Platt Perspective on Business and Technology

From stuxnet to heartbleed – the impact of US national cybersecurity doctrine and practices on businesses and markets 1

Posted in business and convergent technologies, in the News by Timothy Platt on November 5, 2014

This is my 19th installment in an occasional series on international cyber-security and the changing nature of threats faced and responses offered to them (see Ubiquitous Computing and Communications, postings 58 and loosely following for Parts 1-15 and Ubiquitous Computing and Communications – everywhere all the time 2, posting 296 and following for Parts 16-18.) This is also my fourth installment in a sub-series within that, with its postings titles collectively identified as: From Stuxnet to Heartbleed.

I add here, for purposes of this posting and its line of discussion, that the issues I address here are also closely related to those of a more strategy-oriented series that I have also been writing to, there focusing on strategy and operational practice in the United States and among its allies in the War on Terror, and on an emerging new Obama cyber-defense doctrine (see the series: Learnable Lessons from Manning, Snowden and Inevitable Others, as can be found at Ubiquitous Computing and Communications – everywhere all the time 2 as postings 225 and loosely following.)

My goal for this posting, as noted at the end of the 18th installment to this series: From Stuxnet to Heartbleed – the operational side of national cybersecurity and its issues 3 is to finally, formally address the issues of:

• The impact that the surveillance programs outed by Edward Snowden have had on telecommunications companies and on online businesses in general for their being publically disclosed.

I use the word “finally” there because this is where I at least begin to formally and more systematically address a complex of issues that I have been leading up to and that I have been stating intent to discuss for quite a while now. I have finally reached a point where I have built a sufficient foundation for that, so I begin that portion of the larger overall discussion of cyber-security in the early 21st century here.

My goal here is in fact wider-ranging than indicated in my above repeated bullet point, as I intend to more systematically discuss how the emerging Obama cyber-security doctrine as a whole has impacted in its implementation efforts, on businesses and on markets in general and both within the United States and globally. See The Emerging Obama Cyber-Doctrine, Part 1, Part 2 and Part 3 for a background discussion of this doctrine and its underlying assumptions and overall priorities and goals, and also see When a Search for Absolute Security Becomes the Norm for a discussion of how this doctrine and its underlying assumptions have been taken up by allied nations in the War on Terror.

My primary goal for this posting is simply to outline some of the key areas where emerging national government policy on cyber-defense are coming to have significant impact. And with that in mind, I begin what will develop into a short series of postings with an orienting list of some of key discussion points to come:

• The Obama cyber-doctrine and its implementation through open-ended surveillance programs have raised broad-based civil rights and United States Bill of Rights concerns. And from a business and marketplace perspective, this had led to concern over capability of businesses to even be able to secure personally identifiable and other confidential customer and employee information. This had led to court challenges and imposed operational restrictions and particularly as US based businesses seek to reach out to and do business with customers in countries such as Canada or the nations of the European Union. And it has also led to increased anticompetitive barriers to participation in marketplaces in countries like China – a complex of issues that I will also discuss as part of this portion of this larger discussion, as well as discussing business and marketplace pushback.
• The Obama cyber-doctrine and its implementation, as most recently discussed here in my posting: The Operational Side of National Cybersecurity and its Issues 3 have also directly created avoidable risks for businesses and organizations of all types and for marketplaces and their individual and organizational participants.
• And both of these sets of challenges have served to add significant risk and potential costs, reducing the competitiveness of American businesses and interests – in the name of enhancing overall national security. I could, and I add will argue that this dichotomy of vision and of consideration of consequences limits capability of achieving either full achievable American business competitiveness in world markets, or American national security.

I am going to at least start discussing the issues raised in the first of these three bullet points in my next series installment. Meanwhile, you can find this posting and related at Ubiquitous Computing and Communications – everywhere all the time and at its Page 2 continuation.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: