OSINT 2: When is it Time?

Wonder why some companies don't have a more proactive OSINT (Open Source Intelligence) operation inside their own institution, looking at and analyzing potential “Threat Intel” across their global domains?

While there are very expensive services that can package up exactly what you are looking for, sometimes it just takes a little more time and the right “Sources."

You could get a service at x-iDefense or even a more wide range of collection capabilities from the likes of x-Cyveillance to assist the in-house OSINT operation.

Throw in some Stratfor, OSAC and one or more variations of Symantec or Qualys or Seerist and you have it mostly covered. Except for one thing.

Plenty of "Gray Matter.”  How many qualified analysts do you have on your team?

We might agree that there is more information out there than anyone could possibly imagine accessible with a few clicks and keystrokes.

Yet the easy part is the collection and the filtering or storage. Making any sense of it all with the relevance you seek is the "Holy Grail" for you, today.

Yet that might change tomorrow.

It's the consistent development of a new hypothesis and testing it that determines who will get the next new piece of information ready for OSINT.

And still the question remains. Will this be better kept a secret, or out in the “Wild"?

The argument usually isn't whether the results of the test should be published, it's more about when to publish.

Open Source Intelligence is going to be around for some time to come. The tools are getting even better to find and process massive volumes of information.

Think AI.  Think GPU.

The only real impediment will continue to be those who want to wait and hold on to it, a little longer…

Trusted Horizon: "Augmented Intelligence"...

When you read that critical powerpoint report last week at work, did you trust what the author had written?

How did you make the decision to trust the numbers that the author placed in the columns and rows chart on page 3?

Did you trust the author and source because of their previous track record of accuracy?

Did the numbers come from a sensor that has been tested in an independent lab to a 99% level of truth?

You trusted that report at work for a reason. It was a “Trust Decision”.

Why?

Have you personally tested the math? What is the source of the data?

So why do you trust Apple vs. Samsung? Verizon vs. AT&T?

Would you pay $100 for a machine that was 99% accurate or could you live with a machine that was 50% accurate and only cost $50?

Think about your mobile navigation mapping app. Where are you going?

These kind of discussions are fundamental yet necessary for us at this point in our digital innovation journey. Just as humans have since the inventions of the Personal Computer, Internet and Quantum Computing.

Trust Decisions are mathematical.

mathematical

adjective

1: of, relating to, or according with mathematics

2 a: rigorously exact : PRECISE

b: CERTAIN

3: possible but highly improbable

We have been trusting computers, data and all kinds of sensors as a result of established testing standards. You name it. ATM’s. Stock Markets. Airplanes. Rockets.  Satellites.

Today, would you trust the answer of any question asked to your favorite Large Language Model (LLM)?

LLM’s will challenge your future digital “Trust Decisions” because you might decide whether you believe Chat-Brand A vs. Bard-Brand B vs. Claude-Brand C.

No different than your preference today on using Google search or Bing.

Are human lives at stake? How will we ensure the trust of our digital machines? 

Into the future, our ability to produce high accuracy “Trust Decisions” will depend on your own “Augmented Intelligence” (Ai)...

Mosaic: Launching New Solution Navigators…

There are countless people and organizations who are articulating the problems that exist in your agency, your business or your non-profit.

Some international entrepreneurs are assisting those who have not developed their own concept selection and development team with solving the identified and validated problems.

The challenge in most entities has been enough resources and the correct people dedicated to defining the problem-sets and then applying a proven methodology for creating a solution space with a mission to deliver potential prototypes for testing.

How fast does your organization move from “Problem Definitions” to “Deliverable Solutions” ?

Well that is going to depend on what business or industry you are competing in across your geographic area. Are you in a small business? A regional enterprise. The national leader in ordering stuff online made by someone else and then delivering it to your customers household doorsteps?

Or are you in a services institution that invents and delivers new process designs. New intellectual capital. New creative ideas. New real-time OSINT information.

Moving from a past historical era where “Problem-space to “Solution-space” may take years, now our 2022 world is witnessing this time line whittled down to days, hours or even seconds.

In our current digital environment, utilizing Quantum capabilities, the problem may be solved in a minute or a second or two.

If you are trying to launch the next space craft to the Moon or Mars or beyond, it could take longer.

Yet what does all of this focus on true innovation really mean to “John Q. Citizen”?

So what?

Do you remember the first time you used Mosaic? What about the Netscape Navigator?

If you do remember, then you have a substantial set of real context on the topic of and history of creative innovation. Solving real-problems.

You actually understand and witnessed the speed at which people are capable of creating “New”.

Defining problem-sets to creating new solution-sets was a daily process for all of those "Digital Navigators" with electronic keyboards and modems in the early 1990’s.

Utilizing our Earths new World Wide Web technologies and capabilities, provided so many with the ability to explore, experiment and test, then to deliver new product solutions for those who did not even know they had a problem yet.

For those so interested in the future of our world and so eager to be innovators in 2022, sometimes you just have to study the past for a lesson. Maybe even read up on Mosaic on Wikipedia.

This journey has been epic. Now get out there and “Do” what you have a passion for and that will make a difference on this rock!

Metadata: What, Who, Correlate...

As you scrolled through your digital feed today on your favorite Social Media App, what did your finger stop and pause upon?

Was it a particular person you were connected with, who was posting a question Poll?  Why this person?

Was it a specific topic of political interest with a headline that caught your attention? Why this topic?

Was it a picture of your favorite place in the city you live in?  Why this picture?

Maybe it was a combination of all, so you then took the time to do some more research, some background, to try to satisfy a curious state of mind that took over your thinking.

What questions did you seek answers to, in your journey to satisfy your own curiosity?

You are exactly the kind of person the state or private entity is watching and measuring.

Cookies and metadata are their tools:

 

Metadata means "data about data". Although the "meta" prefix means "after" or "beyond", it is used to mean "about" in epistemology. Metadata is defined as the data providing information about one or more aspects of the data; it is used to summarize basic information about data that can make tracking and working with specific data easier.

So what?

The person on this web page or in this rental vehicle, or this retail store has this “name associated” with the user name or mobile device they have carried within 5 feet of the digital sensor:  John Doe’s iPhone 11.

