INNER SANCTUM VECTORN360™© by professionalglobaloutreach.com

Summer 2022

INNER SANCTUM

VECTOR

N360 1

©™

“It’s the responsibility of a Technology Publication to share new ideas and challenge the status quo.

And when a Publication fails to include different experiences, beliefs, and ideas, they miss out on a true perspective of our Global Environment.”

Linda Restrepo Editor/Publisher

METAVERSE ARTIFICIAL INTELLIGENCE

UKRAINE GLOBAL CRISIS BIOAGENTS

BLOCKCHAIN Linda Restrepo

ROBOTS

Editor/Publisher

151

METRICS LAND WARFARE DIGITAL BLOOD

131

115 TIKTOK

MEANINGLESS

171

182 BRAINWAVE

197

Editor/Publisher

Linda Restrepo

“

Lately, I’ve found myself asking should I really be concerned?

The

According to Bloomberg, Chinese-controlled “ByteDance/TikTok, led by Zhang Yiming, virtual and physical worlds are becoming is becoming a viable rival to the increasingly interconnected, and indistinguishable dominant American online from one another. The idea of the Metaverse has behemoths, Facebook Inc.and emerged describing this convergence. Alphabet Inc..” Last year, TikTok’s net profit was approximately The Metaverse is a stage of existence that $3 billion and the company allows us to live and exist simultaneously in two estimates that it has about 80 one physical and another virtual. The worlds, million monthly active users in Metaverse is not parallel with the physical world, the United States, 60% continuing of the process of annihilation of time whom are female and 80% and space. Individuals can be in one place fall between the ages ofphysically and in a different place virtually. 16 and 34. Yet their personalities will not be split, but instead, Of particular concern is they that will 60%act of and interact with both environments. TikTok users are Gen Z, which is the largest generational cohort in American history and will include 74 million people next year.

As a champion of free markets,I would normally be among the first to in applaud an "Snow Crash", Neal 1992, his novel upstart bringing a competitive “A” game to Stephenson imagined the Metaverse as a vast challenge dominant incumbent players no matter and populated virtual world that operates not as where they are based. But we have learned from a game environment but as a system of digital experience that homegrown social networking culture, without limits imposed. Since then, companies like Facebook/Instagram, Google, and Twitter technological advancement has allowed the exert dominant and controversial influence in U.S. public implementation in real life of different policy debates – what sort of foreign virtual worlds.influence should we expect TikTok to exert on this year’s election.

“

Lately, I’ve found myself asking should I really be concerned?

Among

According to Bloomberg, Chinese-controlled “ByteDance/TikTok, led by Zhang Yiming, is becoming a viable rival to the the broader definitions developed, attractive is dominant American online the description by John Smart, CEO of Foresight behemoths, Facebook Inc.and Company. In his vision, the Metaverse is a Alphabet Inc..” Last year, TikTok’s perpetual and endless multi-user environment net profit was approximately resulting from the convergence of (virtually $3 billion and the company augmented) physical reality and (physically estimates that it has about 80 persistent). million monthly active users in the United States, 60% of whom are female and 80% fall between the ages of 16 and 34.

Prior

Of particular concern is that 60% of iterations of it already exist, such as SimCity, TikTok users are Gen Z, which is the Fortnite, and Cryptovoxels, where technology and largest generational cohort in American culture intersect to create a virtual world where history and will include 74 million people the physical user (transposed virtually via an next year. avatar) can express themselves freely. The COVID-19 pandemic increased dramatically As a champion of free markets,I would discussions about the Metaverse due to the normally be among the first to applaud an dependence on virtual spaces. A standard upstart bringing a competitive “A” game to version of the Metaverse does not yet exist, challenge dominant incumbent players no matter because, by its nature, it is not representable by where they are based. But we have learned from a single entity, many different iterations of the experience that homegrown social networking Metaverse where virtualization, tools, and 3D companies like Facebook/Instagram, Google, and Twitter web objects are embedded in the physical exert dominant and controversial influence in U.S. public environment. policy debates – what sort of foreign influence should we expect TikTok to exert on this year’s election.

“

We can

The virtuality, mixing physical and digital that characterizes the Metaverse, is based on the convergence of Internet and Extended Reality (XR) technologies. According to Milgram's Reality-Virtuality Continuum, XR integrates the digital and physical in varying degrees, ranging from augmented reality (AR) through mixed reality (MR) and ending in virtual reality (VR).

Lately, I’ve found myself asking shoulddistinguish I really be concerned?

three levels.

According to Bloomberg, Chinese-controlled “ByteDance/TikTok, led by Zhang Yiming, The lowestaincludes thetoMetaverse as a is becoming viable rival the single space with online objects, data, and dominant American contents, Facebook dependentInc.and on the tools and behemoths, platforms onLast which it isTikTok’s built. As devices AR, the user is in a real environment Alphabet Inc..” year, more ubiquitous thanks to the netbecome profit was approximately enriched by virtual data, but reality of Things (IoT), many instances $3Internet billion and the company keeps the dominant role over the of the Metaverse estimates that it hasproliferate about 80 as websites additional virtual data. In MR, the user and blogging platforms. million monthly active usersThey in should be moves through an environment where into Multiverses, real and virtual data coexist. In VR, real thegrouped United States, 60% of i.e., categories of Metaverse whom are femalewith andsimilar 80% classification data is completely replaced by virtual type (e.g., Industry 4.0 Metaverse, fallorbetween thethe ages of data. If AR aims to enrich reality with Multiverse, 16the andentertainment-based 34. helpful information to perform complex and so on). tasks, VR seeks to replace the real world with a simulated one. Of particular concern is that 60% of TikTok users are Gen Z, which is the largest generational cohort in American By 2022, Goldman Sachs has history and will include 74 million people estimated the value the Metaverse next year. could produce to range between $2 and so will result in a common set of $12 trillion. According to the investment and would As standards, a championframeworks, of free markets,I bank, the continued growth of the interoperability groups normally be amongforthe first toofapplaud an digital economy (now about 20%, 25% metaverses will increase upstart bringingthat a competitive “A”the game to of the global economy) could open up sharing dominant of content,incumbent data, and players how users challenge no matterroom for development to the virtual can they access At theBut highest level,learned we where areit.based. we have from economy within and parallel to the will have that the Omniverse, thenetworking set of experience homegrowni.e., social digital economy. Bloomberg had been Multiverses by even more companies likecharacterized Facebook/Instagram, Google, and more Twitter cautious, limiting the size of the general interoperability standards exert dominant and controversial influence in U.S. Metaverse public market to $800 billion by across Multiverses. policy debates – what sort of foreign influence should 2024we and about $2.5 trillion by 2030. expect TikTok to exert on this year’s election.

Doi ng

“

Lately, I’ve found myself asking should I really be concerned? According to Bloomberg, Chinese-controlled “ByteDance/TikTok, led by Zhang Yiming, is becoming a viable rival to the dominant American online behemoths, Facebook Inc.and Alphabet Inc..” Last year, TikTok’s net profit was approximately $3 billion and the company estimates that it has about 80 million monthly active users in the United States, 60% of whom are female and 80% fall between the ages of 16 and 34. Of particular concern is that 60% of TikTok users are Gen Z, which is the largest generational cohort in American history and will include 74 million people next year. As a champion of free markets,I would normally be among the first to applaud an upstart bringing a competitive “A” game to challenge dominant incumbent players no matter where they are based. But we have learned from experience that homegrown social networking companies like Facebook/Instagram, Google, and Twitter exert dominant and controversial influence in U.S. public policy debates – what sort of foreign influence should we expect TikTok to exert on this year’s election.

The

Meta-universe, while not definable

as a new "virtual economy," will be able to contribute to the growth of manufacturing (where 3D environments offer ideal design spaces for rapid prototyping and decentralization of production spaces), logistics, and transportation (with Artificial Intelligence offering virtual platforms for the development and testing of autonomous machine behaviors, to be transposed into the physical world) sectors.

W hile

the Metaverse is a digital

mirror of the physical world, the foundation upon which the Metaverse is built is the Digital Twin. According to IBM, “a digital twin is a virtual model designed to accurately reflect a physical object. Although simulations and digital twins both utilize digital models to replicate a system’s various processes, while a simulation typically studies one particular process, a digital twin can itself run any number of useful simulations to study multiple processes.” Dragging and dropping a digital twin into the Metaverse allows us to fully recreate the physical object with live data and insert it into the rest of the rendered world (i.e., based on very realistic artificial images from computer-processed 3D models).

Thi s

means it will behave exactly as it

does in the real world. An example could be Google Street View, viewed through a pair of AR glasses, updated live, and accessible from anywhere. To better understand the sustainable direction of the Metaverse, it is appropriate to dwell on the so-called “ubiquitous computing” or Internet of Things (IoT).

Through

sensors and

intelligent devices, the IoT allows the physical and virtual to interact with each other. In the broader spectrum identified by the Fourth Industrial Revolution (4IR), IoT technology is associated with new advanced areas such as Big Data, Machine Learning, and Artificial Intelligence, resulting in growth in capability, complexity, and scope. Additionally, several advanced enabling capabilities, such as 5G and edge computing, will likely expand XR applications by improving data rates user capability and reducing latency, improvements that could support large-scale networked applications.

The

C oncerns

among industry about the The meta-universe, whileinsiders not definable as aMetaverse's new total capacity if commercial interests "virtual economy," will to besucceed able to contribute to the are placed above(where creative3Dones during its growth of manufacturing development. Twitter founder Jack environments offer ideal design spaces for Dorsey rapid and SpaceX Tesla CEO Elon Musk have prototyping and and decentralization of production expressed their doubts about (with theInMetaverse, AR, the user is in a real spaces), The logistics, virtuality,and mixing transportation physical warning venture capital funds’ role environment enriched by virtual and digitalabout thatoffering characterizes Artificial Intelligence virtual platforms for in this regard. Large institutions could thebut reality keeps the data, the Metaverse, basedofon the use the development and is testing autonomous Metaverse, corporations, governments to over the dominant role convergence andand into machine behaviors,of toInternet be transposed the "regulate" social, political, and economic additional virtual data. In MR, physical Extended world) sectors. Reality (XR) inequalities According in already to partially democratic the user moves through an technologies. societiesReality-Virtuality and to reduce the level environment of democracywhere real and Milgram's where it exists by concentrating power narrow virtualindata coexist. In VR, real Continuum, XR integrates the governance groups. data is completely replaced by digital and physical in varying virtual data. degrees, ranging from augmented reality (AR) through mixed reality (MR) and ending in virtual reality (VR).

In AR, the user is in a real environment enriched by virtual data, but reality keeps the dominant role over the additional virtual data. In MR, the Doing so will result in a commonwhere set ofreal user moves through an environment standards, frameworks, and issuance of cryptocurrencies by and Authorizing virtual datathe coexist. In VR, real data is interoperability for groups of Google, tech giants, suchby asvirtual Facebook, andto completely replaced data. If AR aims metaverses that will increase Apple, would giving themthe a prevailing enrich reality withmean helpful information to performvoice of VR content, data, and how insharing thetasks, international arena, allowing complex seeksfinancial to replace the real worldfor a canshift access it. tbalance the highest level, between in the of power withsignificant ausers simulated one. we will the Omniverse, i.e., the them andhave sovereign governments, even given an set ofGoldman Multiverses characterized byarena apparent descent into the estimated electoral By 2022, Sachs has the by even more general interoperability participating in democratic decision-making. value the Metaverse could produce to range standards across Mutiverses. between $2 and $12 trillion. According to the investment bank, the continued growth of the digital economy (now about 20%, 25% of the andopen otherupreasons, global economy)this could room forinadequately development theofvirtual withincan and regulated to use AR/VReconomy technologies have parallel to the digital economy. Bloomberg had severe implications for international security. been more cautious, limiting the size of the Metaverse market to $800 billionadvantage by 2024 and Adversarial actors can take of the about $2.5 trillion by 2030. of these technologies. reality-altering capabilities Specifically, concerns arise from digital The replication meta-universe, while not definable as a newi.e., capabilities (such as deepfakes, "virtual economy," willorbevideos able tofeaturing contribute to the doctored images people growth of manufacturing (where 3Doccurred in reality) performing actions that never environments offer idealand design spaces for rapid and the embedding linking of virtual prototyping and decentralization of production environments to physical systems and networks. In structures AR, the user is in a real spaces), Thelogistics, virtuality, and mixing transportation physical about (with Hacks could extract information environment enriched by virtual and digital that characterizes Artificial Intelligence offering virtual platforms for and systems as virtual environments use data data, but reality keeps the the digital Metaverse, the the development and is testing ofon autonomous from twins ofbased machinery and buildings. role over the convergence and intodominant machine behaviors,oftoInternet be transposed the additional virtual data. In MR, physical Extended world) sectors. Reality (XR) the user moves through an technologies. According to environment where real and Milgram's Reality-Virtuality virtual data coexist. In VR, real Continuum, XR integrates the data is completely replaced by digital and physical in varying virtual data. degrees, ranging from augmented reality (AR) through mixed reality (MR) and ending in virtual reality (VR).

For

Cyberattacks on system operation deteriorate the system’s integrity. Since the virtual permanently stores Doing universe so will result in a common set of information online, the overall cost of the standards, frameworks, and damage would be more significant interoperability for groups of than in a current digital ecosystem. Damage metaverses that will increase theto information systems sharing storage of content, data, would and how severely the virtual usersdiminish can access it. t the highest level, environment's overall value, causing we will have the Omniverse, i.e., the substantial economic losses. set of Multiverses characterized by even more general interoperability standards across Mutiverses.

The

highly immersive

The

current DoD Joint

Publication (JP) 3-13/2014 ("Information Operations") definition of cyberspace consists of the interdependent networks of resident computing infrastructure and data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. While this definition is appropriate for purely virtual worlds, it is unclear how to consider when virtual and physical domains become indistinguishable from one another, like in the Metaverse.

experience of the Metaverse could also reverberate negatively on social behaviors. Virtual perceptions could "disconnect" users from the real world, creating life behavioral anomalies. Joint Publication 3-0/2018 People's bodies will overreact to events in ("Joint Operations") brings the concept of virtual reality, for example with heartbeats speeding up in stressful situations. This "domain" closer to the notion of "Operational Environment," stating that an same realism could also mean that OE may include some or all domains harassment in the Metaverse will be more depending on where the commander visceral, intense, and damaging; In AR, needs the user is in a real The virtuality, mixing to operate, very close to the misinformation more vivid physical and by virtualOperation. and digital that characterizes compelling; everyday experiences more environment conceptenriched of Multi-Domain data, but reality keeps thethe term "domain" in the Metaverse, is based on the NATO doctrine uses fascinating and engaging. dominant role over the way. NATO's convergence of Internet and an entirely different additional virtual data.Operations In MR, (XR) Comprehensive Planning A keyExtended question Reality concerns the moves(COPD) throughuses an the term domain technologies. to as a newthe user Directive consideration of theAccording Metaverse where real and economic, social, Milgram's Reality-Virtuality domain of warfare. The doctrine definingenvironment about political, military, data coexist. Inand VR,information real Continuum, XR integrates the systems. the realm of cyberspace is insufficient tovirtualinfrastructure, completely replaced and physical varying doctrine looks atbydomains as makedigital it clear how much, in and especially data in isNATO virtualdimensions data. ranging from might of an OE, thus land, air, what degrees, terms, the Metaverse augmented through space, and maritime. constitute a new reality military(AR) battleground. mixed reality (MR) and ending in virtual reality (VR).

DoD

Doing so will result in a common set of standards, frameworks, and interoperability for groups of metaverses that will increase the sharing of content, data, and how users can access it. t the highest level, we will have the Omniverse, i.e., the set of Multiverses characterized by even more general interoperability standards across Mutiverses.

In AR, the user is in a real environment enriched by virtual data, but reality keeps the dominant role over the additional virtual data. In MR, the user moves through an environment where real and virtual data coexist. In VR, real data is completely replaced by virtual data.

The

Doing so will result in a common set of pursuit of the Multi-Domain standards, frameworks, and interoperability for groups of concept and the search for a definition of metaverses that will increase the the Metaverse as a new domain needs sharing of content,ofdata, and how first an understanding its constituent users and can second access it. the highest elements, to tcouple the level, we will have theMetaverse Omniverse, i.e., the development of the with set of Multiverses appropriate regulation. characterized A global digitalby more general interoperability planeeven of existence may prove to be a standards across Mutiverses. dangerous prospect for nation-states, indeed. Competition at the heart of these new virtual universes will radically change politics in a "new digital world order" that will require a paradigm shift in cooperation and conflict.

“

St a t es

should enter the

competition now by helping to design the architecture of the future Metaverse public good, preventing it from becoming plagued by digital evils such as The virtuality, physical misinformation andmixing hate. The problem isIn AR, the user is in a real environment enriched by virtual and digital that characterizes the lack of technological capabilities that data, but reality keeps the the Metaverse, is based on the many policymakers demonstrate and the dominant role over the convergence of Internet and consequent tendency to regulatory Extendedbased Reality obscurantism on(XR) the use of laws additional virtual data. In MR, According to aimedtechnologies. more at curbing than ensuring thethe user moves through an environment where real and Milgram's Reality-Virtuality orderly development of technology. The virtual data coexist. In VR, real Continuum, XR integrates the need for technologically enlightened digital physical in varying leaders and and pluralistic access to these data is completely replaced by virtual data. degrees,will ranging from technologies be of paramount augmented reality (AR)responsible through importance to ensure their mixed reality (MR) and ending in and sustainable global development. virtual reality (VR).

