you keep pace with that constant change. My past with "Wi-Fi Toys" taught me something crucial: it's never too late to rekindle an old passion. Sure, we can't turn back the clock to those Wild West days of the early internet. But that spirit of curiosity, that drive to take things apart and see how they tick? That's something we can and should carry forward. So my advice, borne from experience: recognize your passions. Nurture them. And if you've let one lie dormant, don't be afraid to dust it off and see where it leads. It's never too late to make up for lost time. AHA CritiqueThe AHA, speaking for nearly 5,000 hospitals, has some legitimate beefs with CISA's proposed rules. They're not totally off base, but some of their arguments need a reality check.
First, the valid concerns. The AHA's gripe about multiple, overlapping reporting requirements from various agencies is spot on. It's a bureaucratic goat-rodeo that helps no one. Hospitals shouldn't need a team of lawyers just to figure out who to tell when it goes off the skids. CISA should take the lead in harmonizing these requirements across federal and state levels. One streamlined system would make compliance easier and improve the quality of incident data. The AHA is also right to highlight the operational burden during an active cyberattack. When ransomware's encrypting patient records, the last thing a hospital needs is to get bogged down in paperwork. The suggestion to simplify initial reporting and follow up with details later is sensible. It strikes a balance between immediate action and thorough documentation. However, the AHA's arguments start to fall apart with their resistance to the 72-hour reporting window is frankly crap. Nobody's expecting a full post-mortem in three days. It's a simple notification that something's amiss. If the mouth breathers at the TSA can manage this timeframe, hospitals can too. This early warning system is vital for mitigating the attack and minimizing fallout. The AHA's hand-wringing over two-year data retention is equally misguided. Cyber investigations aren't CSI episodes wrapped up in an hour. Sophisticated attackers can lurk in systems for months or years. Historical data is crucial for understanding their tactics and plugging vulnerabilities. Their emphasis on the burden to smaller hospitals, while understandable, misses the forest for the trees. Cybercriminals don't discriminate based on hospital size. In fact, smaller institutions often make softer targets. Instead of pushing for broad exemptions, the AHA should be advocating for targeted support and resources to help smaller hospitals meet these critical standards but that costs money, and money is tight. Money, now that's clearly a sticking point. Yes, effective cybersecurity and incident reporting cost money. But you know what costs more? Getting your entire system locked up by ransomware or facing massive lawsuits over breached patient data. It's time for healthcare executives to wake up and smell the malware. Cybersecurity isn't an IT problem, it's an existential threat to their operations. Maybe it's time to redirect some of those bloated C-suite salaries into actual security measures. The AHA's fear of legal and reputational risks from incident reporting, despite CISA's anonymity assurances, seems overly paranoid. Properly anonymized data can provide crucial insights without exposing individual institutions. This isn't about naming and shaming; it's about building a collective defense against evolving threats. The call for stronger anonymity guarantees in reporting is crucial. Hospitals need to know they can be honest without painting a target on their backs for lawsuits or reputational damage, however if criminal negligence is involved it should be known about and there should be punitive measures, in my opinion. Healthcare is under constant, sophisticated cyberattack and many of these incidents exploit known vulnerabilities that could be mitigated with better defenses, due diligence, and information sharing. The AHA's resistance to comprehensive reporting requirements is short-sighted and potentially dangerous. CISA may or may not be be a lot of things but it isn't the enemy here. They're trying to build a coordinated defense against threats that are only getting more sophisticated and dangerous. The AHA and its members need to be part of the solution, not roadblocks to progress. Instead of fighting these necessary measures, the AHA should be working with CISA to refine and implement them effectively. They should be pushing for more resources, better training, and streamlined processes, not trying to water down critical security measures. In the end, this isn't just about compliance or avoiding fines. It's about protecting patients, safeguarding critical infrastructure, and maintaining trust in our healthcare system. The AHA needs to recognize that healthcare is critical