Whether he is on the browser visiting the web page or has the small radio frequency (RF) device in his pocket, it is being measured.  It is being correlated.  It is being shared.

You see, John/Jane Q. Public for the most part does not care.  He does not think about it.  She is unaware of the implications of the ip, location or metadata they are sharing in their own home, in public locations, or the workplace.

With whom?  The answer to this question depends…

National Security: LC-39A and Beyond...

As SpaceX launched two U.S. NASA Astronauts into orbit on Saturday from LC-39A, many of us were joyful.  We are experiencing the outcomes from a long journey back to true collaboration, between government agencies and the private sector industrial complex.

The new problem-sets ahead of us and the continuous ability for dual-use technologies to span both the government sector and the commerial markets will be challenging.  One thing is certain.

We will persevere in this "Infinite Game" and the U.S. will utilize the best and the brightest methods of innovation to achieve our ambitions for space travel ahead.  Our imagination will carry us far beyond any horizon we can visualize, especially in creating more effective public-private partnerships.

How might a "Moonshot and Beyond" way of thinking across America, accelerate us towards a new future state?  What will we do to utilize the way our brightest minds think and do almost everything different today?

The combination of decades of experience with "Baby Boomers" integrating with the ingenuity and "Will Do" aspirations of our new Generations that are just getting their wings, is our real opportunity.

The opportunity to forge substantial break throughs in engineering, software development and a variety of autonomous vehicles.  The opportunity to develop expendable sensors and low cost tools, to continuously protect our nation.  The chance to put a man on Mars and beyond.

Legacy platforms of the past, that have kept us from a true technological revolution, must finally go to the grave.  Our National Security and livelihood now depends on it.

Open minds and investment capital in the hands of the right organizations, will propel us into a future we all know is possible.  Academia fusion with venture mind-sets builds the stage for innovation.  Yet what real-world problems from government and industry can be solved?

The emerging use-cases are vast and requires only our continuous imagination...

Analytical Decisions: Navigating to a Trusted Future...

"For those of us who are decision makers, these are huge problems. With growing velocity, we are losing our ability to trust digital information to be factual, accurate, reliable, and authentic. But we also are losing something far more important—trust in the quality of our own decisions and our confidence in those we trust to make good decisions"  Jeffrey Ritter-Achieving Digital Trust

Think about all the Trust Decisions that you made this morning.  This week.  This month.

Countless decisions to act upon your experience, your current information or the live scenario unfolding almost instantly in front of you.  "Trust Decisions".

Is this a discipline or process that you can truly learn and improve upon?  The question is, do you think it is important enough to learn more and to devote precious time to making this a priority in your life?

Where are you in your particular "Life Cycle" right now?  At the beginning, near the end or somewhere in between?  Yet it is never to early, to study and learn more about the science of Trust.

SpaceX is looking to raise around $250 million in new funding according to a new report from CNBC’s Michael Sheetz. The additional cash would bring SpaceX’s total valuation to around $36 billion, according to CNBC’s sources — an increase of more than $2.5 billion versus its most recently reported valuation.

The rocket launch company founded and run by Elon Musk is no stranger to raising large sums of money — it added $1.33 billion during 2019 (from three separate rounds). In total, the company has raised more than $3 billion in funding to date — but the scale of its ambitions provides a clear explanation of why the company has sought so much capital.

Building trust with a new person, new organization, new project, new government or new ecosystem requires a sound and thoughtful strategy.  A strategic approach to reaching your vision, completing the transaction and achieving your outcome.

Trust is the affirmative output of a disciplined, analytical decision process that measures and scores the suitability of the next actions taken by you, your team, your business, or your community. Page 49 - Achieving Digital Trust - Jeffrey Ritter

Godspeed on your particular TrustDecisions ahead.  Onward!

Privacy: The "New" Age of Unreason...

In the new age of unreason, Charles Handy the author of The Age of Unreason would say that discontinuous change is upon us. He would say that we need to outsource everything that is not a core function of the enterprise. And he would say that learning, is the same as change from a different worldview.

Mark Zuckerberg came to Washington, DC, on Thursday to claim the mantle of Martin Luther King and the Founding Fathers as a champion of free speech. Standing in the stately Gaston Hall auditorium at Georgetown University—which has hosted the likes of Bill Clinton, Barack Obama, and Bono—the Facebook CEO declared, “I’m here today because I believe we must continue to stand for free expression.”

And a city full of regulation-hungry politicians and foes of Big Tech undoubtedly thought: How’s that working out?  --Ars Technica-Steven Levy, wired.com - 10/19/2019

Making changes is also about learning what those changes will mean, to everything that interfaces with that change. It means that testing must take place in a lab or compartmentalized area of the business to insure that the change doesn't impact the core operations.

In the words of Charles Handy:

"Learning is not finding out what other people already know, but is solving our own problems for our own purposes, by questioning, thinking and testing until the solution is a new part of our lives."

"If changing is, as I have argued, only another word for learning, then the theories of learning will also be theories of changing. Those who are always learning are those who can ride the waves of change and who see a changing world as full of opportunities rather than damages. They are the ones most likely to be the survivors in a time of discontinuity."

Adaptation in order to survive in the corporate world is nothing new. The risks associated with making new decisions depend on how that decision will impact the other persons, processes or systems in the enterprise.

It means observing performance and measuring the results, to determine if the change is worth the new risks that the organization is about to encounter...

Trust Decisions: Never Stop Questioning...

"Learn from yesterday, live for today, hope for tomorrow.  The important thing is not to stop questioning."  --Albert Einstein

What sources are influencing your "Trust Decisions" today?

The front page of the "Washington Post."  The e-mail from a parent.  The text message from a loved one.  A phone call from your commander or a work supervisor.

What does your future look like next week?  Next month.  Or next year.  You might think you have it all planned out and on your calendar.  Or maybe you have not even thought about it yet.

Which person are you?

One certainty is, that you will experience the unexpected and you will simultaneously be required to adapt, to adjust and to be agile, in order to respond to the changes in your day, your plan and in your life.