“

Further Readings:

Bazin, Aaron. 2022. "The Metaverse: A New Domain of Warfare? " Small Wars Journal. March. Available at https://smallwarsjournal.com/jrnl/art/metaversenew-domain-warfare. Digdipblog.com. 2021. The Metaverse and its impact on International Relations: A Summary. https://digdipblog.com/2021/11/20/the-metaverse-and-itsimpact-on-international-relations-a-summary/. Donnelly, Jared, and Jon Farley. 2019. Defining the 'Domain' in Multi-Domain. Joint Air & Space Power Conference 2019 "Shaping NATO for Multi-Domain Operations of the Future.” Goldman Sachs. 2021. Framing the Future of Web 3.0. Equity Research, December. Mystakidis, Stylianos. 2022. "Metaverse. " Encyclopedia 2: 486-497.

In AR, the user is in a real The virtuality, mixing physical environment enriched by virtual and digital that characterizes Vanorio, Fabio. 2022. Metaverse: Implications for Security and Intelligence. NATO Defense College Foundation Paper.data, February. Available at but reality keeps the the Metaverse, is based on the https://www.natofoundation.org/wp-content/uploads/2022/02/NDCF-Paperdominant role over the convergence of Internet and Vanorio-110222.pdf. additional virtual data. In MR, Extended Reality (XR) the user moves through an technologies. According to and National Vanorio, Fabio. 2021. Metaverse Security. Internet 3.0 and the environment where real and Milgram's Reality-Virtuality New Digital World Order. Observatory on Infoware and Emerging Technologies. virtual data coexist. VR, realat Continuum, the "Niccolò Italian InstituteXR for integrates Strategic Studies Machiavelli,” Rome.InAvailable https://www.strategicstudies.it/wp-content/uploads/2021/12/Edizionidata is completely replaced by digital and physical in varying Machiavelli-Metaverso-e-Sicurezza-Nazionale.pdf. virtual data. degrees, ranging from augmented reality (AR) through mixed reality (MR) and ending in virtual reality (VR).

“

The need for technologically enlightened leaders and pluralistic access to these technologies will be of paramount importance to ensure their responsible and sustainable global development.”

Ministerial Counselor at Ministero degli Affari Esteri e della Cooperazione Internazionale. High-level expert in planning, execution, and monitoring of Governmental and Academic programs in Economics, Intelligence, National Security and Technology. Focused on the relationship among Artificial Intelligence, Hyper-war, and Global Affairs. GLOBAL AFFAIRS ADVISER Government Official with extensive knowledge in scenario planning through structured analytic techniques. INTELLIGENCE ANALYST

Change

is all around us.

Today, it is perhaps unparalleled in terms of the scope, scale and rapidity it has taken in many areas. Change is and has remained a fundamental characteristic of the conduct of land warfare in recent times. The advent of information technologies in the late 20th century has certainly blurred the lines of distinction between the strategic, operational and tactical levels of Land Warfare.

has also truncated the amount of

time taken to reconnoiter, gain situational awareness, assess, pass orders and execute even the most complex of tasks. As information continues to pervade our environments in all of its varied dimensions, the question of constancy and relevancy of ground capabilities in the land domain of warfare has been raised.

W hile

many aspects of

land warfare are changing, some things remain constant. The following discussion is an attempt to highlight what we consider to be the three enduring elements of land warfare and then to explain how various aspects of the conduct of land warfare are changing within these elements.

From

our perspective, and

arguably, the three primary elements of land warfare are the Algebraic, the Cognitive and the Moral. We will attempt to provide a more comprehensive discussion of these three elements in recent times and then address the impact of the information age on these particular areas.

While

many

aspects of land warfare are changing, some things remain constant. The following discussion is an attempt to highlight what we consider to be the three enduring elements of land warfare and then to explain how various aspects of the conduct of land warfare are changing within these elements.

From

our

perspective, and arguably, the three primary elements of land warfare are the Algebraic, the Cognitive and the Moral. We will attempt to provide a more comprehensive discussion of these three elements in recent times and then address the impact of the information age on these particular areas.

While

many

From

our

While

many

From

our

While

many

From

our

The While

Algebraic or scientific, the

Cognitive or psychological and the Moral many or emotional these are the driving aspects land warfare inchanging, the aspects of of land warfare are information age. Inconstant. the Algebraic some things remain The realm, mathematical calculations, such to as following discussion is an attempt those used military road highlight whatinwe consider to marches, be the artillery, engineering, communications three enduring elements of land warfare and logistical factors, a great and then to explain howare various aspects strength of a conventional, wellof the conduct of land warfare are resourced military. the information age changing within theseInelements. they are enhanced by information technology (IT), such as Global Positioning Systems, computers and the software that automates them. our The Cognitive realm relates to the perspective, arguably,involving the three labyrinth ofand knowledge primary elements of land warfare are the individual and social psychology, Algebraic, the Cognitive and the Moral. motivation, leadership and psychological We will attempt to provide a more operations, which are at constant play comprehensive discussion of these three during land combat. Finally, there is the elements in recent times and then Moral, emotional and visceral element, address the impact of the information how a Soldier feels or reacts to combat age on these particular areas. while in military units or while having his or her mettle tested.

From

Tha t While

From

Could

element also includes many the presence and influence of leaders in aspects of land warfare are changing, battle and in the important preparations some things remain constant. for war. Assuming that theseThe are the following discussion attempt totaking enduring elements isofan warfare, but highlight whattowe consider to be the some time define and discuss them three enduring elements of land warfare further, are there significant changes in and then to explain how various aspects today’s information age that aﬀect these ofthree the conduct of land warfare are mass elements, especially where changing within these communications andelements. other information capabilities Strategy . . . and tactics . . . seemed only points of view from which to ponder the elements of war, the Algebraical element of things, a our Biological element of lives, and the Psychological of the ideas. T. E. perspective, andelement arguably, three Lawrence, SevenofPillars of Wisdom: A primary elements land warfare are the Triumph12 generate wide variety Algebraic, thecan Cognitive andathe Moral. ofwill activities and We attempt to consequences? provide a more comprehensive discussion of these three elements in recent times and then address the impact of the information age on these particular areas. so, what are the implications or

it possible that information itself

has come to dominate land warfare to the exclusion of other factors? Could it be that information is merely the fabric of the tapestry or the soil for the seed? Or could information be one of the imperatives of its age, the missing factor in unifying and describing the nature of land warfare?

information be, in

fact, a principle of war in this new age? If so, what are the new rules or guidelines that emanate from such an insight? Does decentralization become more important than centralization? Is sharing information the key to success in land warfare?

insights to be gleaned from such a review?

By Robert M. Toguchi and Richard J. Rinaldo 33

it possible that information

itself has come to dominate land warfare to the exclusion of other factors? Could it be that information is merely the fabric of the tapestry or the soil for the seed? Or could information be one of the imperatives of its age, the missing factor in unifying and describing the nature of land warfare?

Could information be, in fact, a principle of war in this new age? If so, what are the new rules or guidelines that emanate from such an insight? Does decentralization become more important than centralization? Is sharing information the key to success in land warfare?

COL Robert M. Toguchi, Ph.D., U.S. Army retired, is a senior concept developer at ARCIC. He previously served as chief, Strategic Plans, J-5 Directorate, and Deputy Director, J-8 Directorate, U.S. Pacific Command. He also has served as a war plans officer in the War Plans Division, Army G-3, Department of the Army Staff. Responsible for concept development for all assigned U.S. Army Special Operations Command capability areas. Extremely knowledgeable of advanced military technologies in multiple sectors.

These concepts illustrate how current and future Army Special Operations Forces (ARSOF) will operate; describe the capabilities required to carry out the continuum of operations across the spectrum of conflict and operational themes against adversaries in the expected joint operational environment; and demonstrate how a commander, using military art and science, might employ these capabilities to achieve desired effects and objectives. Supports USASOC priorities by focusing on developing concepts and supporting Capabilities-Based Assessments (CBAs) across the areas of responsibility, with a general focus on conceptual work looking out beyond the Total Army Analysis (TAA) years.

Contemporary society is strongly characterized but also conditioned by the use of artificial intelligence. Furthermore, Big Data is alsoDigital used innovation challenges way we live. by companies to createthe increasingly The changes taking place create advanced algorithms, to innovate convenience and ways ofand solving computer programming to resell problems that werecase, never possible them. In the latter there is a before, but along with the positive risk of improper or unclear use of the aspects, there are also problems that data by the buyers. must be overcome. Why artificial intelligence can be Artificial intelligence generally means: the dangerous ability of a machine to display human capabilities such as reasoning, Artificial intelligence with which learning, to planning and creativity. With the design robots or any other electronic introduction of machines intomaking the device capable of acting and workplaceautonomously during the industrial decisions can be revolution and the phenomenon of globalization, a dangerous if its algorithms are not relationship between the individual programmed in an ethical way that and technology been generated respects thehas fundamental rights that of is destinedbeings. to lastIfover human it is time. implemented on the basis of elements that may increase discrimination and social injustice, if it is not supervised and regulated in its design, evolution, fields of application of development and application, and if it does not respect the of artificial intelligence arelaws manifold. robotics, according to which a robot In science: in the fields of neuroscience, can never cause harm to human biology, etc., considerable achievements beings, not even to defend have been made thanks to itself. the contribution of biotechnological mechanisms. We need only think of diagnostic technologies for human beings, medically assisted procreation techniques, Big Data analysis, data mining and predictive systems in industry.

The

Furthermore, Big Data is also used by companies to create increasingly advanced algorithms, to innovate computer programming and to resell them. In the latter case, there is a risk of improper or unclear use of the data by the buyers. Why artificial intelligence can be dangerous Artificial intelligence with which to design robots or any other electronic device capable of acting and making decisions autonomously can be dangerous if its algorithms are not programmed in an ethical way that respects the fundamental rights of human beings. If it is implemented on the basis of elements that may increase discrimination and social injustice, if it is not supervised and regulated in its design, evolution, development and application, and if it does not respect the laws of robotics, according to which a robot can never cause harm to human beings, not even to defend itself.

the justice sector: the

creation of a 'judge-machine' would lead to the speeding up of justice. The debate on this issue remains open. However, the human element remains a fundamental part of legal interpretation. One very important aspect is ethics, where companies must not only compete but also agree on ethical issues, analyzing current and future responsibilities in order to maintain the trust and security of customers and citizens. In this respect, it is important to consider the risk of letting machines with artificial intelligence decide the best solutions to the most delicate human problems. For example, artificial intelligence systems could choose who to insure, who to make work or who to lend money to on the basis of data derived from biased statistics, thus increasing social injustice.

“

On the contrary, the real purpose for which artificial intelligence was invented is to help people and not to harm them”.

There

are now

numerous fields of application of artificial intelligence with which we can interact on a daily basis; for example, using social networks, where algorithms based on artificial intelligence decide which posts we can view, or using the voice assistant on mobile devices or chatbots, software capable of conversing with users via chat. In law firms, artificial intelligence is already speeding up and making more efficient the work of lawyers in repetitive tasks. With regard to the application of artificial intelligence, it is important to emphasize that automatisms must be programmed in such a way as to respect ethics based on the moral principles of loyalty and integrity, always taking into account incontestable human rights and the protection and dignity of workers.

Thes e

ethical rules

will be of considerable importance in every sector, but especially in the judicial, health and military spheres, where a lack of respect for people's rights may jeopardize their freedom, health or life.

According to scientists, an electronic computer should be considered an intelligent agent if it behaves like a human being and is aware of its reasoning and actions like a person, in particular thanks to its sensors and actuators that enable it to perceive and interact with the environment. It is therefore, important to anticipate and regulate what will happen in the future, but also to stimulate debate among politicians, entrepreneurs, intellectuals and citizens who are still partly unaware of the advantages and disadvantages of artificial intelligence.

this respect, researchers are

very concerned about the development of artificial intelligence in the military field where it could be used to produce killer robots, combat drones, remotely controlled submarines, insects equipped with video cameras for spying and powerful autonomous weapons. The danger of these automatic devices is obvious, mainly for the maintenance of peace between States and the defense of human safety.

The danger that such systems could be cyber-attacked by malicious persons should also be considered.

terms of current use, artificial

intelligence is already being exploited by data analytics platforms to analyze so-called Big Data. This is heterogeneous data coming from any kind of company, entity, social media or user and then analyzed to predict the behavior, health and propensities of people using a service or product. Furthermore, Big Data is also used by companies to create increasingly advanced algorithms, to innovate computer programming and to resell them. In the latter case, there is a risk of improper or unclear use of the data by the buyers.

Why artificial intelligence can be dangerous? Artificial intelligence with which to design robots or any other electronic device capable of acting and making decisions autonomously can be dangerous if its algorithms are not programmed in an ethical way that respects the fundamental rights of human beings.

If it is implemented on the basis of elements that may increase discrimination and social injustice, if it is not supervised and regulated in its design, evolution, development and application, and if it does not respect the laws of robotics, according to which a robot can never cause harm to human beings, not even to defend itself.

Ta k i ng

into account

the importance of artificial intelligence, the European Commission for the Efficiency of Justice, on 4 December 2018, issued "the European Ethical Charter on the Use of Artificial Intelligence." This is a very important document, as it is the first time that at European level, having taken note of the growing importance of artificial intelligence in our societies and the expected benefits, some fundamental guidelines are identified, to which "public and private entities responsible for the design and development of AI tools and services" will have to adhere. The Superior Court of Justice of Buenos Aires, through the use of software, solved more than a thousand cases in seven days, compared to the eighty-three days it previously took.

Contemporary society is strongly characterised but also conditioned The issue of judicial efficiency brings the by the use of artificial intelligence. issue of predictive justice, i.e. the ability to Digital innovation challenges the way calculate the probability of a judicial we live. The outcome on changes the basistaking of an place algorithm, create convenience waysbased, of either statistically orand logically to the solving problems that were never forefront. possible before, but along with the positive aspects, are also More simply put, there predictive justice systems problems thattomust be overcome. are intended be used by law offices, insurers and lawyers in order to anticipate the outcome of a dispute. Theoretically they could also help judges to make decisions. They provide a graphical representation of the probability of success of each outcome of a dispute based on criteria introduced by the user. Such systems are able to calculate the likely amount of compensation awarded by the courts. In particular, it is in the field of criminal law that artificial intelligence is being developed, but only under two conditions: Artificial intelligence generally means: theare ability of a machine to artificial Operators qualified to use the display human capabilities such as intelligence system; reasoning, learning, planning and creativity. With the introduction of control, Every decision is subject to human machines the workplace during then to theinto control of the judge. the industrial revolution and the phenomenon of globalisation, These conditions tend to avoida what the relationship between theasindividual Ethical Charter defines a "deterministic and technology has been generated approach", i.e. the risk of an excessive that is destined to last over time. automatism of decisions.

The fields of application of artificial intelligence are manifold.

Depending on the data fed into the software, there are three different ways in which machine learning technology can facilitate the work of legal practitioners and, consequently, make justice more efficient:

Contemporary society is strongly characterised but also conditioned by the use of artificial intelligence. Digital innovation challenges the way we live. The changes taking place create convenience and ways of solving problems that were never possible before, but along with the positive aspects, there are also problems that must be overcome.

The fields of application of artificial 1. Analysis of documents and preparation of documents; intelligence are manifold.

2. Prediction of the outcome of a case; 3.

Formulation of judgements, albeit under human control. A second way in which artificial intelligence can be applied to justice is the "predictive" one, consisting in the capacity to elaborate forecasts through a probabilistic calculation carried out by algorithms operating on a statistical or logical basis. This capacity, depending on the type of data introduced into the computer, can be used for different purposes:

Artificial intelligence generally means: the ability of a machine to display human capabilities such as reasoning, learning, planning and creativity. With the introduction of machines into the workplace during the industrial revolution and the phenomenon of globalisation, a relationship between the individual and technology has been generated that is destined to last over time.

First and foremost, as a crime prevention tool. By entering into a computer a series of data extrapolated from reports submitted to the police (for example, relating to thefts that have occurred in the same areas and with similar modalities), the system is able to predict the places and times when other crimes of the same type are likely to be committed.

Secondly, as a tool to support the jurist in the interpretation of the law and the identification of arguments in favor of the thesis to be supported. The issue of foreseeability of decisions has long been the subject of a lively doctrinal debate. In particular, the fact that it is possible to foresee the decisional orientation of a judge has been considered, in some respects, positive insofar as it can serve to improve the level of efficiency of justice but, in others, negative because of the risk of being reduced to an automated management of standardized statements. The 2018 European Ethical Charter, as previously mentioned, allows for the use, under human control, of artificial intelligence in criminal justice activities. This means that a computer can be entrusted with the solution of specific questions that determine the basis of the judgeʼs final decision. But the idea that the outcome of a trial may, even partly, depend on a "machine" is undoubtedly disturbing. Artificial intelligence and geopolitics of the mind. Over the last twenty years, the cyber space has progressively expanded, which is defined as asymmetrical space, where territorially small states can actually be major powers, such as South Korea or Israel.

