The hacking (cracking) attack on Google et al has caused a phenomenon that actually puts those companies and even countries at risk. Over the last year, the response by companies and countries to these cracking episodes has been to lock down their intranet/internet systems, filtering content and making access more restrictive. As an example, the Air Force Material Command, even after relenting on bans with certain types of social media, still enacts a robust filtering policy that continues to restrict blogs, wikis, and the like. Australia is even considering filtering incoming internet traffic echoing China and other totalitarian countries.
The giant risk of this fortress mentality is that it actually makes the organization less secure because it makes the organization less nimble. By enacting more security, an organization inevitably enacts more bureaucracy which creates friction and slows reaction ability to a grinding halt. This phenomenon is captured well in the Starfish and the Spider (I synopsize it here) and was a central tenet in John Boyd’s discussions on how armies win wars. I propose that rather than locking down access to the internet, organizations relinquish control and let employees, partners, and other supporter’s route crackers and malcontents via an organic set of decentralized tactics (this may already be taking place). Twitter is indeed mission critical. In cyber operations, observing, orienting, and acting faster than the adversary is the only way win.
Showing posts with label OODA. Show all posts
Showing posts with label OODA. Show all posts
11 August 2010
18 August 2009
OODA Is Not A Donut
One of John Boyd's most popular contributions to modern thought is the OODA loop. It is used in everything from business and marketing to combat operations. I'm not going to go into a whole thing about how cool it is and how insightful. All I want to say for now is that this donut diagram is NOT an OODA loop:
In fact, Boyd was emphatic that the OODA was not a linear, first you Observe then you Orient kind of thing. The OODA donut above is not an OODA loop. The diagram below is what it really looks like:
So please, don't use the donut diagram. It's a simplistic representation that misses the whole point of the thing.
Subscribe to:
Posts (Atom)