So, I just finished a week-long course in "Epidemiologic Simulation Modeling" using primarily Reed-Frost, Markov Chain, and State Transition stochastic methods. Don't worry so much about the types of methods, but realize they are stochastic (think Bayesian), so they incorporate randomness into the mathematical model (they can be created in excel).
On the last day of the course, there was a class on modeling complex disease network transmission and they described methods of network analysis (think social network analysis). Further, they discussed the difference between random networks (e.g. U.S. road system) and scale-free networks (e.g. U.S. air traffic). I laughed when they mentioned that scale-free networks are resistant to disruption, however, if someone removes a hub (a central node with a lot of connections), it can cause system-wide collapse (a la cascading infrastructure failure).
In all, I believe there's a huge opportunity in this which can be combined with some of the 'open-source'/'swarm theory'/'wisdom of crowds' theories - basically, the network analysis can be used for analysis, targeting, and simulation, while the other theories can be used for targeting, collection, and simulation.
They fit in well with Ben's post because:
1) network analysis (at least initially) must be completed at a local level or a focused topic (just too complex for a large-scale effort initially); therefore, it lends itself well to state/local efforts.
2) in conducting the network analysis and open-source framework, one must look holistically at it, otherwise, it will not be useful on a broad-scope.
3) ditto on IWS core business area and EML.
4) very few people are using these methods for intel, disease, etc.; instead, they are primarily used in sociology, transportation, and automation.
5) if we can move on this, we can become leaders in the area, especially in the intel and health communities.
6) talked with jim and he brought some of this up....he mentioned that we can bill against researching this topic for Argus targeting, analysis and collection.
7) there are academic folks in Colorado (and elsewhere) who are interested in conducting basic research in these areas....just need to give them ideas for research.
I think combining our comments and moving forward can provide a short-term payoff with targeting, analysis, and collection, while providing a long-term benefit with developing simulations/models that can randomly generate scenarios for table-top and desktop training (e.g. EML).
Subscribe to:
Post Comments (Atom)
2 comments:
I apologoze for being absent on much of this talk thus far, and the following is VERY long, but my thoughts on BNW are that this book is ultimately about tactics and not strategy. Having worked in the CT realm, CT is by defenition reactive and not proactive. Robb's arguments are strong and have been stated by Bin laden in the past. The question for us is to decide how to be PROACTIVE in defending this issue. Dom and I discussed several ways of doing that and the blog thus far has offered some great thoughts. Of course I liken my approach to a PROtective advance for a POTUS trip. So if Robb's arguments are from a tactical stand point, then our answers should be from a Strategic defense. I also think that we should pose our thoughts and defense surrounding the issues brought to my attention this weekend.
This weekend I had a discussion with Walied Shater, Director of Security for Conoco Philips. For those of you who do not know who Walied is, He is a former USSS SA that I am very close friends with and who will eventually be a partner in Pontifex 360. He is also our point man in the Middle East and Northern Africa, learning the ropes out there. He made some statements this past weekend that may prove worthy of our discussion on a way forward with BNW. He made a very/VERY strong case for the fact that Corporations do not know what they do not know and do not care! Security is not a Primary focus for them, UNLESS it affects the bottom line. We all can agree that in the BNW, Robb makes a strong argument for AQ's attack on finances. I am sure we can all agree that this is a true statement. There are many quotes from Bin laden about his desire to bring down the USA financially and bleeding us dry. In this vain, whatever we come up with to defend against this type of attack, with technology, emergency preparedness, or otherwise... we must concentrate verbalizing the protection of assets. Financial assets will be a factor with everyone we talk too. Even if our goal is altruistic and for the greater good of Ameerica and the defense of our country and way of life, it will not matter if it; Costs too much, Will not make financial sense, or not appeal to legislators who need to make choices between new roads, pandering to businesses, or security. I am sure I will sound corrupt in this thinking, but it came to me in a question by Walied when he asked, How does Pontifex 360 help me in my business? He asked that question to make a point..... and is much like the point I am trying to make here...
Business, Government, want to make or save money! How does what we do benefit the bottom dollar?
I believe that this is the frame of mind we will need to be successful in answering the security question we all know is most important. If we couch our response to the BNW and its argument that AQ wants to financially deplete the USA, then let us offer the Government/Corporate the facts of how much money they will loose, how much money it will cost to fix things after an attack, and how much money we can SAVE them with our product.
Walied stressed the need to find a way to sell our products as a "money saver" and benefit to our clients. Simply stating that we are the best in security and our abilities will make your company safer, is not enough. The clients he deals with are not as concerned with security, unless something happens to them that will COST them MONEY.