It is a short step from cyberspace to the "sixth domain", that of the mind, because in 2030 technically all the citizens of the world will be connected to the Internet. Therefore, if everyone is connected to the Net, everyone will be able to be controlled and therefore manipulated and conditioned.

For

this reason, as Prof. Mario

Caligiuri, President of the Italian Intelligence Society, suggests, it may be useful to start outlining a "geopolitics of the mind", understood as the battlefield where the struggle for power takes place, in order to exercise definitive dominion over people and nations, since there can be nothing else beyond control of the mind. Never as in these years of pandemic, and now with the war between Russia and Ukraine, is it clear that alongside the real war there is the war of information, which has great distorting effects. Not only has the dialectic between truth and lies always distinguished the history of mankind, but today everything is changing in a structural way with the advent of artificial intelligence. It is no coincidence that the future of intelligence is that of confronting a clash of intelligences: the human one on one side and the artificial one on the other.

R ay

Kurzweil has predicted

that 2043 will be the year of "singularity", when artificial intelligence will surpass human intelligence. 2043 is the year in which Philip K. Dick set his novel Minority Report, in which crimes are predicted before they are committed. Artificial intelligence could lead to a species leap like the one that marked the transition from Neanderthal man to Homo Sapiens and from this to Symbioticus man, characterized by an inevitable hybridization between man and machine. And if we use artificial intelligence now, in the near future we may well be controlled by it. Already today we live in three overlapping dimensions: physical, virtual and augmented, the latter being the result of the hybridization of man and technology. In this context and in a scenario characterized by the large amount of information, the importance of intelligence is confirmed not only to predict events and social phenomena but above all to interpret events.

Whereas in the past consensus was achieved by force, it is now achieved through persuasion and propaganda, which make it increasingly difficult to distinguish the true from the false.

19 9 7

, the United States

defined the concept of information dominance, according to which 'in tomorrow's conflicts, the one who tells the best story will prevail'. And if the Cold War was above all a war of intelligence, fought through spies and information, disinformation and cultural influence, with globalization and cyberspace the scenario has been profoundly transformed. In fact, manipulation has become capillary and uncontrollable, being used not so much for political purposes as for economic ones, with states becoming financial entities and multinationals heavily conditioning democratic governments.

First

of all, it must be

understood that disinformation is now the most significant characteristic of our times. It is necessary, therefore, to identify relevant information, that which brings us closer to an ever more complex understanding of reality. Therefore, intelligence with the support of artificial intelligence systems is a social necessity, indispensable for citizens, companies and States.

“

would like to end this article with

a thought taken from Giancarlo Elia Valori's book "Artificial Intelligence between Myth and Reality", where he says that one day intelligent robots will replace man in daily tasks and man will be able to return to devote himself to Beauty, to restore Light to a humanity free from fear, pain and darkness.

Artificial Intelligence between Myth and Reality, where he says that “one day intelligent robots will replace man in daily tasks and man will be able to return to devote himself to Beauty, to restore Light to a humanity free from fear, pain and darkness”. -Giancarlo Elia Valori-

By Adolfo Tasinato

Digital Communications specialist Founding member of LIBERCOM, Association for free communication and free press, editor of the Nuovo Giornale Nazionale, italian online newspaper. Libercom website: www.Libercom.it Nuovo Giornale Nazionale website: www.nuovogiornalenazionale.com

The situation in Ukraine has suddenly changed. After the Security Council of the Russian Federation, the State Duma, the Council of the Russian Federation, and the Russian Federal Security Service pushed President Putin to recognize the independence of the Doneck People's Republic and the Lugansk People's Republic, on February 21, 2022, local time, he delivered a national video speech, announcing the recognition of the two places as independent countries and signing relevant Presidential agreements and decrees.

W hat

is Russia's reason for

making this move? Since US President Biden took office, the geopolitical game between the United States and Russia has intensified in Ukraine: why should Ukraine be the pivot of the issue? The Ukrainian crisis is a new round of adjustment in the post-Cold War international situation. Because of its unique geopolitical status, Ukraine is fostering long-term rivalry between major world powers with the so-called “butterfly effect”. From the US perspective, the memory of the Cold War, hostility, and bias against Russia do not want Russia to intervene militarily in Ukraine or ease the crisis there. Ukraine must be used as a pawn to contain Russia.

This contradiction has made the European Union more dependent on the United States for security, thus having the effect of weakening Russia and at the same time Europe as a continent. On the Russian side, its military situation in Ukraine is an act of defense to avoid finding itself with nuclear warheads south of Moscow.

R us s i a

does not

tolerate the EU and US political interference in Ukraine, as it undermines the geopolitical space of the Russian-led “Eurasian Union”. It is a project designed to achieve market and resource integration of the CIS countries, which have reshaped the status of Russia as a regional power, and Ukraine - which has a very strong manufacturing and production base - is the most critical link. The implications of the Ukrainian crisis also concern China. At a time when the United States intervenes everywhere but fails to solve problems - thus causing increasing chaos - China, too, feeling besieged by the United States, needs to devise a constructive strategy to change the existing international order that is unfavorable to it and emerging market countries. Since the beginning of 2014, Ukraine - a country hardly visible at the time - has become the focus of the global debate.

In February 2014, Ukrainians overthrew the legitimately elected President, Viktor Fedorovych Yanukovych, through an unconstitutional uprising. Later, unrest developed quickly and reached a climax. Firstly, with the Russian military forces’ intervention, Crimea declared independence and joined the Russian Federation by a referendum. In Eastern Ukraine, a separatist movement began with the aim of withdrawing from the country (where the Russian minority accounts for 17.3% of the population), leading to the outbreak of civil war. The country got out of control: not only did the Eastern part fall into a state of intermittent wars, but the State lost the ability to control its destiny in the competition between the great powers, and became cannon fodder in their game.

Behi nd

the conflict in

Ukraine, there is not only the relationship between Kiev and the Eastern region, as well as the escalation of the conflict between Russia and Ukraine, but also the dispute between Russia and the United States of America. The Ukrainian civil war has not only resulted from internal divisions caused by the government's policy

of overthrowing the legitimately elected President but has also been a proxy war between Russia and the United States. The United States was the planner of the February 2014 “revolution” and the Ukrainian regime's external supporting force in the civil war, while the referendum in Crimea and the separatist movement in the east had Russian influence behind them. Russia supplied weapons and equipment to the Russian separatists, and the United States and NATO supplied many weapons and war materials to the Ukrainian government forces. Western "mercenaries" were also in the Ukrainian government forces, but not making the same fuss as the European "volunteers" who fought in the ISIS ranks.

The

The United States - which is

training the Ukrainian government’s troops – previously send at least 300 soldiers to Ukraine. The conflict between Russia and the USA in Ukraine has gradually moved from behind the scenes to the frontline. Not long ago, former President Obama admitted that the United States had a political involvement in the regime change in the February 2014 “revolution” in Ukraine.

The Ukrainian issue is the turning point in the long-term conflict between Russia and the US-led West. Behind the crisis, there is the historical entanglement between the United States and Russia in the post-Cold War period.

W ithout

considering

the above, it is hard to gain a deep understanding of the struggles taking place in that country. In the first twelve years after the Soviet Union’s implosion, Russia eagerly and naively wanted to integrate itself into the Western world dominated by the United States. Although Yeltsin's policy of radical Westernization led to an unbearably bleak decade for Russia, Putin did not give up his efforts to forge close ties with the West in his first two terms. During Putin's honeymoon with George W. Bush Jr.’s Administration, Russia strongly supported the United States' counterterrorism strategy and devoted many diplomatic resources to strengthening relations with the West. In a NATO speech, Putin said: “We have nothing to gain from confrontation with the world. Russia is back into the mainstream of civilized nations. It needs nothing but its voice to be heard; everyone’s national interests are respected’’. Nevertheless, a Russia with full selfsustaining diplomatic and military capabilities has always been a US concern. 56

The Russian sphere of influence radiates to the surrounding CIS countries and has gradually become a dominant force. The United States did not tolerate it, although Russia did not challenge the White House’s global power. Nevertheless, the memory of the Cold War in the US strategic construct and the resulting hostility towards Russia made the USA miss the opportunity to incorporate Russia into the Western international system. We have seen the United States ignore its commitment vis-à-vis Russia whereby NATO would not expand eastwards when the Warsaw Pact was dissolved, and gradually the USA eroded the former Soviet Union's leeway and sphere of influence. Eastern Europe and the Baltic States were later included in the EU and NATO. The Bush Administration announced its unilateral withdrawal from the USRussian Treaty on the Limitation of AntiBallistic Missile Systems, and then set up anti-missile and radar monitoring systems covering the entire territory of Russia, from Poland to the Czech Republic, to the detriment of the strategic nuclear balance between the two countries. At the same time, what was even more intolerable for Russia was that the United States was trying to control the CIS countries’ regimes through political infiltration and unconstitutional riots.

In 2003, the USA supported the proWestern Georgian Saakashvili in his rise to power. From 2004 to 2005 it followed suit in Ukraine, supporting Yushchenko's government. Russia, which at the time was regaining its strength, adopted a more patient and moderate attitude, curbing protests and countermeasures against the aforementioned US offensive strategies.

the eyes of Putin’s government

and of most Russians, however, the US behavior completely ignores the Russian security concerns and continues to compress and weaken the Russian strategic space for its survival and development. Before the outbreak of the Ukrainian conflict, the basis of strategic trust in Russia-USA relations had long vanished over the years.

The

Ukrainian crisis has become

the trigger for the quick deterioration of Russia-USA relations, thus turning Russia's defensive tactics towards the United States from a moderate resistance into a stern factual warning, as the United States has challenged the Putin government’s strategic bottom line in two ways.

Firstly, Russia cannot stand idle faced with the political situation in which the West controls its surrounding strategic buffer zone, thus enabling NATO to expand eastward to the CIS countries to threaten the security of its borders, and above all, it does not want to give the United States any opportunity to turn Ukraine into a military beachhead to contain and threaten - with the nuclear weapons on its borders - the Russian State. Although the apparent cause of the February 2014 “revolution” was that Yanukovich was obstructing Ukraine's accession to the EU, NATO and the EU could not simply be mistaken, with the latter acting as a cover for entering the former, which is a military organization. The historical experience of integration of the three Baltic countries (plus Georgia in fieri) into the Western system and Russia's security anxiety over Ukraine's inclusion in NATO are evident because once the Ukrainian government has fully turned to the West and placed itself at the US service, it can no longer be as independent and non-aligned as before. Secondly, from the Putin Administration's viewpoint, Ukraine's inclusion in the EU - by the US will - is intended to undermine the Russian-led “Eurasian Union”.

The “Eurasian Union” is an important commitment of Putin's third term, and hopes to achieve market and resource integration in the Commonwealth of Independent States (CIS), as well as reshape the status of Russia as a regional power. With a population of 45 million people and a good industrial base, Ukraine is the most crucial part of it. The United States and the West see the “Eurasian Union” as an expression of Russia's ambition to geopolitically rebuild the Soviet-Russian empire. The US global hegemony - the so-called “manifest destiny” - cannot accommodate the dream of a regional power that Russia is unwilling to give up. This, too,is a structural contradiction between the United States and Russia. The Western world describes Russia's military involvement in Ukraine as an aggressive expansion, but from Russia's viewpoint, it is a defensive measure: the country must face security threats as another power is about to intrude into its strategic zone. Putin’s government has responded to Western economic sanctions with countermeasures. It has formulated new military guidelines to redefine national security threats.

It has announced the suspension of the implementation of the Conventional Forces Treaty in Europe and has even rejected the deterrence of Russia as a nuclear power. Putin's government and the Russian society seem to be prepared to face or endure long-term Western sanctions. The United States does not want a solution according to a political agreement favorable to Russia. The conflict in Ukraine has turned NATORussia relations from post-Cold War cooperation to a return to it.

the NATO Summit of September

4, 2014, Russia was identified as NATO's “adversary” for the first time since the end of the Cold War. Later Russia revised its military guidelines to list NATO and the United States as the main threats to the country's national security. The Crimea issue and the Ukrainian crisis have further undermined the already fragile strategic mutual trust between Russia and the United States, and this situation is unlikely to change substantially in the short term.

The Ukrainian conflict has also triggered significant changes in Russia-Europe and USA-Europe relations. The United States successfully used the Malaysia Airlines MH17 crash (caused by Russian separatists on July 17, 2014) as an opportunity to force Europe, Japan and Australia to impose severe sanctions on Russia. This shows again that Europe has no ability to change or influence the US decision-making process in the relationship between great powers. Putin has made Europe a top priority of his diplomacy for many years, especially during the Putin-Schröder-Chirac Troika era. He had established a tacit cooperative relationship with Germany and France in international affairs, which - to some extent - limited the unilateral US hegemony.

Thi s

valuable interaction has

continued in personal relations with the current leaders of Germany and France. But after the outbreak of the Ukrainian crisis, the EU - which, as stated earlier, lacks well-defined and legitimately elected political leadership and military autonomy - took NATO as its strategic priority, and chose a servile policy towards Russia in line with the US interests.

The Ukrainian crisis, however, was not enough to shake the fundamental relationship between Russia and real Europe, not the Europe of politicians and institutions. There is no structural political contradiction between Russia and Europe. Quite the reverse. Economic ties are very close. The economic losses caused by Western sanctions against Russia are mainly borne by EU Member States and now most of these countries would not want sanctions.

countries have lost tens of

billions of dollars due to the conflict in Ukraine, which is undoubtedly worse for the European economy that has been stagnating for two years, thus adding to the pandemic problems. The Greek issue and religious extremism are currently the main problems facing Europe. Major European countries such as Germany, France, Italy, and Spain are reluctant to carry the burden of Ukraine to bow to the US “manifest destiny”. Russia has taken advantage of the differences within the EU on the RussiaUkraine issue to try to loosen relations with European countries, differentiating them internally and showing the contradictions between these countries and US wishes.

Through the Ukrainian crisis, the United States has successfully reshaped the former “Soviet Communist beast” with Russia as Europe's “enemy”, strengthening the EU countries’ security dependence on the White House.

The

relationship of trust

between the United States and Europe, however, is developing in the opposite direction, as the United States is trying to weaken Russia and - at the same time - the EU’s economic strength and “ethical” status. Looking away from Europe, the continuation of the Ukrainian crisis and the deterioration of USA-Russia relations will certainly influence the positioning of US strategy in Asia-Pacific and China. If the Ukrainian conflict were to continue and turn into a long-term tug-of-war, the USA could change it's current “back to Asia” strategy, which focuses on containing China. From the Realpolitik perspective, the structural contradiction between China and the United States is based on changes in the balance of power and is much more important than the strategic contradiction between the United States and Russia. There is no misunderstanding about China’s and the United States’ strategic intentions.

China, whose strength is steadily growing, is seeking a corresponding international status, trying to change the US unipolar international order in favor of a multipolar one, which is what the White House is most concerned about and cannot accept. Therefore, the US policy of containing China in the Asia-Pacific region and Russia’s continued weakening in Europe would go hand in hand. Given avoiding the weakening of its dominance in key strategic regions, the United States has done its utmost to prevent China and Japan from cooperating in Asia, while in Europe - it has tried to prevent Russia and the EU from achieving strategic reconciliation and mutual trust - over and above the long-standing and fruitful trade relations.

The

United States, whose very

costly relative power of expansion is declining - with the American people that, unlike the New England elites, have always preferred isolationism and non-intervention abroad - is pushing the international community and regional powers to confront China and Russia to maintain the legitimacy of its dominance in the Asia-Pacific region and Europe.

This has proved to be destructive rather than inspiring: just think of the outcomes in Iraq and recently the flight from Afghanistan. Moreover, after the Soviet Union’s collapse, the US-led NATO has continued to expand. This expansion, which has reached as far as Ukraine, is a warning to China that the USA has a deeply rooted realistic geopolitical thinking and mindset when dealing with major relations with countries with their power and strength. The pressure of the international system led by the United States also against Russia is the reason why China and Russia have come closer.

Bot h

countries have worked

hard to be recognized and accepted by the international community on equal terms and conditions, but the West - in the service of the United States - cannot tolerate the ideas advocated by nationStates with great power aspirations. They cannot accept them based on their characteristics, development model, and political way of managing society. The United States and the EU are used to seeing China and Russia as a set of universally applicable stereotypes and a "we are good, they are bad" way of thinking, interfering in both countries

internal affairs, using the power of international discourse to attack Chinese and Russian societies, and using all kinds of defamation and demonization at a high political level. Although Russia had problems in the process of democratic transition, its basic social values and its political system are not fundamentally different from those of the West. Quite the reverse. They are much better than the political systems of US and EU wellknown friends. Although China and Russia have different religions, cultures, and political systems, they have established relations of mutual respect, equality, and independence between major powers - the kind of real independence that is hard to find in the EU itself.

The

nature of Sino-Russian

relations is different from the unequal relations between the United States and its European, Japanese and oceanic allies: the two countries do not impose themselves, nor do they point the finger at each other, nor does one give orders to the other, as happens in Italy and many Western countries.