As a true leader in your business, in your agency, in your tribe or in your family, is there anyone you know, that asks questions all the time?  Here is a question.  Why does this bother you?

How will you achieve your latest objectives?  Most likely because you have a continuous passion for asking questions.  Then you truly listen.  You take the time to think.  You now make your "Trust Decisions" to act.

Albert Einstein was correct...

Learn from yesterday, live for today, hope for tomorrow. The important thing is not to stop questioning.
Read more at: https://www.brainyquote.com/topics/hope

Transparency: "Square One" in ORM...

Operational Risk Management (ORM) has been evolving for over a decade. There are new insights into why effective business process management coupled with Operational Risk architecture makes sense, through the lens of the Board of Directors. Transparency.

Still to this day, the questions remain:

• What can my organization do about the risk of loss resulting from inadequate processes, people, or systems?
• To what extent should my organization link employee compensation or job performance with operational risk management?
• How is operational risk taken into consideration when new products or technology solutions are designed or acquired, deployed, and executed?
• Does my organization have an inventory of its key business processes with documented controls and designated senior managers responsible?

Can these questions be answered in a book of 308 pages from 2008? It was a good start, to say the least. The authors understood, that to really embed a culture of (ORM) into the enterprise, you have to begin at the architecture level, the business process level.

This is far in advance of the governance of information and the business rules coded into software systems, even for such mundane corporate tasks as expense report or travel request review and sign-off.

You see, some companies still think that they are just doing fine with their Safety and Security Team, Continuity of Operations and Crisis Team, Chief Information Officer (CIO), General Counsel (GC), Chief Financial Officer (CFO) and in limited cases the Travel Risk Management department all working autonomously. They think that having a few dedicated investigators to look into corporate malfeasance, is all they require in a corporate population of tens of thousands.

What do we mean by autonomous? Not what you may think. There is no doubt that the leaders of these organizational departments are cooperating and coordinating functionally. They have each other on speed dial. They share high level red alert Intel with each other.

The question is, what is being done at the metadata level of the Operational Risk Enterprise Architecture (OREA)?

How are they designing Operational Risk Management systems to answer key questions at the speed of business? To continuously adapt to an organization’s changing global environment, executives must know about, keep in balance, and communicate several vital components:

• What are the organizational strategies (Strategic Intent) and how these should be implemented (Strategy Development and Organizational Change)
• What organizational processes are executed and why, how they are integrated, and how they contribute to the strategy of the organization (Business Process Management)
• How human resource utilization is working and whether there is optimum use of skills and resources available across processes and functions (Human Resource Management)
• To what extent the enterprise organizational chart is cognizant of appropriate roles and responsibilities, in order to effectively and efficiently carry out all work (Organization Management)
• What IT applications exist and how they interface with what processes and functions they support (IT Portfolio Management)
• How the performance of each process, each function and each individual adds up to the organization’s performance (Performance Management)
• What projects are currently underway, how they effect and impact change, what processes and IT applications they change and how this contributes to the strategy of the organization (Project & Program Management) 

Is Operational Risk Management (ORM) about "Big Data Analytics"?

Only if your organization values better transparency, governance and regulatory compliance. Ask the Board of Directors their answer on this question to determine whether ORM is a "Big Data Analytics" issue. How big is big?

The momentum for transparency is now at the U.S. government level of commitment.   It is the law. Big Data Analytics will mean nothing, without increased transparency. Now we can ask the questions that we all want answers to.

The Operational Risk Management (ORM) architecture of your enterprise will now begin with transparency, as the fundamental "Square One".

Imagination of Trust: The Risk of CEO Transformation...

The true sign of intelligence is not knowledge but imagination. --Albert Einstein

In the past 17 years, over 50 percent of the largest industrial companies have been extinguished from the Fortune 500.  Some were acquired, others bankrupt, many others merged to survive.  Have you noticed the trend line on the stock price of General Electric this past year?

Digital Transformation and potential extinction is the single unanswered factor on every CEO's mind today.  As massive data sets become exponential in size, pervasive in geographic reach and utilize a wide spectrum of sensors from mobile phones to C4ISR, the Operational Risk parameters are even more complex.

Decision Advantage is the lofty goal and the speed to answers and insight is evermore the ultimate competition.  The words "innovation" and "disruption" are being used to describe something that is far more scientific and evolutionary.  The World Economic Forum has an initiative called the "The Fourth Industrial Revolution" and the 48th annual meeting this month is entitled: Creating a Shared Future in a Fractured World.

So what?

The CEO's of this world are on edge.  They wonder if they will have enough intellectual and operational transformation in this digital and fractured world to survive.  They worry about the new born threats of the digital age such as ransomware, block chain and artificial intelligence.  Welcome to the conversation around the C-Suite and the new normal.

Yet who better to capture the essence of why this matters, than Jeffrey Ritter:

"When the information you need to make decisions is controlled, the quality of your decision is controlled and the possible outcomes from which you can choose slip from your control. Where there is less information, your decisions become vulnerable. As an executive, an IT architect, an investment manager, an educational director, or even a parent, your job is to lead with good decisions. You want your decisions to be ones that others will follow. But those ambitions erode when those fighting the war to control digital information are winning."

What is the cloud?  Your information on another organizations computer.  The race for faster decision advantage has now transformed to the race for the fastest TrustDecisions.  Decisions executed on trusted information is why we have the wave of new technologies embedded with encryption, biometrics and even Multi-Factor Authentication (MFA).

Digital Transformation in your enterprise changes your reason for existence.  The answers in many cases will be more about your people, not the technology.  It will require bold action and sweeping personal imagination.  The definition of imagination:

...the act or power of forming a mental image of something not present to the senses or never before wholly perceived in reality.

The trustworthiness of your future decisions are at stake.  The imagination of the people around you is a limiting factor.  As the CEO of your Fortune 500 company or the leader of your Series A startup, the time has come for your transformation...

Alternative Analysis: Intelligence-Led Methodologies...

Operational Risk Management (ORM) is about the consideration of past failures and the possibility of unknown future failures of people, processes, systems and external events. The analysis of the likelihood and implications of those loss events, requires different methodologies to assist in the mitigation strategies to prevent or avoid the risks of failure. In light of the nature and complexity of transnational asymmetric threats, this requires the use of alternative methods of analysis.