infrastructure and a component in national security and that these reporting requirements, while challenging to implement, are essential for the long-term health and security of the entire sector. The Dystopian Subtlety of AI in the Modern Workplace Popular media often imagines AI as a dystopian force, conjuring images of rogue machines of Terminator or the Matrix threatening humanity's very existence. However, the reality of AI's infiltration into our lives, particularly in the professional sphere, is far subtler and perhaps more insidiously banal. Rather than the overtly malevolent murder-robots of "Terminator", the AI we encounter is more akin to the benign yet oppressive presence of “AUTO” in "WALL-E". It doesn't seek to violently overthrow or exterminate humanity, but instead slowly integrates into our corporate ecosystems, becoming an omniscient overseer embodying the strictest traits of HR and middle management. Now, imagine a future where every keystroke is tracked, productivity measured to the second, and work patterns relentlessly analyzed, all in the name of optimization. This Orwellian oversight won't come from a human manager, but from AI systems single-mindedly designed to maximize efficiency at all costs. It might not be hard to imagine, because some in corporate management are already tracking workers via Teams. From monitoring coffee breaks to algorithmically streamlining creative processes, these systems could reduce the autonomy and nuance of human work to mere datapoints in service of hyper-efficiency. HR departments may morph from defenders of the company line against workers into custodians of AI-generated performance metrics that may or may not determine who gets hired, and who gets fired. Our professional existence could soon be defined by an uneasy balance between AI's empowering capabilities and its coldly oppressive impulses, inexorably driven by impersonal corporate cost-balancing imperatives. We may retain nominal control, but find our judgment persistently shaped by the ruthless logic of artificial "intelligence". The Duality of AI: Empowerment and Oppression Yes, there's no denying AI's immense power to augment individual capabilities. I've personally leveraged AI to create this website without web development expertise and generate digital art despite my limited artistic talent. For individuals, the empowering potential is clear. However, I remain deeply skeptical of AI's broader societal implications. While amplifying individual abilities, AI also has an undeniable capacity to enable insidious oppression of entire groups. Hyper-empowered individuals wielding AI could accelerate society towards an entropically fractured state that "WALL-E" bleakly satirizes. The legend of John Henry, "The Steel Drivin' Man", serves as a potent metaphor for the human spirit's struggle against the march of technological progress. Battling a steam-powered hammer, John Henry symbolizes our distinctly human capacity to resist being subsumed by machines. Today, AI has assumed the steam engine's role as a transformative force disrupting industries and reshaping labor. In cybersecurity and beyond, AI is revolutionizing fundamental paradigms and processes. We must critically examine how we harness this power. Ideally, AI would amplify human effort by providing productivity-boosting tools to augment rather than replace human expertise. It can streamline mundane tasks like scheduling, data analysis, content generation, and social media management freeing up immense human potential, and more importantly time. The goal should be fusion, not cold elimination. However, we must remember John Henry's cautionary tale. His Pyrrhic victory over the steam drill came at the ultimate price, complete depletion, and death by exhaustion. While we embrace AI's tantalizing efficiencies, we cannot lose sight of the human toll and cost to qualities like creativity and empathy. Balance is key. Let AI be a powerful hammer that handles the tedious, repetitive tasks, but humans must retain agency over the nuanced, complex work of creative strategy and meaningful decision-making. The power of AI is undeniable, but so are its risks. We must proactively shape its trajectory, remaining clear-eyed about both the advantages and perils. Steadfastly ground its development in an unwavering commitment to empowering human potential rather than enabling its marginalization or substitution. Lessons from the Dune Universe (Butlerian Jihad 2024) The Butlerian Jihad serves as a plot device, that Herbert used to sidestep technological issues and focus on social and philosophical themes in his and later his son’s works. The absence of computers and other "thinking machines" in the original novels stems from this Jihad. The term "Butlerian Jihad" may allude to Samuel Butler's 1872 novel "Erewhon," where society destroys machines fearing they might out-evolve humans.