Volodymyr Zelenskyy President of Ukraine

They respect each other's independence and take the geopolitical core of mutual interests into account as reliable partners.

the same time, current Sino-

Russian relations are also different from those of Sino-Soviet subordination, based on ideological “friendship” since the 1950s. They are relations of equality and mutual assistance based on the strategic interests of both countries, and not just one, as is the case in the West. Preserving and deepening the comprehensive strategic partnership of coordination between China and Russia will be the trend and direction of efforts for a long time to come. This is not only in response to the Cold War mentality that is characterized by the arrogance and preconceived ideas typical of the West. Sino-Russian strategic cooperation and the interesting relationship is long-term and structural and has an intrinsic foundation and value. The Ukrainian crisis is only a catalyst for promoting Sino-Russian relations. Since his second term in office (2004-2008), Putin has taken advantage of China's rise to revitalize Russia. Since then, SinoRussian strategic cooperation relations have progressed quickly.

Although there are objective obstacles to deepening these relations, trust between the parties has strengthened, especially since the outbreak of the Ukrainian crisis. Russia's eastward strategy and China's westward strategy have begun to increasingly intersect. From a practical economic perspective, the Ukrainian crisis and Western sanctions may firstly lead to changes in the global energy model, and the layout of the Russian energy export market has already started to shift towards Asia.

For

China, which has huge

energy needs and seeks to diversify risks through multiple channels, this is an opportunity. China has recently signed a gas agreement with Russia after ten years of negotiations. Western sanctions will certainly force Russia to develop an ever deeper financial relationship with China. Russian business tycoons are already starting to switch to the credit cards of China UnionPay (the only credit card issuer authorized in the country), converting more US dollars into Hong Kong dollars and depositing them in Chinese banks in Hong Kong.

W hile

Sino-Russian

bilateral trade, investment, and loans have started to increase the scope of deals denominated in local currency and Russia accepts payments in renmimbi yuan. The scope of the renmimbi yuan is expanding, which will have a major impact on the internationalization of this currency. Western sanctions have already led the Putin government to start promoting the Russian market’s diversification in terms of economic strategy. Economic countermeasures against Europe entail the large-scale transfer of the market for agricultural products elsewhere and may continue to expand in the field of industrial products. Fast expansion and penetration in the construction of high-speed railways, agriculture, military technology, satellite navigation systems, ports, logistics, IT industry, manufacturing, nuclear energy, and many other fields. Since China and Russia also have common strategic needs that go beyond economic interests, relations between the two countries are increasingly limited to mutual benefit and pragmatic cooperation on a purely economic level. China and Russia are facing the combined forces of the US-led alliance system in East Asia and Europe, respectively.

The East China Sea, South China Sea, and Ukraine are only specific points of struggle. The central problem is that - as great military powers with a long history and civilization - neither China nor Russia can accept the path laid out by the United States and the West to determine their internal affairs and foreign policies.

From

a defensive

viewpoint, the strategic mutual assistance between China and Russia provides mutual support and solidarity in the face of reality and public pressure in Western countries. During the Ukrainian crisis, Chinese officials endeavored to ease the RussianUkrainian friction and the situation in the country. When the West implemented economic sanctions and political isolation against Russia, China always opposed the encirclement and political repression and provided strong support to Russia. In the future, China may face a problem similar to the Russia-Ukraine one due to the issues related to Taiwan, the South China Sea, and Diaoyu Islands. Hence it will need loyal allies.

Over

the last two decades and until a few months ago - from the viewpoint of

concrete actions - we have seen that the US strength has gradually lost the ability and willingness to create constructive situations of world peace and prosperity, creating instead situations of conflict that worsened the scenario. The United States used the South China Sea, the Diaoyu Islands, and Ukraine to fuel disputes in Asia and Europe and start a series of color uprisings in Europe - and then the “Arab Springs” in the Middle East, West Asia, and North Africa - but it was later unable to remedy the situation, as demonstrated in Afghanistan.

a time when the United States intervenes everywhere but fails to solve its self-

created problems, there are only chaos and winds of war. This requires that cooperation between Russia and China should not be limited to bilateralism, but should also further unite regional powers such as India, Brazil, and the Republic of South Africa and play a greater role in the mechanism of cooperation in emerging markets and in the public and political spheres of countries that can still call themselves independent.

Background Picture: Russia vs Ukraine flag on cracked wall, concept of war between Russia and Ukraine, silhouette of soldiers on Russia vs Ukraine flag.

Edificio Valori At Peking University

Giancarlo Elia Valori and Yitzhak Rabin

Giancarlo Elia Valori and Shimon Peres

Giancarlo Elia Valori and Papa Giovanni Paolo II Giancarlo Elia Valori and Jacques DELORS, President of the European Commission 1985 /1995

Giancarlo Elia Valori and Jiang Zemin,President of of China 1993 to 2003

Giancarlo Elia Valori and Jacques Chirac, President of France 2007 and Bernard Esambert

Giancarlo Elia ValorI and Papa Giovanni Paolo II

Professor Giancarlo Elia Valori is a worldrenowned Italian economist and international relations expert, who serves as the President of the International World Group. In 1995, the Hebrew University of Jerusalem dedicated the Giancarlo Elia Valori chair of Peace and Regional Cooperation. Prof. Valori also holds chairs for Peace Studies at Yeshiva University in New York and at Peking University in China. Among his many honors from countries and institutions around the world, Prof. Valori is an Honorable of the Academy of Science at the Institute of France, as well as Knight Grand Cross and Knight of Labor of the Italian Republic.

995 to 2007

The

Center for Disease Control

(CDC) has a problem and that problem is people living their comfy lives in their comfy environment. They believe that bad things can only happen to someone else somewhere else. They prefer to get their news from movies, or worst yet TikTok and pop culture. Humans learn about the world by collectively acquiring information, filtering it, and sharing what we know. For years, the CDC has attempted to inform the public of the potential for weaponized biological agents which are “regular” infectious diseases weaponized to cause mass morbidity. What if at a strategy meeting someone threw out the concept of why don’t we just tell the public that the dam Zombies are coming for them. Even humorous (sarcastic) at the time, it turned out to be a good idea,

WHY? 78

Because of the rise of zombies in pop culture, we have zombie movies, and zombie TV shows, we celebrate Halloween, and Day of the Dead, and people believe that it could happen.

“

Dead creatures could get out of their graves and take over the world, roaming the highways eating people that get in their way for lunch.”

The CDC proceeded with their Zombie attack program, utilizing the concept of Zombies to warn the public in case of a bioterrorism attack. A bioterrorism attack is when biological agents such as infectious diseases are weaponized and utilized to cause mass morbidity. Biological agents include bacteria, viruses, fungi, and other microorganisms.

HISTORICAL PERSPECTIVE: The Black Death was one of the most devastating pandemics in human history, resulting in the deaths of an estimated 75 to 200 million people and peaking in Europe in the years 1346– 53.

After

the Black Death

superpowers and bad actors began to think “why do we need guns, warships when a simple virus can kill millions of people”.

The

big question

has

always been asked: how can scientists, who are educated to help humanity can justify the use of their privileged knowledge for the explicit goal of killing civilians en masse?

There has never been a response to this question but it is presumed that new or imagined threats to national security could persuade biologists to set aside any moral qualms in the name of patriotism; for economic security, fame, a career, or any combination of these motives.

Another justification for the development of biological weapons has been the suspicion that an enemy has already armed themselves with such weapons, thus we must be prepared to counterattack. History has shown us that such suspicions are usually based on poor intelligence and/or political agendas. The suspicions can however open the floodgates to unrestricted military research.

After

the First World War,

suspicions by the UK, the USA, and the Soviet Union that Germany was secretly developing biological weapons ran high. Fact Check: The German army was the first to use weapons of mass destruction, both biological and chemical, during the First World War, although their attacks with biological weapons were on a rather small scale and were not particularly successful. (https://www.ncbi.nlm.nih.gov/pmc/arti cles/PMC1326439/pdf/4embor849.pdf).

Nevertheless, France started its own biological weapons program in the early 1920s. In 1925, the signing of the Geneva Protocol banned the use of both chemical and bacteriological weapons. (EMBO reports VOL 7 | SPECIAL ISSUE | 2006). History, however, shows us that Germany was intent on an expansion of its tank divisions and air force. Furthermore, after the Second World War, we learned that Adolf Hitler had a distinct aversion to biological weapons and rejected all advice to develop them (Geissler, 1999). The concept of weaponized bio-agents continued in the1930’s when Japan conducted studies on prisoners of war using Anthrax which they called UNIT 731.

In 1943 the U.S. began its pilot test programs in which we weaponized seven bioagents including Anthrax. A World War I veteran, part-time preacher, and Chair of the bacteriology department at the University of Wisconsin, Ira Baldwin joined the World War II Effort. After speculating that Germany and Japan were supporting biological warfare programs, he was invited to Washington by Colonel William Kabrich of the Army’s then Chemical Warfare Service. The question posed to him was whether the U.S. could produce tons of its own bacteriological agents. He is alleged to have responded: “Absolutely, [I]f you could do it in a test tube, you could do it in a 10,000-gallon tank,” and “if you get enough tanks I’m sure you will get tons.” (https://www.pbs.org/wgbh/americanex perience/features/weapon-biographyira-baldwin/).

Baldwin, oversaw the mass production of anthrax spores to fill bombs along with hundreds of other scientists, civilian and military, involved in biological warfare research, which was kept secret as the Manhattan Project.

“

...virtually no nation with the ability to develop weapons of mass destruction has abstained from doing so”.

In 1969 President Nixon allegedly stopped all biological warfare testing. The Soviet Union has a sophisticated program even though they suffered an Anthrax accident in 1979.

“

Biological warfare is not some some new hightech phenomenon, it has been utilized for centuries”.

Table 1 presents examples of biological warfare during the past millennium.

https://www.ncbi.nlm.nih.gov/p mc/articles/PMC1326439/

Table 1 Year /Event 1155 - Emperor Barbarossa poisons water wells with human bodies, Tortona, Italy 1346 - Mongols catapult bodies of plague victims over the city walls of Caffa, Crimean Peninsula 1495 - Spanish mix wine with the blood of leprosy patients to sell to their French foes, Naples, Italy 1650 - Polish fire saliva from rabid dogs toward their enemies 1675 - The first deal between German and French forces was not to use 'poison bullets' 1763 - British distribute blankets from smallpox patients to native Americans 1797 - Napoleon floods the plains around Mantua, Italy, to enhance the spread of malaria 1863 - Confederates sell clothing from yellow fever and smallpox patients to Union troops, U.S.A.

BIOLOGICAL

agents

are typically found in nature and can be spread through the air, through water, or in food. Some biological agents like the smallpox virus can be spread from person to person and some like Anthrax, cannot.

Weaponized bio-agents pose the highest risk to the public and national security because: They can be easily spread or transmitted from person to person

They result in high death rates and have the potential for major public health impact

They might cause public panic and social disruption

CATEGORY A

bio-agents

are the most dangerous and include:

Anthrax Botulism Brucellosis Plague Smallpox Viral Hemorrhagic Fever

While

the use of biological

agents as terrorist weapons is extremely rare, it can inflict mass injuries unmatched by conventional weapons. The National Consortium for the Study of Terrorism and Responses to Terrorism (GTD) defines terrorist attacks as “the threatened or actual use of illegal force and violence by a non-state actor to attain a political, economic, religious, or social goal through fear, coercion, or intimidation.” In today’s technology world, traditional military guns and tanks are no longer necessary to destroy an adversary. Adding to the foray is that many times we don’t even know who our adversary is, it is often difficult to determine the responsible party.

Bad

actors can stay anonymous

while performing cyber attacks. Our increased utilization of technology provides tremendous opportunities but it also increases the vulnerability of people and governments to cyber attacks.

And playing around with bio-agents is not just for the big boys or big governments, today anyone with basic skills can be a player or if you prefer "an enemy”.

Artificial Intelligence enters the equation: The multiplier effect.

has demonstrated its ability to

surpass human-level intelligence in a broad array of areas. AI has seen exponential growth and diffusion as it is used across most industries, it solves business and transportation problems, detects fraud, supports fraud, it can also predict the emotional state and behavior of the person calling to help companies anticipate desirable solutions. Generally defined Artificial Intelligence represents the third era of computing, the ability of a machine to perform cognitive functions such as perception, learning, reasoning, problem-solving, contextual understanding, predictions, and exercising creativity, as well as or better than humans.

It is important to realize that machines, computers, artificial intelligence, and anything designed by humans will never be perfect. Mistakes will be made, poor recommendations will occur, and bad things will happen. In what started as an invitation to a conference in Switzerland to discuss the misuse of machine learning, like all Conference speakers eagerly determined to bring new knowledge to the event, Researcher, Fabio Urbina decided to conduct an AI experiment. Urbina’s day job is to implement new machine learning models in the area of drug discovery. His discovery not only shook him but the world. Through his research,

“

It took less than six hours for drugdeveloping AI to invent 40,000 potentially lethal molecules”.

These are some of the worst lethal molecules anyone has ever come up with (https://www.theverge.com/2022/3/17 /22983197/ai-new-possible-chemicalweapons-generative-models-vx).

Technology

exists

everywhere in the Universe, just because we are not aware of Technology doesn’t mean it doesn’t exist. While you sleep, the lights are burning late at labs around the world. Often referred to as the “devil in the fridge” CRISPR is a method that promises to revolutionize technology by allegedly allowing us to change nearly any gene in any way in any species. Simply put, CRISPR, an acronym for “clustered regularly interspaced short palindromic repeats,” is a way to edit DNA. It can also be utilized to create weapons of war. Warfare has moved from tanks and guns to asymmetric operations. When considering the potential threat of biological weapons in the hands of rogue states or terrorist groups we must also look at the ordinary citizen. Early Genetic Engineering Experiments cost millions of dollars. CRISPR is now so democratized that it can be accessible to anyone delivered to your door for less than $300. Cheap and simple CRISPR kits are now sold on the Internet, allowing anyone to edit the genes of bacteria. The key emphasis here is on the word

ANYONE!

“

THE DEVIL IN THE FRIDGE

And there it sat Next to my bottle of wine. Waiting for me to throw the dice

and meddle with aTechnology exists everywhere in the Universe, just because we are not aware system I knew of Technology doesn’t mean it doesn’t nothing about - exist. you sleep, the lights are burning permanently While late at labs around the world. Often to as the “devil in the fridge” changing my DNAreferred CRISPR is a method that promises to technology by allegedly and those of revolutionize allowing us to change nearly any gene in any way in any species. Simply put, generations to comeCRISPR, an acronym for “clustered interspaced short palindromic with uncertain regularly repeats,” is a way to edit DNA. Results

”

It can also be utilized to create weapons of war. Warfare has moved from tanks and guns to asymmetric operations. Early Genetic Engineering Experiments cost millions of dollars. CRISPR is now so democratized that it can be accessible to anyone delivered to your door for less than $300. Cheap and simple CRISPR kits are now sold on the Internet, allowing anyone to edit the genes of bacteria. The key emphasis here is on the word

ANYONE! - Linda Restrepo-

It is the ease of delivery and lack of oversight that could be a danger to humanity. Enemies search for methods to inflict maximum danger with limited resources and theoretically CRISPR can be done in their kitchen. Most of the research on CRISPR has been funded by the federal government and thus the American taxpayer. There has been a surge of CRISPR research by scientists in both Universities and Biotechnology companies, who are researching it for use in medicine and beyond. In 2018 publicly available CRISPR Patent Applications included: 872 in the United States; 186 in Europe and 858 in China.

It is the potential it has for mitigation which should keep the average person up at night. Genetic Engineering Technology augmented with AI can make existing Bacteria

morbidly endless. 92

So how does this all fit together?

Exponential Technology is the

type of Technology that grows at an exponential rate. It does this through conversion which is one technology interacting with another technology. The reason they become exponential is that costs come down creating more opportunities for more growth and or malfeasance. Converging with each other they produce a power never seen before or imagined possible. In this scenario, the Convergence becomes cyber warfare, co-mingled with genetic reproduction, weaponized bio-agents, and AI. A lethal cocktail to say the least. While disinformation on the subject runs rampant, Panic control is a major criterion of any crisis or dangerous situation, they tell you to go home and lock your doors, not because it will be the safest place but because it will keep you from roaming the streets like a Zombie.

“

So the message is that if you don’t want to become a ZOMBIE or be eaten by one you need to be informed and prepared”.

EXPONENTIAL TECHNOLOGIES CYBERSECURITY

Linda Restrepo is Director of Education and Innovation Human Health Education and Research Foundation. She has been a recognized Women in Technology Leader Cybersecurity and Artificial Intelligence. Restrepo's expertise also includes Exponential Technologies Management, Computer Algorithms, Research, Implementation Management of Complex Humanmachine Systems. Interstellar exploration and Mars Human Habitats; Global Economic Impacts Research. Restrepo is President of a global government and military defense multidisciplinary research and strategic development firm.

She has directed Corporate Technology Commercialization through the US National Laboratories. Emerging Infectious Diseases, Restrepo is also the Chief Executive Officer of Professional Global Outreach. Restrepo has advanced degrees from The University of Texas and New Mexico State University.

EXPERTS AND ANALYSIS W hen

we talk

about blockchain, both in terms of disclosure and technical development, we are referring to the public blockchain ( permissionless ). Let's briefly recall what is meant by blockchain: a distributed register of transactions, freely accessible and based on the consensus that occurs between the participants in the network itself, with the intensive use of cryptography and digital signature.

10 0

There

is no longer a logic

of centralization (even in its evolved decentralized forms) but a distributed and horizontal form of information. It is a technology that confers total trust and transparency to the subjects and operations involved. One of the characteristics that the blockchain attributes with absolute confidence is the immutability of data: once a transaction is registered, it cannot be modified or canceled.