Intuitive decision making and sense-making— can be combined into a framework for categorizing the residual thought processes of intelligence analysts. This is called "intelligence sense-making".

This process involves the application of expertise, imagination, and conversation and the benefit of intuition without systematic, consideration of alternative hypotheses. Compared to traditional methods of analysis, intelligence sense-making is continuous rather than discrete, informal rather than formal, and focused more on issues that don't have normal constraints.

Employing alternative analysis means that you can't “afford getting it wrong” and then you challenge assumptions and identify alternative outcomes. However, it may be of little use in today's growing non-state transnational threats and for ongoing criminal enterprise complexities. This is because there are so many considerable outcomes, consistent and perpetual changes, and contingencies for any single risk management process to be effective all the time.

Web-logs 3.0 are the future for some effective transnational alternative analysis. Combined with such machine learning threat intelligence systems such as Recorded Future, the open source analyst can operate with increasing pace and context. Unlike more formal published papers, intelligence Web-logs are a more free flowing “unfinished” production, whereby both human intuitions and more formal arguments are posted, and then challenged by those with alternative ideas.

Indeed, Web-logs are the mechanism for a facilitated contextual dialogue— the electronic equivalent of out loud sense-making.

"On September 11th, about half of the hijackers had been flagged for scrutiny at the gate before boarding the ill-fated flights. Had the concerns of the Phoenix FBI office about flight training not only been shared broadly within the government but also integrated into a mindfulness-focused inter- agency process—featuring out loud sense-making, Web-log type forums, computer-generated references to extant scenarios for crashing airplanes into prominent targets—might at least some of the detentions been prolonged, disrupting the plan? --“Rethinking ‘Alternative Analysis’ to Address Transnational Threats,” published in Kent Center Occasional Papers, Volume 3, Number 2.

In our modern day era of Twitter, Facebook and "Crowd Sourcing" technologies perhaps the tools are already in place. Platforms such as Ushahidi are geocoding the information origin, providing ground truth situational awareness and providing context on issues that are unbounded. How often does the published press currently use these tools to get their original leads, potential sources or new ideas for a more formal story? This story then takes on the formal journalistic requirements for confirmation from trusted and vetted sources, before it makes the final deadline and is delivered on printed paper to our doorstep each morning.

The doctrine of analysis for transnational threats and homeland security intelligence, are still evolving in this accelerating digital ecosystem. The alternative methods and tools that we will utilize to examine, refute or justify our thoughts remains endless. The degree to which we are effectively operating within the legal rule-sets for our particular country, state or locality, remains the ultimate privacy and civil liberties challenge. These respective governance guidelines particularly with regard to intelligence record systems and liability issues, must remain paramount:

• Who is responsible for entering information into the Intelligence Records System?
• Who is the custodian of the Intelligence Records System that ensures all regulations, law, policy and procedures are followed?
• What types of source documents are entered into the Intelligence Records System?
• Does the retention process adhere to the guidelines of 28 CFR Part 23 in the United States?

Finally, community-based policing has developed skills in many law enforcement first responders, that directly support new domestic counterterrorism responsibilities. Intelligence-led policing (ILP) provides strategic integration of intelligence, into the overall mission of the larger "Homeland Security Intelligence" enterprise. It involves multiple jurisdictions, is threat driven and incorporates the citizens of the community to cooperate when called upon, to be aware of your surroundings and report anything suspicious.

So what types of information do street officers need from an Intelligence Unit?

1. Who poses threats?
2. Who is doing what with whom?
3. What is the modus operandi of the threat?
4. What is needed to catch offenders / threat actors?
5. What specific types of information are being sought by the intelligence unit to aid in the broader threat analysis?

Alternative analysis is designed to hedge against human behavior. Analysts, like all human beings, typically concentrates on data that confirms, rather than discredits existing hypotheses. Law enforcement is constantly focused on the key evidence to prove who committed the crime.

Alternative analysis shall remain part of the intelligence tool kit, for more formal policy level work. Imagine the use of Intelligence-led methodologies such as "intelligence sense-making" combined with secure Web 3.0 collaborative applications, at the finger tips of our Homeland Security first responders. Now think about that "lone wolf" or "sleeper cell" lying in wait.

Proactive and preventative risk management requires the right tools, with the right information in the hands of the right people.

Global Pulse: Resilience in Development...

The asymmetric threats cast upon the private sector on a daily basis across the globe, are rising and more complex.  As a result, Operational Risk Management (ORM) is a discipline that has quickly matured in the past decade.  

Today, as we embark on this blog post number 1154 we can reflect on our amazing journey.  When you search Google from our location on "Operational Risk Management Blog" this blog is the number 1 link.

This endless journey encounters new insights and transverses industry sectors to include financial services, energy, automotive manufacturing, aerospace, defense industrial base, pharmaceuticals and government both local and federal.  It has involved the following four fundamental principles of ORM:

• Accept risk when benefits outweigh the cost.
• Accept no unnecessary risk.
• Anticipate and manage risk by planning.
• Make risk decisions at the right level.

Whether the oversight and pursuit encountered the risks of fraud, economic espionage, workplace violence, natural disasters, terrorism or cyber vulnerabilities does not matter.  The threats and hazards that span the spectrum of Operational Risks to the enterprise are vast and increasingly diverse.

The discipline continues the quest to improve and to learn new lessons from both the private sector and government.  Now both of these need to also include a third dimension, that is evolving and could be the place to look for real innovation:  Non-Governmental Organizations. (NGO)

The NGO community is the environment that has now gone beyond response and is finally becoming more predictive:

Global Pulse is a United Nations initiative, launched by the Secretary-General in 2009, to leverage innovations in digital data, rapid data collection and analysis to help decision-makers gain a real-time understanding of how crises impact vulnerable populations. Global Pulse functions as an innovation lab, bringing together expertise from inside and outside the UN to harness today’s new world of digital data and real-time analytics for global development. The initiative contributes to a future in which access to better information sooner makes it possible to keep international development on track, protect the world’s most vulnerable populations, and strengthen resilience to global shocks.