Additionally, Herbert’s works reflect Heidegger's idea that technology makes humans think like machines, which Herbert saw as limiting human potential and evolution. Heidegger argued that technology frames everything in terms of efficiency and control, leading humans to adopt a deterministic mindset. Herbert's elimination of AI in the Dune universe highlights the importance of human creativity and evolution, critiquing the over-reliance on technology and advocating for a more human-centric approach to progress. But anyways, to get to the point. The Dune lore explores the complex history between humanity and technology, epitomized by the Butlerian Jihad, the cataclysmic revolt against the domination of thinking machines which sets the technology of the Dune universe. At its core, the Butlerian Jihad embodied an existential fear of machines usurping control over human decisions and destiny. It represented an impassioned fight to reaffirm human sovereignty against machine tyranny. The trauma of this epoch indelibly shaped mankind’s trajectory, instilling an abiding aversion to any technology mimicking human cognition. This echoes contemporary anxieties around AI eroding human agency and individualism. The Jihad's animating concern was the specter of humans themselves beginning to think like machines, processing data devoid of wisdom, empathy, or ethics. Such capitulation threatened to dehumanize society, extinguishing the vital sparks of creativity, nuance, and free will that define the human spirit. These fears resonate powerfully today, as we grapple with AI's increasing ubiquity. AI systems optimized for efficiency and productivity could incentivize a mode of human cognition that prizes cold rationality over the "fuzzy logic" of emotions, intuitions, and insights. When algorithms dictate decisions, the scope for distinctly human faculties like gut feelings, non-linear connections, and flashes of improvisation can atrophy. Conformity to machine-like paradigms risks flattening the vibrancy of human thought into a gray-scale of programmatic "intelligence" unmoored from human values. As we grow reliant on AI's superlative pattern-recognition and data-crunching abilities, we risk outsourcing core human strengths such as our capacity for critical thinking, creative problem-solving, and contextual empathy. The vitality of human thought rich in diversity, adaptability, and inspired leaps of imagination is both our most precious asset and most vulnerable trait. In the Dune universe, the post-Jihad order wisely embraced human-centric disciplines and technologies designed to augment rather than replace human faculties. Mentats, the Bene Gesserit, and the Spacing Guild all represent models for achieving synergy between cutting-edge knowledge and foundational wisdom, as fantastical as they are in the story. Importantly, they underscore the necessity of preserving human sovereignty over existential functions and maintaining channels for applying human values to technological capabilities. They remind us that while technologies like AI are incredibly powerful tools, they must remain instruments of human intention, discernment, and ethics. The core challenge is ensuring that artificial "intelligence" enriches rather than diminishes our most essential, human qualities. We must enshrine values like fairness and transparency as non-negotiable principles in AI development, and individual use. Crucially, even as we harness AI's pattern-matching prowess, we cannot allow it to impose a tyranny of hyper-efficiency that tramples human autonomy, individual expression, and our capacities for abstraction and imagination. These are the vital antibodies to automated conformity. Dune powerfully illustrates both the existential necessity and daunting difficulty of preserving a recognizably human future amidst technological disruption. By heeding its warnings and embracing its wisdom, we have a chance to sculpt an AI-enabled future that remains animated by the most precious human values, our creativity, free will, empathy, and critical reasoning. The alternative is passively sleepwalking into a “WALL-E” world where human agency has withered under the weight of algorithmic nudges and this is simply not acceptable. We must vigorously engage in shaping AI's trajectory rather than allowing ourselves to be shaped by it. The choice between empowerment and abdication is stark. You Aren’t the Cyber Police & The Consequences Are Still The Same A commonly held misconception, even by practitioners in the field, which I commonly see on Reddit and sometimes Linkedin, portrays cybersecurity professionals as rigid enforcers who stubbornly enforce restrictive policies while impeding business operations or just the “Cyber Police.” This perception is misguided, oversimplified, and honestly naive to believe to begin with.
Technical proficiency is a must for cybersecurity professionals as we have to maintain comprehensive and up-to-date knowledge of the vulnerabilities and attack vectors that malicious actors continually attempt to exploit. Technical understanding allows us to assess risks within business operations accurately. Rather than acting as authorities flexing control, influential cybersecurity advisors facilitate risk management decisions aligned with an organization’s objectives as set by leadership. Effective cybersecurity facilitates symbiotic risk management through an open exchange of perspectives. In an ideal world “our” job is to accurately communicate threat realities while leadership conveys their risk tolerances given financial, operational, and business pressures. Many of us have been in meetings where management leaders explicitly accepted risks that security strongly advised them to mitigate. While frustrating, it’s important to understand that organizational leadership balances acceptable risk postures with competing priorities such as profitability and operational efficiency. If they deem the risk to be within their appetite, that’s on them ultimately. While security advisors may harbor cynicism over risk acceptance decisions that induce trepidation, channeling this into negativity or combative posturing is counterproductive. The objective must focus on pragmatic advisement that balances organizational realities with substantiated risk mitigation guidance. Go home, cash your check, and do it all again the next day. You did your job. |
Details
AuthorI'm Luke Canfield, a cybersecurity professional. My personal interests revolve around OSINT, digital forensics, data analytics, process automation, drones, and DIY tech. My professional background experience includes data analytics, cybersecurity, supply-chain and project management. Archives
January 2025
Categories |