10 1

101

There

How the blockchain can change the model of energy use, what are the advantages: is no longer a logic of -p2p energy exchange to micro-network environments centralization (even in its evolved decentralized forms) but a distributed and horizontal form of and information. It is -Exchanges, purchase, sale of energy between citizens a technology that confers total trust and companies transparency to the subjects and operations involved. One of the that the blockchain Tokenization-based peer-to-peer characteristics applications models attributes with absolute confidence is the immutability of data: once a transaction is registered, it cannot be Blockchain in the p2p sector, advantages and perspectives modified or canceled.

The

The blockchain cannot be

applied to all sectors. Surely a sector favorable to its application is the P2P energy sector with relative tokenization . Here you can get peer-to-peer management in a secure and transparent way. It is a very important contribution in terms of efficiency and disintermediation that blockchain technology can give to the energy sector.

There

is no longer a logic of

centralization (even in its evolved decentralized forms) but a distributed and horizontal form of information. It is a technology that confers total trust and transparency to the subjects and operations involved. One of the characteristics that the blockchain attributes with absolute confidence is the immutability of data: once a transaction is registered, it cannot be modified or canceled.

103

- p 2 p e n e r g yThere exchange in micro-network environments is no longer a logic of

centralization (even in its evolved decentralized forms) but a distributed and horizontal form of information. It is a technology that confers total trust and transparency to the subjects and Having a good network infrastructure at operations involved. One of the the base, it is possible to create an characteristics that the blockchain energy exchange within small districts attributes with absolute confidence is by transforming neighborhoods into mini the immutability of data: once a circular economies. transaction is registered, it cannot be modified or canceled. Example: in Italy we have the national a company or a family can buy supplier and the various distributors energy at much lower costs than the (Acea, Edison, etc.). Today citizens pay national rate. For the citizen who the running costs of using a meter despite not using it for most of the day. instead makes his 2.5 kW available, he A fairly common situation is that in can easily compensate the management which there is a meter with a power of 3 costs of his contactor. kW (on average 90% of households) with also a photovoltaic system. During the day an average family, from 8 to 17, is not present in the house, but at the same time the fixed costs weigh continuously on the budget. So the most logical thing is to have an energy exchange portal where the power of the meter (2.5 kW) is made available to other families, or companies that need to have more energy during that time slot.

- E x c h a n g e s , There purchase, sale of energy between citizens and companies

is no longer a logic of

centralization (even in its evolved decentralized forms) but a distributed and horizontal form of information. It is a technology that confers total trust and transparency to the subjects and operations involved. One of the characteristics that the blockchain attributes with absolute confidence is This is not enough for tokenization, that the immutability of data:where once ait is is a form of circular economy transaction registered, it cannot possible to decideisto get paid not in fiat be modified or canceled. money but in tokens. These tokens can be used in a thousand ways. Example: if a region or province or municipality applied this forward-looking model, they could easily reward citizens who adopt virtuous behavior with the conferment of tokens. These could then be used to pay local taxes or duties (this is because energy p2p is part of the Green Economy), discounts on the purchase of basic necessities that can be spent with merchants in that area where the micronetwork is being used. Agreements can even be found with distributors to be able to install electric charging stations and favor the people who have electric cars in those micro-networks, allowing discounts on charging.

105

10 7

107

Think

of the possibility of

installing charging stations in owned spaces and allowing those who need them to be able to use them. All managed in an absolutely automatic way, with the two wallets (that of the column and that of the car) that pay off the purchase and sale of energy through smart contracts. All this to the absolute advantage of a virtuous model of economy which has as its first direct consequence a decrease and rationalization of consumption which has a positive impact on environmental protection.

Tokenization-based peerto-peer application models In Australia, peer-to-peer experimentation has been carried out since 2013 and since then other countries have followed this model: Germany, India, etc. These states have understood the concept of a circular, public and transparent economy model, inserting the concept of rewarding tokenization that will go far beyond the energy context. In Italy, p2p energy can be applied in public administration (schools, barracks, municipalities, etc.), where photovoltaic systems could be installed that could help meet public energy needs (lighting, etc.).

109

11 0

11 1

11 2

William Nonnis, Development since 2000 for the Ministry of Defense, a series of applications continuously studying and perfecting my skills in Analysis, Design and Development and carrying out the feasibility study of multiple projects in the Ministry of Defense and PA. Selected by the secretariat of the Undersecretary of Defense Angelo Tofalo, as a member of the Italian Open Lab Technical Staff (https://www.italianopenlab.it/), working on the study, design and development activities on Blockchain, AI, IoT and WEB Applications, having the expertise in Blockchain Technology / Protocol, Smart Contract, Token, DLT. Member of the Task Force, of the Department for Integral Welfare, "Mary and the Creation" (Mariology Pontificia Academia Mariana Internationalis, Vatican), Digital area and Blockchain. Received recognition /award from ANGI, in collaboration with the Presidency of the Council, as the best Italian excellence in the field of Blockchain and Digital Innovation.

11 3

11 4

11 5

115

11 6

Thursday 24 February 2022,

coincidently, the same day of my sister’s birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure. What made this war markedly different from any other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal Ukraine Government channels. Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

11 7

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds who had suffered similar digital intrusions, using near identical methods with the same outcomes, it was the scale and audacity that possibly was shocking and crippling. What is more, it also heralded a major milestone that other Governments’ own basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and country globally as unlike a warhead with a limited range, cyberattacks have no boundaries or limits and due to security negligence, even gross negligence, every critical infrastructure globally could be targeted and infiltrated.

The

Modus Operandi had been

set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

117

I will explain more on this later, save to say, the data wasThursday not encrypted due to 24 February the PKI issue, an expired and invalid 2022,Certificate. coincidently, same day of my Digital Wethe identified dozens Russia launched a ofsisters other birthday, Ukraine Government websites comprehensive invasion of Ukraine. with the same errors rendering them This attack followed weeks of Russian forces also NOT SECURE and exploitable. building on the Russian, Ukrainian borderwe amidst dismissive rhetoric When started peeling back the by Vladimir Russia’s in layers, youVladimirovich will hear the Putin, term ‘Defence President ofaalot ‘special Depth’ quite and itoperations means exactly exercise’ and weeks of Cyberwar attacks that. You cannot, or certainly should not on critical digital infrastructure. rely on a single secure position, but multiple. In terms of defence, the What made this war markedly Ukraine Government, and their different technical from any other war in history was it’s partners failed the very basic security, use of of Perimeter Cyberwar as a precursor to the that Defence by making Kinetic warwould that followed weeks errors that nullify allsome other5levels oflater. security no matter how complex, how many $millions or even $billions were Russia launched a Cyberwar offensive spent and when these errors are made, against Ukraine and although the wasted. methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine basic security Government websites and infrastructure that caused chaos across many normal errors, as happened to SolarWinds in Ukraine Government channels. 2020, once infiltrated, nobody can see

Such

or notice them as metaphorically the Attacksare such Man in The Middle enemy nowasmasquerading as one of (MiTM) and no doubt code injections the internal team by wearing the sameto enable Domain Admin Accesserrors and are uniform. These basic security Domain Hijackingtoand wereof not only confined theTakeover visual errors witnessed.

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds whoinvalid had suffered Digital similar digital intrusions, using near Certificates identical methods by displaying with the thesame NOT SECURE outcomes, textiton was the the website, scale and butaudacity also the thatDomain possibly Name was shocking System (DNS) and which iscrippling. where the content is handed off to a Content Delivery Network (CDN) to distribute What is more, that data, it alsoglobally heralded if required. a major Itmilestone is imperative that that otherthis Governments’ is also SECURE. own basic security negligence also left them Inhighly the case exposed. of theThat Ukraine thin red Government line had websites undoubtedly that been were successfully crossed and possibly attacked would threaten as partevery of thegovernment Russian and Cyberwar country globally offensive as and unlike a precursor a warheadto the withkinetic a limited war,range, they were cyberattacks not only NOT have SECURE no boundaries for the or world limits to and see, due but also to their security SIDEnegligence, and BACKDOORS even gross were wide open negligence, to enable every andcritical even facilitate infrastructure infiltration globally could unbeknown be targeted to everyone and until the infiltrated. attack became known sometime later. That is of course unless it was planned.

PKI,

The

It is not beyond the realms of possibility, Operandi that this Cyberwar wasModus months, even years in theset planning parttwo of decades the had been over theaslast Russian reconnaissance to in or more overall however, although growing identify Insecure digitalthey targets. We have frequency and scale, had, until identified dated now, beenInsecure confinedpositions to cyberthat criminals from at least August 2019 thatwilling would to looking to sell data to anyone enable ‘Sleeper Digitalan Plants and Cells’ pay. This has created entire Black to have been ready forway up Market cyberimplanted eco system all the to and including Zero Days where no ‘Fix’ is yet known or developed.

Such

PKI,

The

On Just

Thursday 24 February

as in the 2022, coincidently, the Cold sameWar, day of my sisters had birthday, a Russia been Russia taught launched well by their comprehensive invasion of Ukraine. ‘opponents’ namely the United StatesThis of attack followed weeks of Russian forces America. The US invested $billions of building onmoney the Russian, taxpayers’ in their Ukrainian quest to border amidst dismissive ensure Digital Supremacy rhetoric knowingby full Vladimir Vladimirovich Putin, Russia’s well that whoever could control the President of awould ‘special operations Digital World, indeed have a exercise’ and weeks of Cyberwar attacks major advantage over the rest of the on critical digital infrastructure. world. Not only from a commercial, but also from a military perspective. Warfare What made this on warfrom markedly had now moved Land, different Air and from any other war in history was Sea to include Cyberwar, more on it’s that use of Cyberwar as a precursor to the later. On the 17 January 2022 Russia Kinetic war that followed some launched a bombardment of 5 weeks later. cyberattacks upon Insecure Ukraine Government websites and infiltrated at Russia Cyberwar offensive least 70launched of them. aThis included the against Ukraine and although the Ukraine Military and even Ukraine’s methods and attacks were cyber command centre. Butnothing how and particularly new in their use and To what was their desired outcome? deployment, was the scale and cause havoc, itchaos andsheer destabilize the debilitating nature of over 70 Ukraine entire country. Government websites and infrastructure thathad caused chaos across many normal We already commenced Threat Ukraine Government Intelligence gathering channels. on numerous Ukraine Government websites and had Attacks such as Man in The Middle tried to inform the various people there (MiTM) and no doubt code injections to eventually getting to directly enable Domain Admin communicate with one Access of their and ThirdDomain Hijacking and Takeover wereto Party US partners and alerting them witnessed. just some of the oversights and errors.

“

That thin red line had undoubtedly been crossed

What is more, it also heralded a major milestone that other Governments’ own basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and country globally as unlike a warhead with a 18 limited range, cyberattacks have On the January 2022 we exchanged very no boundaries concerningor information limits and on due to numerous security negligence, Ukraine Government even gross websites. negligence, One every example critical was infrastructure globally could bewhich targeted and www.mfa.gov.ua is the Ministry of infiltrated. Defense for Ukraine and connected, as you would expect, to numerous other Government websites.

The

The MFA Government website was Modus displaying a NOT SECURE textOperandi in the URL due a PKI and had Address been setbar over thetolast twoerror decades issue. This meant italthough was not growing only easily or more however, in identified as being NOT SECURE, but frequency and scale, they had, until it also basic to security was now,confirmed been confined cyber criminals lacking therefore only could lookingand to sell data tonot anyone willingitto be easily but itan also confirmed pay. Thisabused, has created entire Black data was being sent to and from Market cyber eco system all the the way up server in Plain Text (Unencrypted). to and including Zero Days where no ‘Fix’ is yet known or developed.

Thursday February I will explain more on this 24 later, save to say, the data was not encrypted due to 2022, the same day of my the PKI coincidently, issue, an expired and invalid sistersCertificate. birthday, Russia launched a Digital We identified dozens of Ukraine. This ofcomprehensive other Ukraine invasion Government websites attack weeks of Russian forces with thefollowed same errors rendering them building the Russian, Ukrainian also NOT on SECURE and exploitable. border amidst dismissive rhetoric by Vladimir Putin, When we Vladimirovich started peeling backRussia’s the President of a ‘special operations layers, you will hear the term ‘Defence in exercise’ anda weeks attacks Depth’ quite lot andof it Cyberwar means exactly on critical digital or infrastructure. that. You cannot, certainly should not rely on a single secure position, but What made this war markedlythe different multiple. In terms of defence, from any other war inand history it’s Ukraine Government, theirwas technical use of Cyberwar a precursor to the partners failed theasvery basic security, Kinetic war that followed 5 weeks that of Perimeter Defence some by making later. that would nullify all other levels errors of security no matter how complex, how Russia launched Cyberwar offensive many $millions or aeven $billions were against Ukraine and although the spent and when these errors are made, methods and attacks were nothing wasted. particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal basic security errors, as Ukraine Government channels. happened to SolarWinds in 2020, once infiltrated, nobody caninsee notice Attacks such as Man TheorMiddle them as and metaphorically the injections enemy areto (MiTM) no doubt code now masquerading as one of the enable Domain Admin Access and internal team by wearing the same Domain Hijacking and Takeover were uniform. These basic security errors are witnessed. not only confined to the visual errors of

Suc h

12 1

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds who had suffered invalid Digital similar digital intrusions, using near identical methods with the same Certificates displaying theand NOTaudacity outcomes, itbywas the scale SECURE text on theshocking website,and but also that possibly was the Domain Name System (DNS) which crippling. is where the content is handed off to a Content (CDN)ato What is Delivery more, it Network also heralded major distribute that data, globally if required. milestone that other Governments’ own Itbasic is imperative that this is also security negligence also SECURE. left them

PKI,

highly exposed. That thin red line had Inundoubtedly the case of been the Ukraine crossedGovernment and possibly websites that were successfully would threaten every government and attacked as part of Russian country globally as the unlike a warhead Cyberwar offensive and a precursor to with a limited range, cyberattacks have the war, or they wereand notdue onlytoNOT no kinetic boundaries limits SECURE the worldeven to see, but also security for negligence, gross their SIDE and BACKDOORS were wide negligence, every critical infrastructure open to enable and even facilitate globally could be targeted and infiltration unbeknown to everyone until infiltrated. the attack became known sometime later. That is of course unless it was planned.

The

It is not beyond the realms possibility, ModusofOperandi that this Cyberwar was months, even had been over theaslast years in theset planning parttwo of decades the or more however, although growing Russian overall reconnaissance to in frequency and scale, had, until identify Insecure digitalthey targets. We have now, been confined to cyber criminals identified Insecure positions that dated looking to sell data to anyone from at least August 2019 thatwilling would to pay. This has created entire Black enable ‘Sleeper Digitalan Plants and Cells’ Market cyber eco system all the way up to have been implanted ready for to and including Zero Days where no activity. ‘Fix’ is yet known or developed.

121

Thursday 24 February

2022, coincidently, the same day of my sisters birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure. What made this war markedly different from any other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal Ukraine Government channels. Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

The

Modus Operandi

had been set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

It On

is also not beyond the realms of

possibility that data was being captured, Thursday for 24 several February controlled, and amended years to these basic security 2022,due coincidently, the same dayerrors. of my sisters birthday, Russia launched a As I write this preface on the 23 March comprehensive invasion of Ukraine. This 2022, basic security areforces attackthe followed weeks oferrors Russian STILL in place and the USUkrainian Tech Thirdbuilding on the Russian, Party insists on dismissive going via Attorney’s border amidst rhetoric by instead of directly engaging toRussia’s address Vladimir Vladimirovich Putin, their security and gross President of aoversights ‘special operations negligence. Doweeks they have something to exercise’ and of Cyberwar attacks hide? Quitedigital possibly. Are they complicit on critical infrastructure. by being complacent? What made this war markedly different We cannot speculate this point; all we from any other war inathistory was it’s can is that Ukrainianto the useconfirm of Cyberwar asthe a precursor Government and followed thousands of other Kinetic war that some 5 weeks organizations are highly exposed due to later. their basic security errors. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and can confirm that finally on the 16 deployment, it was the sheer scale and debilitating nature of over 70 Ukraine March, the Ukraine website Government websites www.mfa.gov.ua had a and validinfrastructure Digital that caused chaosupon across normal Certificate placed it atmany 00:00 UTC. Ukraine Government channels. This is some 8 weeks after we first informed them of the basic security Attacks such asthe Man in The Middle error. However, DNS is still (MiTM) andexposed. no doubtThis code injections completely situation, asto enable Domain Admin Access and mentioned, nullifies all other security Domain Hijacking and measures, including thisTakeover Digital were witnessed. Certificate.