There are plenty of situational awareness analogies that can be made to the risk management of vital private sector or government assets over the years.  Predictive operations have been evolving for years with the goal of preemptive capabilities to detect an attack on a Homeland.  The analysis of information from disparate sources is nothing new.  Link analysis and other methods of qualitative and human factors analysis give us the cues and clues to a possible evolving pattern of human behavior.

Yet what is fascinating now about the NGO perspective, is the intersection of Big Data and the mobile phone:

Wherever people are using mobile phones or accessing digital services, they are leaving trails behind in the data. Data gathered from cell phones, online behavior, and Twitter, for example, provides information that is updated daily, hourly and by the minute. With the global explosion of mobile phone-based services, communities all around the world are generating this real-time data in ever-increasing volumes. These digital trails are more immediate and can give a fuller picture of the changes, stressors, and shifts in the daily living of a community, especially when compared with traditional indicators such as annual averages of wages, or food and gas prices. This is especially crucial during times of global shocks, when the resilience of families and their hard-won development gains are tested.

These global shocks that are economic, geopolitical or as a result of climate change are at a macro level nothing more than environmental volatility.  This volatility in markets, government leadership, religious conflict and drought are what is driving the NGO development community to be more predictive and to be more preemptive.

In concert with this focus on predictive intelligence is the initiative "data philanthropy."  How can the data sets from our respective countries be shared to work on the really hard global problems together?  Open Data Sites is just the beginning.  You have to make sure that you recognize the attributes of "Big Data for Development" vs. the private sector or purely government:

Big Data for Development sources generally share some or all of these features: 

(1) Digitally generated – i.e. the data are created digitally (as opposed to being
digitised manually), and can be stored using a series of ones and zeros, and thus
can be manipulated by computers; 

(2) Passively produced – a by product of our daily lives or interaction with digital
services; 

(3) Automatically collected – i.e. there is a system in place that extracts and stores
the relevant data as it is generated; 

(4) Geographically or temporally trackable – e.g. mobile phone location data or
call duration time; 

(5) Continuously analysed – i.e. information is relevant to human well-being and
development and can be analyzed in real-time;

What if the private sector and the government started looking through a different lens?  Or perhaps the other way around.  Is the NGO development community capable of learning from the mistakes with data that intersect with privacy and national intelligence?  Operational Risk Management is just as much an imperative in the NGO environment, as we evolve in the integration of Big Data for global humanitarian initiatives.

When you really look at the opportunity and the challenge ahead, you must consider this intersection of data today in context with where development is still in its infancy.  Look at this visualization of Google search volume by language.  Notice the darkest parts of the planet Earth.

These are where the NGO community lives today, with little access to the Internet, regardless of language.  The human resilience factor necessary to evolve in these non-connected IP (Internet Protocol) deprived areas of the world, must be addressed as we aspire to become more predictive risk managers.

Asymmetric Advantage: Dawn Across Arlington...

One only has to stand behind the "Tomb of the Unknowns" and gaze across the national mall past the Washington Monument to begin to feel the magnitude of the challenges ahead.  As the wind swirls around the grave markers and the sound of sirens and jets are distantly present, you can feel an emotional wave of inspiration.

Today in Washington, D.C., the dawn of a new government administration is waking up and the rest of the world is waiting.  How will the asymmetric problems we face be solved faster?  Why does the decision to use "Solution X" make sense over "Solution Y", to address our nations adaptive Operational Risks?

Why would a U.S. citizen feel inspired this day and from this vantage point in Arlington?  It is because the future will bring new conflicts that are different than years past.  It will bring new opportunities for us to excel.  Every decade that wars occur, there are far less warfighters actually put into harms way.  The number of casualties slows.  Why?

The reason is that the kinetic types of wars are using new inventions and technologies to save lives.  Whether it is MWRAP's or tourniquets built into uniforms, or sophisticated "Geospatial Intelligence", the goal is to keep our warfighters safe and alive.

Now also in parallel, the conflicts are being waged 24 x 7 x 365 in another growing operational domain, where the IO Analyst is navigating electronic networks and complex lines of software code.  Information Operations are full of new challenges and substantial learning curves in order to gain the advantage.

Welcome to the #Virtual Caliphate:

Decades of border disputes, violent conflict, and shifting refugee populations have left millions of Muslims without a clear national identity. ISIL’s virtual caliphate offers them citizenship free from terrestrial constraints, which can be accessed from anywhere in the world.

How the United States responds to this threat of a growing set of virtually-inspired terrorists, who carry out their physical acts in the homeland, remains a substantial problem-set.  What else is in store for our Homeland?

"The U.S. is considered a high-priority intelligence target by many foreign intelligence entities. While traditionally the threat has been to our political, military, and diplomatic interests at home and abroad, the loss of sensitive economic information and technology is a growing threat to our national security. In recent years, economic espionage conducted by foreign intelligence entities, corrupt insiders, and corporate competitors has exploited vulnerabilities in cyberspace that may weaken our economic advantage. Cyber espionage has not replaced traditional espionage as a way to steal secrets, but the ability to focus technology on lesser protected information is a significant and growing threat." DNI.gov Domestic Approach to National Intelligence

The rules will be changing soon.  The tools will be too powerful and the threats too great, for the military to have their hands tied or their legal authorities limited.  The next generation of domestic cyber warfighters will now go into action, side-by-side from CyberCom, Homeland Security, FBI, CIA and a new coalition of advanced private sector contractors.  They will work across the Homeland from SCIFs in every state, with a new enhanced mission and a new unified command.

How will this save lives and give all of our warfighters what they need?

As the billion dollar budgets within the Pentagon shift their focus to platforms such as DIUx, or IARPA, innovative answers will be more apparent.  The growing solutions pipeline will become the basis for rapid deployment to our Operators.  The new Corps of men and women raising their hands from classrooms across the Homeland, will become exponential...they will serve in new roles and in new ways.

The future is bright and the changing of the guard at the "Tomb of the Unknowns", will soon see fewer ceremonies to bury our heroes or even hang another star on a wall in Langley...

