"In 15 years, there will be no more secrets." I heard this provocative prediction at a conference in 2008. It was posited by the Central Intelligence Agency's Don Burke, who is a leading proponent of the intelligence community's version of Wikipedia and has the official title "Intellipedia Doyen". If his suggestion is accurate, we only have 13 more years to figure out how to compete in a world in which we can no longer count on secret information to give us the edge in government and in business. What are we doing to get ready?
Instead of getting ready to compete in a transparent world, most of us seem to be in denial. The current cybersecurity debate, for example, reflects a rear-guard action to build ever-higher walls around the vast amounts of information we hope to keep secret. In the realm of national security, where I have spent my career, protecting secrets continues to be a number one priority. In the private sector, too, significant resources are devoted to protecting proprietary information. Yet, as Burke suggests, this may be largely a losing battle as the half-life of secrets gets shorter every day.
Keeping secrets is rapidly becoming harder and more expensive. For example, there are strong incentives to integrate information with our interconnected world. Yet, as we tap into the tremendous benefits of the network, we also expose that information to the vulnerabilities of cyberspace. As the capabilities of cyber-spies increase, so do the costs of trying to protect the information they seek. In addition, tools for finding, understanding, and managing information are increasingly ubiquitous. Thus, even if you are able to "protect" your information, others may well have found that same information independently. And the cost of getting that information will almost always be less than the cost of trying to protect it. Pressure for fewer secrets is also coming from constituents, shareholders, potential investors, and others as they insist upon greater transparency from governments and businesses.
We can continue to fight these trends or we can adapt.
We already have far fewer secrets than we think. The promise of an impervious cybersecurity shield protecting vast amounts of information from a determined and sophisticated adversary is at best a distant dream, and at worst a dangerous myth. Governments and businesses do not like to talk about the degree to which they have been penetrated. Failing to understand and acknowledge this reality, however, presents a dangerous weakness. Plans that depend on keeping secrets from your adversaries or competitors are brittle and fail when it turns out your "secret" is known.
Moreover, a strategy based on keeping information from the prying eyes of your competitors often means not sharing information with those who could use that information to help you. An especially egregious example of this is when intelligence products based entirely on open sources are then stamped "classified." Limiting dissemination of information often means only your friends or potential collaborators don't have it while your enemies do.
Instead, we should be developing business models that are less dependent upon secrets. We cannot simply throw open the doors today and make all information public, but we should rigorously push-back on current notions of what needs to be secret. There will always be some information that must be protected. The names of intelligence sources, for example, and maybe the formula for Coca-Cola. But the number of real "crown jewels" is dramatically smaller than the number of secrets we try to keep today. Distinguishing between the two will make it easier to protect the smaller universe of information that is truly sensitive.
Potential clues for meeting the challenge of competing in a world without secrets might be found in the debate between open- and closed-source models for software distribution, or other experiments with open innovation, such as Eli Lilly's "e research" subsidiary that shares information with a network of thousands of independent researchers to help solve some of their toughest problems. We might even learn from the football coach who, in contrast to his competitors closely guarding their secret playbooks, openly shares his plays and depends instead on the speed, agility, spontaneity, and overall competency of his players to win games.
If you trained yourself to fight effectively in the dark, you could turn out the lights or attack your adversary at night, knowing that you would have a competitive advantage. We should prepare to operate in the light of a transparent world and thereby gain an advantage over competitors who fail to see it coming and still cling to the perceived benefits of trying to keep information in the dark.
Successfully making this shift will be extremely difficult. The good news is that America has a significant head-start over countries that are rooted in a culture of secrecy and information control. Democracies depend upon a certain level of transparency already. If we move aggressively to capitalize on that strength, and develop new ways of operating with fewer secrets, we can not only survive as the lights are turned up, we will prevail.
the trainwreck that is american capitalism exists because it is always based upon lies and secrecy, the two most important tools in one upsmanship. competition is somehow seen as the only methodology to gain the upper hand, and fairness is something that only works in low-level soccer matches, hence the spying.
the big brick wall is very close now, and the train is on the final approach to the station wall. any bets on a miraculous reversal of conscience and vision?
i will pack a lunch, if i can find any food that hasn't been rendered uneatable, or is just there, which is getting more difficult each day.
3 can keep a secret if two are dead..
Far less unproductive downtime, dissipated on lies?
1. Start actually being the country we think we are and living the lives we purport to admire,
2. Stop telling lies in order to convince ourselves and others of Point 1.
It's not all (remember the hop/skips) but it's a good start.
Most corporate secretes protect illegal or unethical practices with a few trade secretes throw in for good measure.
If we enforce patent and copyright law, we could do without 99.9% of our secretes, and life would be much, much better for all, except the corrupt politician and greedy CEO.
You clearly do not understand the multitude of privacy issues that exist today.
And as regards encryption, all of the algorithms in the world don't matter if your hardware or your operating system are compromised. Encryption is the least significant aspect of the problem. Actual security is far more difficult than you imagine.
Keep reading about it, at some point the enormity of the problem may become apparent.
The real problem is that more than 95% of computers run operating systems that do not have security as their prime directive. While Microsoft and Apple have made great strides in security advancements, security remains an after thought. In contrast, Linux/Unix/Beos were designed from a blank page, where the first question asked was how do we make this operating system secure.
To date, there has been exactly one Linux virus. It was created in a lab, and failed to propagate through the Internet, because of inherent security designs in the OS.
In contrast, last year it was reported that about 1,500 Microsoft OS computers belonging to embassy staff for about 100 countries were infected with a remote access Trojan, a.k.a, a RAT. The RAT was able to turn on the microphone and video camera of a PC, without the owners knowledge. The RAT was able to phish through the file structure to retrieve documents, passwords, browsing history, etc. This RAT was allegedly written by the PRC to gain access into the office of his holiness the Dahli Lama. How many PCS worldwide were ultimately infected is a mystery.
Will the internet someday become self-aware, will we build 'Skynet', or equivalent, creating an informational Frankenstein that one day will control the majority of human activity, keeping us safe, protecting us from ourselves, a la "I, Robot"? If you compared the internet to a nervous system, network pathways to neurons, in a sense, the Internet is already 'alive', has vast powers of recall, and every year, as processors get more and more powerful, and people networks on the web become more extensive, and grown together, across borders, across time zones, the future promises to be interesting, indeed.
Not good; I would feel like one of the characters in the 1984 book. Thank God, Dylan never became a protester.
But I also see a new threat. All this data could allow vested interests to create vested information. People like Rush Limbaugh are on to it.
I can think of Medical, Environmental and Pharmacy as very good starting points.