12 4

On Wednesday 26 January The Although such attacks are 2022 nothing White Housenew, released theirfollowed paper titled: particularly as these ‘Moving thethe USfashion Government a Zero closely in seen into2020 Trust It is awho veryhad useful and whenModel’. SolarWinds suffered insightful document and was published similar digital intrusions, using near only 9 days after thewith Russian Cyberwar identical methods the same attacks commenced and outcomes, it was theupon scaleUkraine and audacity cites no less 47 times. that DNS possibly was than shocking and A coincidence, crippling. maybe, however with years of experience we have become a tad battle rarely subscribe What hardened is more, it and alsowe heralded a major to coincidences in theGovernments’ Cyber Securityown milestone that other world. basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and ongoing country globally asUkraine unlike aCyberwar warhead withWar, a limited range, cyberattacks and both are currently raging, have has no boundaries andofdue to seen the exodusoroflimits millions Ukraine security predominantly negligence, even grossand citizens, women negligence, every critical children as men under 60infrastructure are forced to globally could be targeted stay and fight. The war has and so far infiltrated. claimed the needless loss of lives on both the Russian and Ukraine sides in their tens of thousands and with predicted losses of as many of 1 million people due to the war and lack of food Modus Operandi and water. had been set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

The

This On

war, no matter how it Thursday 24 February started, or who is culpable, time will 2022, coincidently, the same aided, day of my show basic security measures sisters birthday,this Russia launched even facilitated war and that a comprehensive invasion of Ukraine. marked the beginning of what we all This attackdoes followed weeks oftoRussian hope, not escalate becomeforces building on Chemical or the evenRussian, NuclearUkrainian war. border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure.

I would personally like to applaud the Citizens of Ukraine for their What made this war markedly different andwas it’s from anycourage other war in history use of Cyberwar as a precursor to the Kineticdetermination war that followed some .5 weeks later.

Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and fact that far too many leaders deployment, it was the sheer scale and nature of oversuch 70 Ukraine ofdebilitating the world have allowed a situation Government to manifest websites itself andisinfrastructure an utter that caused across many normal disgrace and chaos eventually, those Ukraine Government channels. responsible MUST be held to account.

The

Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

12 5

Digital Blood on Their Hands fills in the Although such attacks are nothing blanks. It will inform and enlighten particularly new, as these followed everyone of how we got here, and where closely in the fashion seen in 2020 we will hopefully go and what we need when SolarWinds who had suffered to do to alter the destructive course we similar digital intrusions, using near are currently on. You will no doubt have identical methods with the same heard the term, I hope it was not all in outcomes, it was the scale and audacity vain, this I truly hope by my addressing that possibly was shocking and and bringing the real world of crippling. clandestine cyberwar and cyberattacks to be openly discussed and addressed, What is more, it also heralded a major not just by ignorant politicians looking to milestone that other Governments’ own achieve their next vote so they basic security negligence also left them manipulate their view of the world and highly exposed. That thin red line had vastly increase their personal Bank undoubtedly been crossed and possibly Balances, but to serve the citizens of the would threaten every government and world congruently and as a collective. country globally as unlike a warhead Less me, and more us. with a limited range, cyberattacks have no boundaries or limits and due to security negligence, even gross negligence, every critical infrastructure Governments, the Intelligence globally could be targeted and Community including the Alphabet infiltrated. Agencies are at a major crossroads. Do they continue manipulating the Cyber realm without any defence by focusing on purely Offense, the same Offensive capabilities as we areModus witnessing Operandi against Ukraine and now Russia, or do hadstart been set over the last twosecurity decades we taking security, basic or more however, although growing in seriously? frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

The

125

On We

Thursday 24 February

2022, coincidently, the same day of my sisters birthday, Russia launched a comprehensive invasion of Ukraine. This have frequently been attack followed weeks of Russian forces marginalized because of our views, building on the Russian, Ukrainian beliefs, knowledge. It is often by border and amidst dismissive rhetoric considered ‘Dirty little Secrets’ that are Vladimir Vladimirovich Putin, Russia’s best left unsaid due to fear of reprisals President of a ‘special operations to Politicians Tech Giants signing the exercise’ andorweeks of Cyberwar attacks next multi $billion deal which provides on critical digital infrastructure. no more security, and instead of mitigating, adds to the different already What madeactually this war markedly woefully positions. from anyexposed other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later.

Smoke,

andoffensive sleight of Russia launched mirrors, a Cyberwar against Ukraine and the hand is being used byalthough Wall Street methodssecurity and attacks werenot nothing building Unicorns, to better particularly new in their use and protect the citizens of the world, but to deployment, it was thepockets sheer scale and line their bulging, dirty further. debilitating nature of over 70 Ukraine Government websites infrastructure Personally, I am sick to and my stomach of that caused chaos across many normal the Tech Giant forcing our hand to use Ukraine Government channels. upon Attorneys as literally thousands thousands of people are dying either Attacks or such as Manquite in The Middledue directly, indirectly possibly (MiTM) and noThe doubt injections to their errors. titlecode of this book, to enableBlood Domain Admin Access andnot Digital on their Hands could Domain Hijacking and Takeover were be more apt. witnessed.

12 6

The

Modus Operandi

Andy Jenkinson is the Group CEO, Cyber Innovation Partners. Group and Member of the International Advisory Council Human Health Education and Research Foundation. He is a senior and seasoned innovative executive with over 25 years of experience as a hands-on lateral thinking CEO/COS coach and leader. Recognized as one of top global Cybersecurity experts. He is also a big business accelerator, having created and been responsible for £100 millions in revenues within the technical, risk and compliance markets. Masters in NLP/NAC. Jenkinson is also the author of “Stuxnet To Sunburst 20 Years of Digital Exploitation and Cyber Warfare”.

117 12 9

REAL

CYBERSECURITY

MANAGING

REPORTING METRICS

AND

By: WILLIAM FAVRE SLATER, III

131

Introduction

Real Cybersecurity

Obviously, cybersecurity is one of the most important topics in business today. With all the headlines about cyberattacks, ransomware attacks, cyberwarfare, and data breaches, everyone who uses a computer that is connected to the Internet is thinking about how they be more secure. In addition, the people who are cybersecurity leaders are constantly challenged to demonstrate to management that the security services they are managing and delivering offer real quality and value for the budget expenditures required to deliver these services.

Nearly all of us in the cybersecurity career field as well as those who are being trained to enter field as a career direction, have been trained to understand the important facets of cybersecurity, namely Confidentiality, Integrity, and Availability, frequently described as “CIA”. We have been taught that any cybersecurity solution is not complete unless it has the design and controls that protect the organization in these three areas. Have you ever considered that there might be more to these three requirements for cybersecurity? Well, in fact there are at least three additional facets that should be considered to offer the best possible cybersecurity.

This article will provide useful information about how to deliver better cybersecurity services. It will also provide expert insights from notable security practitioners/authors about measuring and managing cybersecurity services and how to report these metrics to upper management so they will understand what they are getting for the money they have allocated for cybersecurity, and how these expenditures are increasing the required levels of security in the organization.

UTILITY, AUTHENTICITY, AND CONTROL. Those a r e

Coupled with the CIA, these additional three facets form the Parkerian Hexad. This is named after one of the founders of the cybersecurity profession, Mr. Donn B. Parker. Mr. Parker was hacking computers and software since the 1960s. He was also a prolific lecturer and his videos are still available on YouTube.

The facet of Utility has to do with the idea that your data and systems are Usable. You cannot get work done with data that is not usable.

UTILITY, AUTHENTICITY, AND CONTROL.

The facet of Authenticity has to do with the idea that the data or information you have is genuine. In the day and age of Deep Fakes, this would be a valuable thing to know. For example, as recently as March 2022, Deep Fake Videos of Ukraine’s President Zelenskyy have appeared on the web, making statements that he never said. The facet of Control has to do with the fact that the data or information you need is actually under your control. In the day and age of malware and trojan software, it is important to have the peace of mind that you have control over the data and information and systems for which you are responsible. Adding these three additional facets can help you and your cybersecurity Team build solutions that are far superior to those who are only doing the CIA part of the Parkerian Hexad.

133

W. Krag Brotby – Information Security Management Metrics Brotby’s Information Security Management Metrics classifies metrics according to the following scheme: Program Development Metrics Policy Management Metrics Process Maturity Metrics Support Metrics Personnel Support Metrics Resources Support Metrics Operational Metrics Operational Readiness Metrics Management Readiness Metrics Technical Readiness Metrics Operational Practices Metrics Operational Environment Metrics Effectiveness Metrics Metrics for Technical Target of Assessment Metrics for Strength Assessment Metrics for Features in Normal Circumstances Metrics for Features in Abnormal Circumstances Metrics for Weakness Assessment Risk Metrics Operational Limitation Metrics From Information Security Management Metrics, W. Krag Brotby, 2007. Brotby is the only security author/practitioner in this article to introduce the concept of a Capability Maturity Model for measuring and managing the effectiveness of information security metrics. The maturity levels in this model are defined as: 1. Initial 2. Repeatable 3. Defined 4. Managed 5. Optimizing

Lance Hayden, PhD – IT Security Metrics Dr. Hayden advocates the creation of a Security Process Management (SPM) Framework to be used to monitor all aspects of IT Security Management. The table shown below is an example of IT organizational goals mapped to example metrics that can be captured to measure the performance of a Security Operations Team:

GOAL Budget & Personnel

METRIC

Understand the prioritization of and investment in security as a function of IT operations.

Percent of IT budget devoted to IT security

Understand the connection between IT security activities and the business.

Percent of IT security budget covered through internal charge back, by unit

Understand the prioritization of and investment in security as a function of IT operations.

Ratio of full-time IT staff resources developed to IT security

Understand one general level of security personnel expertise.

Ratio of certified to noncertified IT security staff members

PROCESSES & PROJECTS Understand the level of visibility into routine security operational activities.

Ratio of security business processes that are documented

Understand the utilization of existing IT security staff.

Number of security measurement or improvement projects undertaken during time period

Understand the prioritization of and investment in security as a function of IT operations.

Ratio of security measurement or improvement projects to overall IT measurement or improvement projects

135

Understand project size and duration for IT security projects.

Average resource utilization (in staff hours) for security measurement or improvement projects undertaken during time period

SYSTEMS & VULNERABILITIES Understand deviation from established baselines.

Percent of systems compliant with current configuration standards

Understand gaps in existing security posture.

Number of or ratio of systems containing vulnerabilities as a result of assessment

Understand threat levels for vulnerable systems.

Average count and severity of vulnerabilities per assessed system or defined set of systems

Understand threat levels for vulnerable systems.

Number of probes, attempted attacks, and penetrations during time period

Understand vulnerabilities posed by wireless connectivity.

Ratio of security to unsecured wireless access points present on network.

CHANGE & REMEDIATION Understand systemic changes to security baseline over time.

Number of configuration change or exception requests per time period

Understand security reaction posture and impact on IT security staff.

Number of security incidents (escalated or investigated) per time period

Understand what kind of security. Vulnerabilities are most prevalent in the environment. Understand lag time between vulnerability discovery and mitigation.

Ratio of vulnerability types identified (access, denial-of-service, data loss or corruption, fraud, and so on) Average time required to remediate identified security vulnerabilities

From IT Security Metrics, Lance Hayden, 2010

Andrew Jaquith – Security Metrics Andrew Jaquith is one of the best known Security Metrics people in the Information Technology world. This statement from his book is a good summary of the purpose of Security Metrics: “Security metrics are the servants of risk management, and risk management is about making decisions. Therefore, the only security metrics we are interested in are those that support decision making about risk for the purpose of managing that risk.” Jaquith is also known for his ability to perform deep statistical analysis on monitoring and other essential IT security metrics. He believes there are even more valuable insights to be gained by measuring the measurements of the processes

themselves. Jaquith cites the COBIT IT Management Framework to shed light on the importance of the Monitoring control domain: It is the governance activities an organization performs to understand how well its processes operate: “All IT processes need to be regularly assessed over time for their quality and compliance with control requirements. This domain addresses performance management, monitoring of internal control, regulatory compliance, and providing governance.” (COBIT) Jaquith is also well known for his information diagram that elucidates the relationship between IT Threats, Security Management Controls, and Assets (Exposures). That elegant diagram is shown below.

NIST SP 800-55rev1 – Performance Measurement Guide for Information Security The NIST SP 800-55rev1 document contains invaluable tips for building a framework to measure and management of an information security management program. It’s not only authoritative and well-written by cybersecurity experts, and also freely available from the web. The diagram below shows NIST’s concept about building an Information Security Measurement Program.

William Slater Personal Experience and Observations

This section covers some of my own experiences with metrics. Examples of IT Security Related Metrics

From 2015 – 2016, I managed the Global Security Team for a large company in Chicago. It was a job I inherited, so I did not have the opportunity to design the monthly metrics reports I was producing. Still, many may find the example slides from the monthly report slide deck interesting. The collection, formatting, and analysis of this data required many hours of my time each month, but it was what our Global Executives expected to see each month.

139

141

The Dark Side of IT Metrics:

If you wondered if there is

80% vs 93%

a “dark side”

to security metrics, there

certainly can be. Many years ago, when I was managing a Data Center and also doing system administration for a very large energy company, our Service Level Agreement contract specified that our Team members would meet their pair and restoration metrics at least 80% of the time. Example, production servers that were classified as “Gold” had to be restored to service within four hours. If that window was exceeded, it was called a busted SLA, and the customer was constantly keeping score.

143

We were a Team with almost

300

members, all of whom

were talented and highly motivated, so we met our SLA performance obligations

93%

of the time. One day, our Management Team had a mandatory meeting and told us we were doing a great job, and in fact, too good of a job. They said feedback from the customer was that if we could achieve 93% performance, in the customer’s opinion that meant we have too many people on the Team, so maybe it was time for headcount reduction. Consequently, our Management Team advised the Team Members to slow down, not work so hard, and bring the successful SLA metrics down to around 80%.

5700 Remedy Tickets in 12 Months Another metric that is frequently used in the world of IT metrics is the Cost-Per-Ticket. A great example of this is the Messaging Team that I led at a large U.S. Government Agency from November 2006 – March 2008. There were 24 messaging engineers on the Team, and we had an annual contract budget for technical messaging services that was valued at $4.3 million. When you divide that $4.3 million by 5700 Remedy Tickets, it comes out to about $754.39 per ticket. It turns out that this is not only an important number, but it can be used by a Services Company and the Government to discuss the quality of service as well as the compensation for the average engineer on the contract. In fact, Management may come back and say, “We expect to pay no more than $690 / per ticket”. Again, this can and will lead to some serious conversations, so be aware and be ready to have such discussions if you aspire to leadership positions.

Randy Steinberg – Measuring ITIL In 2006, Mr. Randy Steinberg published a book that provided valuable insights and a framework for measuring the management functions related to the Information Technology Infrastructure Library (ITIL). The book also includes a CD containing an Excel file that provides workbooks for each ITIL management area, and these workbooks roll up data into a dashboard that can be used to quickly identify the performance of an Information Technology Department where ITIL has been implemented. Metrics for Incident Management are shown below, including Operational Metrics, Tolerance Levels, KPIs, and Critical Success Factors. In 2009 I was on a project at Peterson Air Force Base several years ago, implementing what became known as the world’s largest ITIL implementation, and the workbooks in this Excel spreadsheet became the basis for measuring ITIL, and providing progress reports to our management and project stakeholders. It was and still is an extremely valuable tool. I highly recommend it. The Incident Management Metrics shown below are from Mr. Steinberg’s Excel file.

Incident Management Metrics: Operational Metrics Total Number of Incidents Average Time to Resolve Severity 1 and Severity 2 Incidents (Hours) Number of Incidents Resolved Within Agreed Service Levels Number of High Severity/Major Incidents Number of Incidents with Customer Impact Number of Incidents Reopened Total Available Labor Hours to Work on Incidents (Non-Service Desk) Total Labor Hours Spent Resolving Incidents (Non-Service Desk) Incident Management Tooling Support Level Incident Management Process Maturity

Tolerance Levels Number of Incident Occurrences Number of High Severity/Major Incidents Incident Resolution Rate Customer Incident Impact Rate Incident Reopen Rate Average Time to Resolve Severity 1 and Severity 2 Incidents (Hours) Incident Labor Utilization Rate Incident Management Tooling Support Level Incident Management Process Maturity

145

By: William Favre Slater, III

Key Performance Indicators (KPIs)

Number of Incident Occurrences Number of High Severity/Major Incidents Incident Resolution Rate Customer Incident Impact Rate Incident Reopen Rate Average Time to Resolve Severity 1 and Severity 2 Incidents (Hours) Incident Labor Utilization Rate Incident Management Tooling Support Level Incident Management Process Maturity

Critical Success Factors Quickly Resolve Incidents Maintain IT Service Quality Improve IT And Business Productivity Maintain User Satisfaction

AND

REPORTING METRICS

CONCLUSION

Finally, to paraphrase Sigurjon Arnason and Keith Willett, having a well-managed, structured information security program that you are routinely monitoring, measuring, and reporting on is no guarantee that you will not get breached or come under cyberattack. However, it will assist in litigation management to show a judge and a potential jury that your organization takes risk management seriously.

By: William Favre Slater, III

This article has provided some guidelines to provide better cybersecurity services for your organization and discussed the importance of measuring and reporting on IT services, especially those related to cybersecurity. Your Management Team and the related stakeholders want to be able to measure the value and quality of the technical services you and your Team will be delivering. To optimize your Team’s performance consider multiple sets of metrics reporting techniques discussed in this article, and get on top of this important aspect of cybersecurity leadership.