Intelligence-led Enterprise: CIU Success Factors...

Intelligence-led processes applied within the corporate global enterprise, continues its relevance for reasons being published in the popular press. "Operational Risk Management (ORM) Specialists" utilize these processes, to mitigate a growing spectrum of domestic and transnational threats:

•  How Hackers Make Money from DDOS Attacks
• China’s plan to organize its society relies on ‘big data’ to rate everyone 
• Government alleges former NSA contractor stole ‘astonishing quantity’ of classified data over 20 years
• Banks preparing to leave UK over Brexit, says banking body chief executive

Developing relevant intelligence to run daily business decisions in your institution may seem like an important task day to day. The question is, how embedded is the "Corporate Intelligence Unit" in developing the relevant intelligence your decision makers need every few minutes or hours to steer the organization away from significant losses? Is your internal web-enabled "Corporate Daily News" or "ABC Company Post" being updated in real-time by the employees in each department or business unit?

Do you have an organized, synchronized media and communications function working within your Corporate Intelligence Unit (CIU), to continuously post the correct content and manage the RSS feeds from each global business unit? Why not?

The "Information Operations" (IO) of your company are the lifeblood of how your employees will make relevant decisions on where to steer clear of significant risk.  Based upon what other business units are doing or what is going on in the external environment of your state, sector or geography, consider these scenarios:

If the internal RSS Feed for the IT department reported that there was a Distributed Denial of Service  (DDos) Attack going on at the moment, how might that impact the decision by the marketing department to delay the posting of the new product release information to the Twitter site? The synchronization of intelligence-led processes is lead by the head of the Corporate Intelligence Unit. The CIU is staffed with people who have a tremendous understanding of the corporate enterprise architecture and have the skills and talents to operate as effective operational risk management professionals.

If the internal RSS Feed for the Facilities Security department reported the presence of a "White Truck Van" with blacked-out windows trolling the perimeter of the corporate parking lot, how might this change the decision for the CEO to leave that minute for her scheduled trip to the airport? Skilled CIU staff within would quickly notify the CEO via the "Corporate 9-1-1 Alert" App embedded in every employees iPhone. Under cover corporate security personnel would then be immediately approaching the vehicle for a recon drive by.

If the internal RSS Feed reported the recent change in industry legislation that would change the way the Federal Trade Commission defined the elements regarding consumer privacy, how might this affect the latest strategy on how the institution was going to encrypt it's data in servers and on laptops? The CIU staff would advise the Chief Information Officer and other Information Security Risk staff to step up the roll-out for the latest version of PGP for the enterprise.

And the list goes on. The modern day intelligence-led Corporate Intelligence Unit (CIU), in concert with other highly specialized Operational Risk Management professionals in the enterprise can keep you safe, secure and keenly aware of new threats to your corporate assets. The degree to which you provide the right resources, funding and continuous testing/exercising of your capabilities will determine your likelihood for loss outcomes.

If your organization has been impacted by loss outcomes that continuously put your employees, stakeholders or assets at risk, then look hard and deep at your "Operational Risk" quotient, to determine if you are the best you can be...

ECPA: Reality of Homegrown Violent Extremism...

In the United States, Operational Risk Management Executives in the private sector are consistently balancing the legal requirements for public safety and their customers right to privacy. The Internet Service Provider (ISP) General Counsel's duty to facilitate the rule of law within the private sector organization, has been on a collision course with protecting the homeland for over a decade since 9/11.

One of the critical tools for Homeland Security Intelligence (HSI) is the "Electronic Communications Privacy Act (ECPA) and for good reason. The law provides the tools for law enforcement and national security intelligence analysts while simultaneously protecting the privacy interests of all Americans. In a 2011 statement before the Committee on Judiciary, United States Senate, Associate Deputy Attorney General - James A. Baker outlines the basis for ECPA:

"ECPA has never been more important than it is now. Because many criminals, terrorists and spies use telephones or the Internet, electronic evidence obtained pursuant to ECPA is now critical in prosecuting cases involving terrorism, espionage, violent crime, drug trafficking, kidnappings, computer hacking, sexual exploitation of children, organized crime, gangs, and white collar offenses. In addition, because of the inherent overlap between criminal and national security investigations, ECPA’s standards affect critical national security investigations and cyber security programs."

The criminal elements and their organized syndicates are leveraging modern day technologies and capabilities of the private sector. The legal first responders for our 21st century homeland threats don't always wear a badge and drive a Crown Vic on patrol around our city streets. Many spend their hours on patrol in cyberspace or analyzing terabytes of data online with sophisticated software to determine the what, who, why and how of the current threat stream.

The US government has a fiduciary and legal duty to protect the privacy and civil liberties of all US citizens. Parallel to this task is the rapidly changing use of communications and other mobile technologies to facilitate and support the activities and operations of individuals and networks of people, who exploit the design, configuration or implementation of our countries homeland defense architecture.

Whether this architecture includes the utilization of 72 Fusion Centers or the methods for collecting "Suspicious Activity Reports" (SARS) from those first responders, the fact remains that the pursuit of national security threats is a lofty task. This is happening today, on the ground and in the digital domain. Therefore, the speed that these individuals can legally obtain the data they require to make informed decisions is at stake and so we must eliminate any new impediments put before them. From Mr. Bakers statement on "Government Perspectives on Protecting Privacy in the Digital Age" he explains further:

Addressing information associated with email is increasingly important to criminal investigations as diverse as identity theft, child pornography, and organized crime and drug organizations, as well as national security investigations. Moreover, email, instant messaging, and social networking are now more common than telephone calls, and it makes sense to examine whether there is a reasoned basis for distinguishing between the processes used to obtain addressing information associated with wire and electronic communications. In addition, it is important to recognize that addressing information is an essential building block used early in criminal and national security investigations to help establish probable cause for further investigative techniques. Congress could consider whether this is an appropriate area for clarifying legislation.

