One of the things that struck me at the party last night, sitting at a table with a bunch of folks like me, who either do work for the government or have worked for the government were two themes that came up over the really nice salmon -one spoken, and one not.
The spoken? "The (cyber) arms race"
The unspoken? "Disintermidiation"
The "arms race" discussion was not the long-term topic of the evening, but definitely one that stuck with me. The idea is that every country in the world today seems to be running hard to build, at minimum, defensive cyber capabilities. Many are also building offensive capabilities --either organic or outsourced. Regardless, the race is on. Red Sky analysts are tracking the growth of these capabilities for our membership. We have a feeling it's going to become important very soon.
Disintermediation? This is one of my favorite words. I first heard this word in a cyber context when Dave Aucsmith took the stage at the AFCEA conference in Colorado last spring. Disintermediation is an economic term that describes 'cutting out the middleman' in a supply chain. In a cyber context, the idea was that in the era of cyber, attackers will attack victims without the assistance of a military, essentially cutting out the middleman. An October Gartner report offered an assumption that "By 2020 25% of global enterprises will engage the services of a "cyberwar mercenary" organization." (Source: How to Select a Security Threat Intelligence Service, 16 October 2013, Rob McMillan, Kelly M. Kavanagh)
So I think a lot about these two ideas (forces?)... an arms race, plus cyber disintermediation. Wow. Imagine the future. Indicators are aligning and I'm not sure any of us are going to like it:
- Red Sky is busy, as are apparently other threat intelligence organizations. Companies are beginning to understand that intelligence is important stuff.
- Several companies have sprung up in the last couple of years who chase 0-days, touting offensive capabilities.
- There are countries in the world that seem to not mind being viewed as the location of choice for launching points of these capabilities. Motivations to do so are economic, political, activist, or any number of other reasons.
- Many countries around the world are posturing for offensive cyber operations, and I believe the number of countries staging these capabilities will grow significantly over the next few years.
- At the same time, the labor pool is short, meaning outsourcing will become mainstream in the future, potentially laying credence to McMillan's assumption.
- People in DC are talking about the idea of a 'cyber arms race'. So whether it's real today or not, because people are talking about it over dinner in DC means it's probably coming.
- The world is becoming even more wired through "Internet of Everything". Are you going to be ready when the coffee pot in your office break room is used to listen in on conversations or become an attack relay into other machines in your company?
- Analysts are assuming cyber mercenaries in the very near future. Just like the DC comments, it's in writing. For me, this is the second indicator that people are talking about it... and for every comment, the likelihood of it becoming true grows.
- And, the unspoken, disintermediation, in a cyber context is very real.