AND

REPORTING METRICS

147

William Slater, President & CEO of Slater Technologies, Inc. He is based in Chicago, IL. He is a seasoned IT professional with more than four decades of experience. Since 2001, his primary focus areas have been Data Centers, Cybersecurity, Networking, Application Development, Service Management, Project Management, Program Management, Executive Leadership (CISO, CIO, and CTO) and Blockchain (since 2012). Mr. Slater is a patriotic American and a former U.S. Air Force Officer. In fact, he was one of the very first Cyberwarriors in the U.S. Air Force. He has been an Adjunct Professor for over 18 years, and holds three graduate degrees, including an M.S. in Cybersecurity, and 80 professional certifications, including CISA, CISSP, SSCP, and PMP.

14 9

His professional experience includes: the U.S. Air Force, Northrop, Digital Equipment Corporation, BP, Department of Veterans Affairs, Microsoft, IBM, and McDonald’s. He is a member of (ISC)2, PMI. ISACA, and the Internet Society. He is a strong supporter of Internet Freedom and the fact that “The Internet Is for Everyone.” You can see much more about Mr. Slater’s career and his work at: https://billslater.com/interview, https://billslater.com/career and at https://billslater.com/writing.

151

Marketers are using the word, "robot", to evoke a sense of futuristic technology, even when the item is being marketed in a "robot" by most definitions. It is not unlike the way marketers have used the word, "milk", to evoke the idea of something on pours on Thebreakfast word cereal, even though most dairymen would not is exciting to most people. It agree that the term. “Milk" sounds futuristic and the term is for "oat milk", hasappropriate been reinforced in our "soy milk",through "almond milk", etc. expectations science

“ “

robot"

fiction literature, games and movies. The consequence of this is that the term gets used by marketing people in situations where it clearly does not apply. This is a common marketing problem like "gluten-free", “sugar-free", "milk" and "organic".

Marketers are using the word, "robot", to evoke a sense of futuristic technology, even when the item is being marketed in a "robot" by most definitions. It is not unlike the way marketers have used the word, "milk", to evoke the idea of something on pours on breakfast cereal, even though most dairymen would not agree that the term. “Milk" is appropriate for "oat milk", "soy milk", "almond milk", etc.

“

Marketers are using the word, "robot", to evoke a sense of futuristic technology, even when the item is being marketed in a "robot" by most definitions. It is not unlike the way marketers have used the word, "milk", to evoke the idea of something one pours on breakfast cereal, even though most dairymen would not agree that the term “Milk" is appropriate for "oat milk", "soy milk", "almond milk", etc.

153

For

nearly 50 years, the

growth in field-deployed robotics has been in industrial settings. During this time, the trade organization, The Robotics Industries Association (RIA), coordinated with the American Marketers are using the word, National Standards Institute (ANSI) to of "robot", to evoke a sense create robot standards for use in the futuristic technology, even US in a committee called ANSI:R15, when the item is being and through ANSI coordinated with the marketed in a "robot" by most International Standards Organizations definitions. It is not unlike the (ISO) on the development of have used the way marketers international word, standards, for the idea "milk",which to evoke robotics is theofISO Technicalon pours on something Committee TCbreakfast 299. Recently RIA cereal, even though evolved into A3 Robotics, where A3 is most dairymen would not the Association for Advancing agree that the term Automation.

“

milk

" is

appropriate for "oat milk", "soy milk", "almond milk", etc.

You can learn more about ANSI:R15 and TC 299 on this A3 website: https://www.automate.org/a3content/global-robotic-standards and on this ISO website: https://committee.iso.org/home/tc2 99 Robotics definitions are outlined in a Marketers are using publication the word, called ISO 8373:2012 "robot", to evoke a sense of and some notable definitions futuristic technology,outlined even on the TC299 website are when the item is being as follows: marketed in a "robot" by most definitions. It is not unlike the way marketers have used the word, "milk", to evoke the idea of something on pours on an breakfast cereal, even though mechanism programmable most dairymen wouldactuated not agree that the term in two or more axes (4.3) with a degree of autonomy (2.2), moving within its environment, to perform intended tasks. This includes the " is system (2.7) and interface of control the control system. appropriate for "oat milk", "soy milk", "almond milk", etc.

robot :

“

milk

155

R obot i cs : the science and practice of designing, manufacturing, and applying robots (2.6) Marketers are using the word, autonomy: the"robot", ability to perform to evoke a sense of intended tasksfuturistic based on current even technology, state and sensing, whenwithout the itemhuman is being intervention. marketed in a "robot" by most definitions. It is not unlike the way marketers have used the word, "milk", to evoke the idea of something on pours on breakfast cereal, even though Robot: an automatically controlled, most dairymen would not reprogrammable multipurpose agree that the term manipulator, programmable in three or more axes, which can be either fixed in place or mobile for use in industrial automation applications. " is

I ndus t rial

“

milk

appropriate for "oat milk", "soy milk", "almond milk", etc.

This includes the manipulator and actuators as well as the controller, including teach pendant and any communication interface (hardware and software).

I ndus t rial

Marketers are using the word, "robot", to evoke a sense of Robot System: a system comprising futuristic technology,ofeven one or more industrial when the item is being robots, their end-effector(s) and any marketed in a "robot"machinery, by most equipment, devices, definitions. It is not unlike theauxiliary axes or sensors external way marketers have used the supporting the robot performing its word, "milk", to evoke the idea task. of something on pours on breakfast cereal, even though The classification of a robot into an most dairymen wouldindustrial not robot (2.9) or service robot agree that the term (2.10) is done according to its intended application. Industrial robotics systems and robotics are discussed in more detail in ISO " is 10218-2:2011, which also outlines appropriate for "oat milk", safety systems when robots are used "soy milk", "almond milk", as etc.

“

milk

157

This includes the manipulator and actuators as well as the controller, including teach pendant and any communication interface (hardware and software).

Industrial

Marketers are using the word, "robot", to evoke a sense of Robot System: a system comprising futuristic technology,ofeven one or more industrial when the is integrated being partitem of an robots,manufacturing their end-effector(s) and any system. The standard also covers marketed in a "robot" by most machinery, equipment, devices, the concepts of hand-guided robots, definitions. It is not unlike theauxiliary external axes or sensors way marketers have used the of mobile the manipulating portions supporting the robot performing its word, "milk", to evoke the idea robots. robots and collaborating task. of something oncollaborating pours on The term robot is about a decade It was created to help breakfast cereal,old. even though The classification of a robot into an distinguish between robots most dairymen would not industrial industrial robot (2.9) or service robot agree that the terma barrier between needed (2.10) is done according to its human workers in the factory for Industrial intended application. safety and robots in situations robotics systems and robotics are deemed "safe enough" to not need a discussed in more detail in ISO " is opened safety barrier, which the 10218-2:2011, which also outlines door for where human appropriate forsituations "oat milk", safety systems when robots are used workers and robots "soy milk", "almond milk", etc. work side as could by side and even directly interact with each other.

“

milk

A robot could now be a "coworker" or as the term was coined for this situation, a "cobot" or collaborative robot.

Electric motor-based robots had the

Cobots

This includes the manipulator and actuators potential to as bewell as the controller, including teach pendant and any for years, but there was prejudice communication interface (hardware against this idea because early and software). industrial robots were designed using hydraulic power, where two opposing hydraulic systems would be used to move the robot in a precise Marketers are usingway. the Each word,side applied opposing "robot", to evoke a sense of to hold the robot in one pressure Robot System: a system comprising futuristic technology, even position and to move the robot the of one or more industrial when the item is being controller would increase pressure robots, their end-effector(s) and any marketed in a "robot" onmachinery, by one most side and/or reduce pressure equipment, devices, definitions. It is noton unlike the other the side. uses oil external auxiliaryHydraulics axes or sensors way marketers haveand used the to create the pressure in pumps supporting the robot performing its word, "milk", to evoke the idea the hoses that are connected to task. of something on pours eachonopposing system. breakfast cereal, even though The classification of a robot into an most dairymen would Systems not likerobot bulldozers bucket industrial (2.9) orand service robot agree that the termloaders use these types of systems, (2.10) is done according to its sointended one canapplication. imagine theIndustrial forces involved lift heavy loads. The are roboticstosystems and robotics main safety in problem with these discussed more detail in ISO " is types of systems is that if one side 10218-2:2011, which also outlines the systems opposingwhen forcerobots remains appropriate for "oatfails milk", safety areand used robot arm will move uncontrolled "soy milk", "almondthe milk", etc. as until its limit of motion is reached or it crashes into an obstacle.

Industrial

“

milk

159

In order to prevent

dea t h

or serious injury,

safety requirements were put in place requiring safety barriers and preventing operators from being within the work envelope or range of motion of the robot arm.

When human workers are within the work envelope or range of motion of a robot arm there is a risk of contact, which although not fatal, could result in bruises or slight injury.

Electric robot arms do not use opposing forces to move, but they use a closed-loop system that applies force using an electric motor and measures movement with position feedback, usually provided by an encoder that counts and reports to the controller the rotation or linear position of an actuator on the robot arm. If a robot is designed for heavy liftings...like lifting a car, then there is a danger if the robot moves in an uncontrolled way by losing count from the encoder from a faulty wire.

How long would a supervisor tolerate a human coworker who regularly injured or bruised another person they were working with? We, at this time, do accept this risk with cobots, so there is pressure on roboticists to develop cobots whose behavior is more like that of a human coworker.

If a robot handles lighter loads and moves more slowly then the risk is much smaller, and this is the motivation for creating a new class of robots that do not need safety barriers. One of the ironies of cobots, is that we, as a society, allow more risks from a cobot than from a coworker.

The current focus is the communication of "intent" and the understanding of "intent". The main way human workers avoid hurting each other in dangerous situations is the communication of intent - this can be as subtle as "looking where you are going" or verbally warning others. Some robot companies are

giving cobots

"eyes "

that have the purpose to communicate intent rather than seeing.

Two "eyes" on a screen can move in a way to imitate the appearance of "looking" in the direction that the robot arm will move and signal intent. Lights and sound can also be used to communicate intent. Research at Cornell University is focused on helping robots to better understand the intent of humans. For example, if I am standing in front of a refrigerator door in your kitchen and you start to open the fridge door, I know to get out of your way without asking me to move. One day soon, a robot in your kitchen will need to have the same ability. This is also one of the challenges facing vehicles, how can they recognize the intent of a human operator when they are both entering an intersection? How can the autonomous vehicle clearly communicate its next move to the human operators around it or to the pedestrians sharing the street?

Another

term that is

barely a decade old is "mobile robot". For decades, robot arms were mounted on tracks that moved on a slide or limited motion.

Robot arms where then mounted on carts that could move along predefined paths, which were outlined by either a visible line on the floor or guided by a wire buried in the floor, either of these methods provided a track that guided the cart as it moved under its own power these were called automated guided vehicles or AGVs.

AGVs

could move around

factories and warehouses on their own without human intervention. They could avoid hitting something by stopping, but since they operated on a track - either physically or through sensors, AGVs were limited in their ability to move around an obstacle or take another route. More than a decade ago, a company, called KIVA, innovated a new type of mobile cart that moved around a warehouse using an internal map and sensors to interpret the spaces around the cart. Amazon recognized the potential of this innovation and rather than being a customer, they bought the entire company in 2012. They refined this new type of robot called an "autonomous mobile robot" or AMR and quickly gained a competitive advantage in warehouse management and logistics.

161

AGVs

could

vehicles, how can they recognize the intent of a human operator when they are both entering an intersection? How can the autonomous vehicle clearly communicate its next move to the human operators around it or to the pedestrians sharing the street?

move around factories and warehouses on their own without human intervention. They could avoid hitting something by stopping, but since they operated on a track either physically or through sensors, AGVs were limited in their ability to move around an obstacle or take another route. More than a decade ago, a company, called KIVA, innovated a new type of mobile cart that moved around a warehouse using an internal map and sensors to interpret the spaces around the cart. Amazon recognized the potential of this innovation and rather than being a customer, they bought the entire company in 2012.

Another term that is barely a decade old is "mobile robot". For decades, robot arms were mounted on tracks that moved on a slide or limited motion

They refined this new type of robot called an "autonomous mobile robot" or AMR and quickly gained a competitive advantage in warehouse management and logistics.

This is also one of the challenges facing

Autonomous

AGVs

could

Another term that is barely a decade old is "mobile robot". For decades, robot arms were mounted on tracks that moved on a slide or limited motion

They refined this new type of robot called an "autonomous mobile robot" or AMR and quickly gained a competitive advantage in warehouse management and logistics.

This is also one of the challenges facing

Autonomous

Of course, other firms used the convergence of sensor technologies, spatial computing, machine learning, and robotics to create a new generation of AMR. This includes the manipulator and actuators as well as the controller, including teach pendant and any Today they are many AMRs on the market, but Amazon did securecommunication a interface (hardware lead in the market with nearly sole and software). access to the earlier developments in the technology.

Industrial

Although news media talks about areand using the word, AugmentedMarketers Reality (AR) Virtual "robot", to evoke a sense of Reality (VR) with much hype, theRobot System: a system comprising futuristic technology,ofeven one practical and real innovations are in or more industrial when the item is being robots, their end-effector(s) and any a technology called "spatial marketed in a "robot" by most equipment, devices, computing" which are computermachinery, definitions. It isthat not can unlike theauxiliary axes or sensors programs and algorithms external way marketers have used the assign and retrieve data from threesupporting the robot performing its word, "milk", to evoke the idea task. dimensional space. In its simplest of something on pours to on form, you can use the technology even though remember breakfast where youcereal, left something The classification of a robot into an most dairymen would not and go find it later. industrial robot (2.9) or service robot agree that the term (2.10) is done according to its intended application. Industrial In other instances, you can store and change information in physical robotics systems and robotics are locations - for example, a pipe can discussed in more detail in ISO " is be assigned data indicating where 10218-2:2011, it which also outlines for "oat milk", starts and appropriate ends and current data safety systems when robots are used "soy milk", "almond milk", as etc. within the pipe like pressure and flow rate, so as you walk along the pipe you have all the relevant information that might interest you.

“

milk

Spa t i a l

computing This includes the manipulator and actuators as well as the controller, can also create lanes forany including teachvirtual pendant and AMRs and virtual interface "road in the air" for communication (hardware autonomous drones (which are a and software). type of AMR) to follow to avoid collisions and limit travel over homes or schools. The technology is evolving to allow robots to see and Marketers are usingrecognize the word,objects as well as set the "robot", to evoke a sense of their correct geographic object RobotinSystem: a system comprising futuristic technology, even locations based on perspective or of one or more industrial when the item is being feedback by technologies like and LiDAR. robots, their end-effector(s) any marketed in a "robot"machinery, by most equipment, devices, definitions. It is notToday, unlike most theauxiliary AMRs axes are used in external or sensors way marketers havewarehouses used the or in its supporting to themove robotcarts performing word, "milk", to evoke the idea factories to carry large items. In a task. of something on pours on warehouse, most AMRs move carts breakfast cereal, even ofThe goods though by moving of under the into cartan classification a robot most dairymen would and not then engaging withorthe cart or industrial robot (2.9) service robot agree that the termlifting the cart and moving it to the (2.10) is done according to its desired location and then setting the intended application. Industrial cart down systems or simplyand releasing theare robotics robotics cart. This saves a great deal discussed in more detail in of ISO " is money because only moving carts 10218-2:2011, which also outlines have thesystems costs ofwhen motors and are used appropriate for "oat milk", safety robots "soy milk", "almondbatteries, milk", as etc.while stationary carts are relatively low cost.

Industrial

“

milk

165

Imagine if your car had no wheel nor engine and was just a pod with doors and seats and a luggage area, then when you get into the "car" you opened an app and said where you wanted to go, and then a platform of wheels came down the street moved under the pod you are sitting in and whisked you to your destination, where is "parked" your car and moved on to move other people. The parking garage would be filled with parked "cars" that have no wheels, motors, or batteries - we could save billions in tires, motors, and batteries and this is precisely what AMRs are doing for warehouses. In factories, AMRs are moving bills of material items to where they need to be on the factory floor. Autonomous Mobile Robots bring industrial robots the parts needed for the assembly of goods. As AMRs grow in size and capacity they are replacing conveyors and bringing the product being assembled from industrial robot station to robot station. This is happening with items as large as cars and trucks. The convergence of cobots and AMRs are bringing new innovations into a wide variety of industries. A robot arm on a mobile robot allows a robot to move autonomously and pick and place items on shelves in warehouses.

In warehouses, these systems look like carts with arms as they use wheels to move on a flat surface. Outside of the warehouse, the AMRs are using other forms of mobility some walk on two legs, some on four legs and some fly. All of these innovations have common characteristics and share technology. They are taking off with exponential growth today because the cost of technology is coming down as the power is increasing. Machine learning has greatly contributed to autonomous systems and has now endowed robotics with modules to perform tasks that were difficult to write programs for using traditional programming. Of great example of these modules at work is the process of "bin picking". Humans can easily reach into a bin of parts and pick up a specific item - whether rigid like a bolt, or flexible, like a stuffed toy. If you ever played the arcade game of using a crane and claw to pick up a stuffed toy from a pile you can imagine the challenges of programming a robot to achieve this feat, but, using machine learning, can develop successful bin picking capabilities with just hours of training, which is faster than writing a program to do the task.