Any changes to the ECPA laws should be considered carefully with not only the government but the private sector. The combination shall work together to find the correct balance between national security requirements and the privacy of the customers of mobile communications, e-mail, and social networking entities. The time that it takes our first responders to rule-in or rule-out a person of interest in an ongoing investigation can mean the difference between a failed or successful attack on the homeland. The private sector shall determine the prudent cost to the government for providing the legally obtained information of non-telephone records such as a name, address and other metadata. By the way, has anyone noticed that the criminals, terrorists, spies and other malicious actors have decided to use Telegram, or WhatsApp instead of their mobile telephone?

Homeland Security Intelligence (HSI) first responders will be the first to tell you that the crime syndicates and non-state actors have gone underground and have stopped using the tools that leave the data more easily accessible by law enforcement. Now, they are creating and operating their own private and secure infrastructures within the confines of private sector companies. These clandestine groups have organized hierarchy and specialized skills and therefore, the US government must continue to step up the pace, legally.

What does this all mean? It means that there will be a lower chance of under cover law enforcement officers becoming members of the these organized crime syndicates that in many cases are the genesis for homegrown violent extremism (HVE).

Homegrown extremists can be individuals who become violently radicalized, perhaps after exposure to jihadi videos, sermons and training manuals available on the Internet, security officials say. Such plotters are harder for counterterrorism officials to spot because they have few links with known terrorist operatives and often don’t travel overseas for training.

Another implication is that there is a higher chance that private sector researchers will understand the new trade craft of HVE actors, long before law enforcement and national security intelligence analysts. This is because the standard approach to the "Seven Signs of Terrorism" have been focused on the physical infrastructure. Organizations in the private sector have been researching, tracking and profiling since the late 1990's on the methods and modus operandi of the digital extremists who have plagued our banks and other financial institutions with cyber crime.

The time is now for these two distinct disciplines and professionals to converge. The public as eyes and ears combined with the legal tools to extract the timely information from technology providers is part one. Part two is the integration of intelligence analytic training with the curriculum of the police and fire academies for new recruits. Providing these first responders with the methods, tools and capabilities to be more effective collectors on the street level, will provide the fusion centers with a more robust set of relevant information streams. Here is an example from a graduate certificate class in criminal intelligence analysis from AMU:

The graduate certificate in Intelligence Analysis provides you with a fundamental understanding of the issues, problems, and threats faced by the intelligence community. This online graduate program helps you develop a comprehensive knowledge of how intelligence agencies in the U.S. assess and counter international threats in order to guard U.S. global interests and protect U.S. national security from adversaries. Knowledge from this certificate program is applicable to many career fields within the military, security companies, government contractors, or federal agencies.

We have a choice to provide our first responders with the correct training and OPS Risk education for today's Homeland Security Intelligence (HSI) mission. Our national policy makers have a choice to assist them in getting the information they need to do their jobs quickly, efficiently and while protecting civil liberties. The choices that we make fifteen years after 9/11, will define the landscape for homegrown extremism and the legal framework for ensuring the safety and security of all Americans for years to come.

Know Your Customer: ISP Future Horizon...

The American public is changing their behavior as a result of the privacy and security failures across the private sector business policy landscape.  As the latest NTIA survey data reveals again, online commerce is being impacted and government agencies are now trying to further communicate there is a growing problem:

Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities
May 13, 2016 by Rafi Goldberg, Policy Analyst, Office of Policy Analysis and Development

Every day, billions of people around the world use the Internet to share ideas, conduct financial transactions, and keep in touch with family, friends, and colleagues. Users send and store personal medical data, business communications, and even intimate conversations over this global network. But for the Internet to grow and thrive, users must continue to trust that their personal information will be secure and their privacy protected.

NTIA’s analysis of recent data shows that Americans are increasingly concerned about online security and privacy at a time when data breaches, cybersecurity incidents, and controversies over the privacy of online services have become more prominent. These concerns are prompting some Americans to limit their online activity, according to data collected for NTIA [1] in July 2015 by the U.S. Census Bureau. This survey included several privacy and security questions, which were asked of more than 41,000 households that reported having at least one Internet user.

Perhaps the most direct threat to maintaining consumer trust is negative personal experience. Nineteen percent of Internet-using households—representing nearly 19 million households—reported that they had been affected by an online security breach, identity theft, or similar malicious activity during the 12 months prior to the July 2015 survey. Security breaches appear to be more common among the most intensive Internet-using households.

This survey is indeed only one facet of a much larger topic and pervasive problem.  Digital Trust is the output of making affirmative "Trust Decisions" with computing devices. Whether they are machine-to-machine, person-to-machine, or machine-to-person requires several technology engineering elements and business rules, that are understood and agreed upon.  The question is by whom?

Consumers who are using the Internet for communications and commerce and are the victims of Identity theft, stolen funds or other fraudulent schemes, are just the first wave of targets for transnational organized crime (TOC).  We have known this since the invention of virus scanners and bug bounty programs, in the early days of the 21st century.

Yet fifteen plus years later, the government is doing a study on the consumers feelings about privacy and security.  As a business or a consumer, we understand that the speed of commerce and technology is always far ahead of the regulations and the laws.  When enough people or businesses seem to be harmed, then the momentum begins for policy shifts and new laws are sometimes enacted after thousands of pages of semantic negotiation.

The answers and the outcomes we seek will come.  However, they will not first be solved by politicians and lawyers.  They will be mostly solved by our brilliant mathematicians, software engineers and data scientists.  At this point in time, we are getting so much closer to achieving digital trust through new innovations and inventions.  Just look at IBM Watson.

It is now time for business and commerce to begin the process of finding the truth.  Why do we continue to allow the levels of known bad actors to operate inside and within our networks?  It's a numbers game and it is because the criminals also employ the smartest social engineers and data scientists.

Digital Trust in the next fifteen years will mean something different than it does today.  We will have found the formula along the journey, the new equations and the rules agreed upon by all to make online and digital commerce more safe and secure.  So what will we do today and tomorrow, until the engineers and scientists save the day?

At this point in time, it is simply called "Know-Your-Customer"(KYC).  If this was utilized more effectively across critical infrastructure sectors beyond finance in our digital economy, then we would be making some progress.  Where are we talking about next? 