Walied made the following 2 points: (again, these are the mind set he is encountering, not necessarlity his personal opinions)
1. Word our products in a manner that offers financial benefit to our customers.
2. "Best" security does not resonate with the companies, saving money and costs.
Walied also talked about his relationship with Olive Group. He talked about a dinner he had with the Founder of Olive Group who offered his dismay on how difficult it has been for him to break into the US market. Walied, in discussions with Greg and I, did not offer how we could help with that, but stated that aligning Pontifex 360 with the Olive Group may prove to be extremely beneficial. Perhaps, a meeting with Olive Group and IWS should happen. Maybe that could be a good allience for future cooperation........
I know this is a touchy subject, but Jim Otto is someone, if we can gain confidence in him, that could benefit this fight.
Although we can all agree that Jim's capabilities are beyond reproach and what he can deliver, today, is something that DHS has mandated as priority and something that Pontifex 360 cannot deliver without Jim, there is still questions about his commitment. Jim Otto has reach into the Navy Seal community that is unquestioned and he can deliver Emergency Preparedness training now. I draw your attention to the recent DHS funding, http://www.dhs.gov/xnews/releases/pr_1184781799950.shtm discussing preparedness. Gentleman, I am at a loss here. Although I feel Jim Otto will be able to acquire immediate work and be a fantastic asset to Pontifex 360 and our efforts, his requirements are beyond Pontifex 360's abilities at this time and again, his commitment is in question. Jim, Greg and I are meeting this Wednesday for Lunch to discuss. I am planning on letting him know our position and that Pontifex 360 has a desire to have him as a contractor to do his thing for Pontifex 360, but that we do not have the funding vehicle at this time and Will likely not have until the new year. I "believe", he wants to work with us and would rather stay in the loop with guys he knows... Greg and I, but he will have to decide if his requirements can wait. Again, query thoughts on this.
Things I have noticed in my experience as a Federal Law Enforcement Officer and Intelligence officer:
1. We will never, ever, stop these events.
2. Human nature is to be reactive.
3. We always weigh the extremes of a Police State and a Democracy of Free people.
The USSS takes these issues very seriously and attacks them with a "what if" model. Now, that is easy given the USSS's mandate to protect POTUS and the USA's financial system. What we could take from my experience and add to IWS's rich talents is the Advance model and the "idea" of REDUNDANCY. If we can come up with a model of security that involves Communication and built in Redundancies to answer the "What if" questions, and make it VERY cost effective for Government and Corporate, then we will have an answer to the emerging problem discussed by BNW. DHS has funding for all of this. I have a way in to high levels of DHS. Dom can use his contacts to serve up Fredericksburg as a test case. It can work if the plan is tight.
I know I am late to this discussion, but I wanted to forward my intitial thoughts on this. You all have a better way of formulating White Papers and other business type things. I have no expertise and no business acumen, but I am learning. You guys are far better experienced with this and hopefully can utilize my experience and training and put it into plans.
Rocky
I agree with Rocky on the strategic front....also, in 'reading' the book 'Wikinomics', they highlight the fact that many companies who have embraced many of the tenets we have discussed here (e.g P&G, IBM, etc) save money because of it - it's one of the two primary reasons for engaging. The second is that these methods allow them to reach out to a broader community and innovate, instead of being completely dependent upon their in-house store of brains.
So, I think if we keep a mindset on these two over-arching concepts - providing innovation and cost savings for clients - we will be unlike any company(ies) in our line of work. We are seeing this somewhat with CDPHE, where they would not be able to get any of the capabilities they are receiving if they decided to work with other companies.
One thought in the 'Rocky Sphere'....should we consider standing up and managing a portal/wiki/blog/etc, for global corporate security personnel to coordinate, share ideas, etc...we could lock it down and charge a nominal fee for entry - basically just our maintenance and hardware costs? It would primarily be used as a mechanism to show, like Rocky stated, a PROACTIVE stance and draw companies in to the other capabilities of Pontifex360/IWS. In fact, we could have one section that is locked down used for coordination and sharing specific sensitive information, while the other section could be a global security 'wiki/blog/etc' that allows many other brains to jump in the mix....would probably give companies more ideas than possible through internally generated means, and would be free....think if John Robb decided to jump on and post, I'm sure there's a lot more like him out there. We could also include links to other security-related blogs and discussion forums and pull interesting posts (basically, repost them).
In sum, I think if we keep the mentality of proactiveness, cost savings, innovation, and collaboration, we would be unlike anyone in this business (as far as I can tell).
Post a Comment