Most of the technologies involved in the convergence creating exponential growth in so many industries fall under the umbrella of "mechatronics". The term is attributed to a Yaskawa engineer in 1969. Yaskawa is an early developer and vendor of industrial robots and robotics systems. France incorporated it into their standard called NF E 01010 with the definition "approach aiming at the synergistic integration of mechanics, electronics, control theory, and computer science within product design and manufacturing, in order to improve and/or optimize its functionality", so industrial robots, robotic systems, 3D printing systems, autonomous vehicles, and most Exponential Technologies rely on Mechatronics. The Aerial Euler diagram from RPI's website is an interesting way to view the components of mechatronics and how they interact. Since robotics is a subset of mechatronics the diagram is also appropriate for robotics and a good way to start understanding how robots are designed, built, and function. Which areas of this diagram are you already familiar with? Which ones who help you complete your knowledge of mechatronics and robotics?

167

Everette Phillips has been a roboticist since 1982 and involved with the growth of industrial robotics serving in roles of engineering and management. He served on the board of the Robotics Industries Association during the 1990's and has experience in the use of robotics spanning North America, Europe, and the Asia Pacific region. Everette began his interest in systems engineering while studying Bioengineering at Cornell University, and he has remained fascinated by Mechatronics, Robotics, and Biosystems engineering ever since.

16 9

Everette is an entrepreneur and active with Entrepreneurship at Cornell. He also holds an MBA from the Anderson School of UCLA and is active in the Bruin community. In addition to consulting, mentoring, and speaking related to various Exponential Technologies, such as robotics, Everette is active as a philanthropist and volunteers in efforts to use technology to help nonprofits involved with sustainability and environmental issues.

171

“

I believ e

Lately, I’ve found myself asking should I really be concerned? there are only two public policy issues that President Trump and Vice President Biden According to Bloomberg, agree upon: The status Chinese-controlled quo of Section “ByteDance/TikTok, led by Zhang Yiming, 230 of the 1996 Telecommunication is Act becoming a viable rival to the is no longer acceptable; TikTok is dominant online a threat American to our cyber and behemoths, Facebook Inc.and national security. Alphabet Inc..” Last year, TikTok’s net profit wasenough, approximately Interesting these two issues $3are billion and theSection company interlinked. 230 of the estimates that it has about 80 Communications Decency Act million active (CDA monthly 230) gives freeusers reign in to the Unitedplatforms States, 60% of Internet operating in whom are female and 80% the United States to act with fall betweenasthe ages ofto user Impunity it relates 16generated and 34. content. OfPredictably, particular concern that 60% of this hasisled TikTok users areand Gendestructive Z, which is the to unintended largest generational in American consequences. But,cohort left unsaid is history will include million people what and Big Tech doesn’t74 want anybody to next year.– CDA 230 also unwittingly shields realize China as America’s top geopolitical adversary Aschallenges a champion of national free markets,I would security U.S. and economic normally be at among right here home.the first to applaud an upstart bringing a competitive “A” game to challenge dominant incumbent players no matter According to Bloomberg, Chinese-controlled where they are based. led Butby weZhang have learned from “ByteDance/TikTok, Yiming, is experience homegrown social networking becomingthat a viable rival to the dominant American companies like Facebook/Instagram, Google, and Twitter online behemoths, Facebook Inc. and Alphabet exert dominant and controversial influence Inc..” Last year, TikTok’s net profit was in U.S. public policy debates – $3 what sort and of foreign influence should we approximately billion the company expect TikTok to exert this 80 year’s election. estimates that it hason about million monthly active users in the United States,

6 0%

of whom are female and 80% fall between the ages of 16 and 34. Of particular concern is that 60% of TikTok users are Gen Z, which is the largest generational cohort in American history and will include 74 million people next year. As a champion of free markets, I would normally be among the first to applaud an upstart bringing a competitive “A” game to challenge dominant incumbent players no matter where they are based. But we have learned from experience that homegrown social networking companies like Facebook/Instagram, Google, and Twitter exert dominant and controversial influence in U.S. public policy debates – what sort of foreign influence should we expect TikTok to exert on this year’s election.

“

Lately, I’ve found myself asking should I really be concerned?”

Whether Trump or Biden, doesn’t it bother anyone else that a Chinese-controlled social network was used to interfere with an American presidential campaign event at the same time that

173

tensions between our two countries are escalating? Even then Vice President Biden has banned TikTok from campaign phones and computers. As Mr. Magid’s article acknowledges, “(i)t’s long been known that social media can have a huge impact on politics.

WUO HU ZHAN LON

Another recent article, titled “Anonymous Hackers Target TikTok: ‘Delete This Chinese Spyware Now,” states that TikTok is “a data collection Service that is thinly veiled as a social network. If there is an API to get information on you, your contacts, or your device, they're using it.” The other fact to connect is that the key driver for algorithms and artificial intelligence, especially when dealing with human behavior, is vast data on human interaction. It is one of the main reasons that Microsoft is so interested in buying TikTok.

So now we are confronted with a Chinese based “social networking” site growing more rapidly than any homegrown US competitor and collecting more data on our youngest and most easily influenced demographic at the same time that China, Russia, and Iran are using social networks to undermine our democracy.

“

Let’s not forget that this social networking site has been proven not to be secure and agreed to pay $5.7 million to settle Federal Trade Commission (FTC) allegations that it illegally collected personal information from children, the largest civil penalty ever According obtainedtobyBloomberg, the FTC in aChinese-controlled children’s “ByteDance/TikTok, led by Zhang Yiming, privacy case. is becoming a viable rival to the dominant But mostAmerican alarmingonline is that TikTok behemoths, Facebook Inc.and is protected by CDA 230 and cannot Alphabet Inc..” Last year, TikTok’s be held accountable for the actions net was approximately ofprofit its "users" even if those "users" $3happen billion and company to bethe foreign governments. estimates that it has about 80 For example, if the Chinese million monthlyisactive usersTikTok in government leveraging for theitsUnited States, 60% of own strategic advantage, the whom are female has and no 80% US government recourse fall between the ages of activities. against TikTok for these 16The andimpunity 34. provided by CDA 230 to TikTok, as well as Chinese and other Ofhostile particular concern isdirectly that 60% of governments, threatens our TikTok users are Gen Z, which is the democratic process. Even more troubling largest cohort in American is thegenerational fact that TikTok, along with Facebook history and will include 74 million people and other social networking sites, cannot be next year. held responsible for illegal conduct occurring on their platforms – even when they know about it. As a champion of free markets,I would normally among the first to applaud anour Besidesbe the potential of interfering with upstart bringing a competitive “A” to game to elections, TikTok also continues facilitate the challenge dominant incumbent players no matter sale of illegal drugs. Remember, TikTok’s core where they are based. we have learnedfor from demographic and theBut intended audience experience that homegrown social networkingof Gen these posts consists primarily of members companies like between Facebook/Instagram, Google, Z, those born 1995 and 2012 – ourand Twitter exert dominant and controversial influence in U.S. public children. policy debates – what sort of foreign influence should we expect TikTok to exert on this year’s election.

Lately, I’ve found myself asking should I really be concerned?

175

manipulate our public opinion, and steal our data. They will use an all-tools and all-sectors approach— and that demands our own [t]he Chinese government all-tools and all-sectors approach in response.” is engaged in a broad, diverse campaign of theft For addressing this clear and present and malign influence, danger, the United States must modify CDA 230 and ensure that we and it can execute that have all the tools necessary to hold campaign with TikTok accountable for criminal authoritarian efficiency. activity that occurs by “others” on their platform. Importantly, this They’re calculating. includes illegal actions taken by the They’re persistent. Chinese government to misappropriate the site, and the They’re patient. And massive amounts of data it collects, they’re not subject to the in order to inflict harm on the US and its allies. Finally, we must avoid righteous constraints of inadvertently making this problem an open, democratic worse by spreading the excessively society or the rule of law… broad and antiquated immunity of CDA 230 through trade agreements China, as led by the with other countries. Chinese Communist Party, is going to continue to try to misappropriate our ideas, influence our policymakers

“

I will leave you with a quote from a recent speech at the Hudson Institute by FBI Director Christopher Wray. He stated:

179

Lane worked for U.S. Representative Joseph D. Early (D-MA) as an Associate Staff member to the House Appropriations Committee. Served on the Federal Trade Commission’s Advisory Committee on Online Access and Security and He served for 15 years as the Senior Vice the Virginia Attorney General’s President of Government Affairs for 21st Online Safety Task Force. Century Fox. He also served as the Vice Chair and Treasurer of the 21st Century He is one of the Executive Producers FOX Political Action Committee (FOXPAC). of the award winning documentary, A MOST BEAUTIFUL THING. Director of Congressional Affairs focusing on E-Commerce and Internet public policy issues for the United States Chamber of Commerce. Lane is a tech policy expert, child safety advocate, and the founder and CEO of Iggy Ventures. Iggy advises and invests in companies, projects, and public policy initiatives that can have a positive social impact.

18 1

183

Unless you’ve been on a long flight returning from Mars, you’re likely not a stranger to the negative impact that cybersecurity or lack thereof is having across the world. The volume, variety, and voracity of cyber-attacks continue to increase while the industry seems to drown itself in acronyms, jargon, and technologies. Like other industries, it is essential to have a minimum basic appreciation of the language so that your business may effectively navigate the landscape. For industry practitioners, these terms are full of insights that assist with helping to serve their clients, although without understanding drivers of these terminologies, they are effectively useless to the business! Business owners and Senior leaders struggle with ascertaining risk that is presented to the business. These frameworks, guidelines, and standards help businesses standardize so they may relate in a common language.

are like many of us

I f you A BIA or Business Impact Assessment serves to answer the question, “What are we protecting? ” It can also assess how much risk is being presented to the business in financial terms and these are meaningless can serve as a starting point for understanding how to prioritize cybersecurity investments to the words without reduce liability to the business and mitigate necessary context. financial exposure. At the most basic level the Business Impact Assessment surfaces why and where to invest in cybersecurity so that the business may maximize its investments. At the higher end of the serves continuum, A BIA or Business Impact Assessment to a BIA can be very granular is combined with a answer the question, “What when are wedata protecting? ” vulnerability scan using historical data and It can also assess how much riskand is being financially algorithms. presented to the businessoptimized in financial terms andThis can help a identify much financial exposure is can serve as a business starting point for how understanding associated withinvestments a specific vulnerability or type of how to prioritize cybersecurity to reduce liability cyber-attack. to the business and mitigate financial exposure. At the most basic level the Business Impact Assessment surfaces why and where to invest in cybersecurity so that the business may maximize its investments. At the higher end of the continuum, a BIA can be very granular when data is combined with a vulnerability scan and using historical data and financially optimized algorithms. This can help a business identify how much financial exposure is associated with a specific vulnerability or type of cyber-attack.

185

“With these insights, businesses can utilize this method to help prioritize and strategically discuss their risk exposure, while crafting a plan to mitigate their financial liabilities.” A BIA or Business Impact Assessment serves to answer the question, “What are we protecting? ” It can main also assess how much risk is being for There are four strategies available to the business in financial terms and treatment: presented can serve as a starting point for understanding how to prioritize cybersecurity investments to reduce liability to the and mitigate 1. Risk reduction 2.business Risk avoidance financial exposure. At the most basic level the Business Impact Assessment surfaces why and where to invest in cybersecurity so that the 3. Risk retention 4. Risk transfer business may maximize its investments.

risk

At the higher end of the continuum, a BIA can be very granular when data is combined with a NIST Cybersecurity Framework (CSF) Performing a Business Impact scan and using The vulnerability historical data and approach is based Assessment helpsfinancially to quantitatively optimized algorithms. This can help aon grounded IT identify how muchbusiness risk is presented to much security identify how financialexpertise. exposure is the business and how to craftwith a strategic associated a specific vulnerability or type of The guidance is based on existing plan that businesscyber-attack. owners and senior standards, guidelines, and practices for leaders can review with board members. organizations to better manage and reduce cybersecurity risk. Compared to the National Institute of Standards and Technology (NIST), the In addition to helping organizations NIST Cybersecurity Framework serves as manage and reduce risks, it was a model for international cooperation on designed to foster risk and cybersecurity strengthening cybersecurity in critical management communications amongst infrastructure, as well as other sectors both internal and external organizational and communities. stakeholders.

187

I dent if y

– Develop an

organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities. The activities in the Identify Function are foundational for effective use of the framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome categories within this function include Asset Management, Business Environment, Governance, Risk Assessment, and Risk Management Strategy. Protect – Develop and implement appropriate safeguards to ensure delivery of critical services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome categories within this function include Identity Management and Access Control, Awareness and Training, Data Security, Information Protection Processes and Procedures, Maintenance, and Protective Technology.

P rotect

– Develop and

implement appropriate safeguards to ensure delivery of critical services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome categories within this function include Identity Management and Access Control, Awareness and Training, Data Security, Information Protection Processes and Procedures, Maintenance, and Protective Technology.

Det ec t

– Develop and implement

appropriate activities to identify the occurrence of a cybersecurity event. The Detect Function enables timely discovery of cybersecurity events. Examples of outcome categories within this function include Anomalies and Events, Security Continuous Monitoring, and Detection Processes.

189

R es pond

–

Develop and

implement appropriate activities regarding a detected cybersecurity incident. The Respond Function supports the ability to contain the impact of a potential cybersecurity incident. Examples of outcome categories within this function include Response Planning, Communications, Analysis, Mitigation, and Improvements.

R ecov er

– Develop and

implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident. The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity incident. Examples of outcome categories within this function include Recovery Planning, Improvements, and Communications.

Conclusion Unlike payment card industry standards (PCI), the health insurance portability and accountability act (HIPAA), and the cybersecurity maturity model certification or audit, the NIST CSF guidelines can be utilized across many industries to help reduce risk exposure from cyber-attacks.

Such frameworks, guidelines, and standards are used as a compass to help navigate the cybersecurity terrain, normalize on a common language, and help mitigate cybersecurity exposure and risk to the business. Engaging with an expert or industry practitioner helps to reduce duplication and “time-to-value,” and can position the organization to achieve the desired outcome.

Payment Card Industry Standards or PCI are specific to organizations handling or storing Personally Identifiable Information (PII) and engaging in financial transactions. In contrast, the Health Insurance Portability and Accountability Act or HIPAA and the Cybersecurity Maturity Model Certification (CMMC) are specific to organizations handling or storing healthcare specific data or are related to the Defense Industrial Base (DIB), respectively. Although it is useful, performing a Business Impact or Cybersecurity Framework Assessment does not divest a business from performing a PCI, HIPAA, or CMMC audit if they fall into one of these business segments.

191

Telecommunications, Data Networking, Online Services, IT Outsourcing, Data Center Operations, Cloud Computing, Software-as-a-Service, Server Virtualization, Call Center Technologies, Disaster Recovery, Voice-over-IP, Security and Professional IT Services. Specialties: Security, Managed Services, Dense Data Center Infrastructures, Cloud Computing, Voice-over-IP and Professional IT Services. Design and support high density data center environments, centralized and distributed TDM and IP voice solutions, managing global call center projects, building global communication networks (IP, MPLS, DWDM, Privateline, ATM and Frame-relay) and assembling multi-tier security solutions and strategies.

19 3

“Everybody wants to go to the heaven but nobody wants to die”.

No wonder why many people are just trying to get through the work week, so they can escape from life on the weekends. Working in an environment or in a job where we do not share the same vision & goals will not help us reach our full potential. We will not be at our best if we don't love what we do. Knowing the importance and the positive impact we are going to have, help us ignite the spark within ourselves to pursue what we want. Hence, raising people’s awareness about themselves or their situations is the number one step toward any change! Why?

BRAIN WAVE

The world is full of people who don't believe in the beauty of their own dreams, that is why they don't take the required actions to make them a reality.

BRAIN WAVE

For two simple reasons: First:

No amount of external advice or forces will have the right influence on people if they do not have the internal desire and motivation. You cannot force someone to change! The desire to change needs to come from the inside. "You can't make something beautiful with force". Bulgarian Proverb

Second:

No one knows what’s best for you than yourself! No one else can understand your internal motivations for why you do what you do. Self-awareness is not self-judgment. It is feeling, seeing, & discovering who we really are & our true potential. A journey to ourselves is the best journey we will ever go. Now! When will you start that long journey into yourself?! "The desire to know your own soul will end all other desires". Rumi

197

Mousa Al-Bharna is a graduate of King Fahd University of Petroleum & Minerals. He has a BS in Computer Engineering. His areas of expertise include: Data communication, Information security, LAN/MAN networks, Computer programming languages (Java, C, Assembly, SQL), Operating System, Computer architecture, Database System, Information Security. Al-Bharna is a Relationship Mentor and Life Coach | Negotiation & Influence | Author: The Beauty of Pain eBook|

117 19 9

TECHNOLOGY IN THE MAKING

PUBLISHER - EDITOR

TECHNOLOGY IN THE MAKING DISCLAIMER: This Magazine is designed to provide information, entertainment and motivation to our readers. It does not render any type of political, cybersecurity, computer programming, defense strategy, ethical, legal or any other type of professional advice. It is not intended to, neither should it be construed as a comprehensive evaluation of any topic. The content of this Presentation is the sole expression and opinion of the authors. No warranties or guarantees are expressed or implied by the authors or the Editor. Neither the authors nor the Editor are liable for any physical, psychological, emotional, financial, or commercial damages, including, but not limited to, special, incidental, consequential or other damages. You are responsible for your own choices, actions, and results.

LINDA RESTREPO

PUBLISHER - EDITOR