The FTC and FCC are well on their path to defining those critical elements of improving the trust that consumers have using their digital tools with ICT and on service providers web sites.  Yet even to this day, you still can find the criminals using and leveraging our own Internet Service Providers (ISP) to launch their attacks and perpetuate their fraudulent schemes.  How will this ever be deterred?  Could a version of KYC work with the ISP's?

Even with a global banking system in place you have pockets of greed and deceit.  Rogue nations or territories that have become the go-to-locations for the transnational organized crime syndicates to flourish.  Yet we can do much better, than we are today.

Just ask any "BlackHat" hacker from Eastern Europe who they prefer to do business with.  Query the experts that exist on the dark side and you will find the ISPs they prefer to do business with.  One day the regulators will realize this is where the business of e-crime has an opportunity for change and additional reform.  It will be more than just opening an account to gain access to the Internet.  It will be about scaling up our systems to a future horizon with new rules and robust real-time behavioral predictive analytics.  In the mean time:

May 11, 2016 

In testimony before Congress today, the Federal Trade Commission outlined its work over the past 40 years to protect consumers’ privacy at a hearing convened to examine privacy rules proposed by the Federal Communications Commission.

Chairwoman Edith Ramirez and Commissioner Maureen Ohlhausen testified on behalf of the Commission. The testimony before the Senate Judiciary Committee’s Subcommittee on Privacy, Technology and the Law provided background on FTC law enforcement efforts, policy work and consumer and business education programs related to protecting consumers’ privacy.

The testimony highlighted the FTC’s extensive history of privacy-related work. The testimony noted that the agency has brought more than 500 privacy-related enforcement cases in its history against online and offline companies of varying sizes, including companies across the internet ecosystem. In addition, the testimony highlighted a number of recent cases of note.

The testimony also provided information on the FTC’s policy work in the privacy area, going back to its first internet privacy workshop in 1996. The testimony noted that recent policy work has been based on principles featured in the FTC’s 2012 privacy report, and also highlighted workshops and reports related to the Internet of Things, big data, and other issues, including cross-device tracking.

The testimony also described the FTC’s extensive consumer and business education efforts related to privacy, including the FTC’s Start With Security campaign for businesses, and the newly-updated IdentityTheft.gov.

Predictive Intelligence: Data or Precogs...

The use of the term "Predictive Intelligence" has been around for a few years in the Operational Risk Management (ORM) community.  Born from the marketing collateral of the Business Intel (BI) vendors, it essentially requires hundreds of gigabytes or even terabytes of historical data and then is analyzed or data mined for so called insight.  The question is, why is this "Predictive Intelligence" and not just more "Information" in a different context?

Now introduce the nexus of our own "Trust Decisions" and the "Human Factors" associated with the science of cognitive decision making.  How do we as humans make our decisions to trust vs. how computers make their decisions to trust?  Are they not executing rules written by humans?  When is it information in a different format as opposed to true intelligence?

Christian Bonilla may be on to something here:

"Professionals in the foreign intelligence community take pains to distinguish between information and bona fide intelligence. Any piece of knowledge, no matter how trivial or irrelevant, is information. Intelligence, by contrast, is the subset of information valued for its relevance rather than simply its level of detail. That distinction is often lost in sector of the enterprise technology industry that is somewhat loosely referred to as Business Intelligence, or BI. This has become a bit of a catchall term for many different software applications and platforms that have widely different intended uses. I would argue that many BI tools that aggregate and organize a company’s information, such as transaction history or customer lists, more often provide information than intelligence. The lexicon is what it is, but calling something “intelligence” does not give it any more value. In order to sustainably outperform the competition, a company needs more than a meticulously organized and well-structured view of its history. Decision makers at all levels need a boost when making decisions amidst uncertainty and where many variables are exerting influence. They need what I would call predictive intelligence, or PI – the ability to narrow down the relevant variables for analysis and accurately measure their impact on the probability of a range of outcomes."

What does the fusion of human factors have to do with predictive intelligence?  That depends on how much you value the kind of innuendo and messages in the Tom Cruise movie, Minority Report.  Many aspects of the original Philip K. Dick story were adapted in its transition to film that was filmed in Washington, DC and Northern Virginia.  Is it possible to predict someone's future behavior even before they commit a crime or even become violent?

Set in the year 2054, where "Precrime", a specialized police department, apprehends criminals based on foreknowledge provided by three psychics called "precogs".

Cruise plays the role of John Anderton who is part of the experimental police force known as "Precrime."  These aspects of clairvoyance and precognition has many skeptics and their use for predicting future events or a related term, presentiment, refers to information about future events which is said to be perceived as emotions.

Regardless of terms, beliefs or whether the software analytics are using historical data, the science of "Predictive Intelligence" is about forecasting the future.  Based upon the recent global events that missed the forecast of economic implosion based upon historical data, maybe it's time to start introducing more human factors to the equation.

The interviews with people who have gone on record to predict a future historical event will probably be right at some point in time. How long will you be around to wait?  The demise of the banking sector and the extinction of Lehman Brothers, Bear Stearns and maybe even AIG were most likely predicted by someone, somewhere in 2007/2008 time frame.  The point is that you have to have context and relevance to the problem being solved or the question being asked.

The real story of the crash began in bizarre feeder markets where the sun doesn't shine and the SEC doesn't dare, or bother, to tread: the bond and real estate derivative markets where geeks invent impenetrable securities to profit from the misery of lower--and middle--class Americans who can't pay their debts. The smart people who understood what was or might be happening were paralyzed by hope and fear; in any case, they weren't talking.

Predictive analytics extracts relevant information from data and attempts to forecast the future. It relies on capturing relationships between explanatory variables and the predicted variables from past occurrences, and exploiting it to predict future outcomes.  Is it possible that there was and is too much reliance on the numbers and not enough on people's cognitive intuition?

This blog has documented the "11 Elements of Prediction" in the past.  Now it's time to utilize the combination of these human factors in close collaboration with the data analytics and raw numbers. Effective execution of both will provide corporate management the situational awareness they seek within the time line they wish.

The future state of Predictive Intelligence will combine the science of "Trust Decisions" with the art of "Data Analytics" to achieve our desired outcomes.