The End Of The American Cyber Empire

Uploaded on 2020-12-18 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

American specialists in history and foreign policy love predicting the end of things.  The most famous example was Francis Fukuyama whose book the “End of History” was touted as showing the rather benign capitalist, democratic way forward following the fall of the Soviet Empire.  Unfortunately, no one told Osama Bin Laden, Vladimir Putin, Xi Jinping, etc., about it.  Or, at least, they weren’t paying attention in class in the few elite institutions which crank out US foreign policy “experts” who hope someday to sitting around negotiating tables in Paris talking grand political strategies – none of that ugly economic, cyber stuff for them.

In the fine tradition of such broad predictions, allow me to announce The End of the American Cyber Empire. As for evidence, I give you this week’s reveal that the Russians have penetrated just about every web link in America and Facebook/Google now under formal Federal investigation for malignant trade practices (with Amazon in the wings.)

For the first part, what can I say about the Russians?  As a spy, I say well done you.  You’ve have accomplished your goal of undermining the entire low intensity conflict “battlefield” of the American cyber system. 

As a U.S. citizen and taxpayer, I am outraged.  The good news is we have an initial job for the new National Cyber Director to figure out. 

The bad news – which is the real point here – is that tens of billions of dollars of security have been spent on cyber security public and private. Thousands of security personnel added. Bureaucracy like the new agency at DHS – The Cybersecurity and Infrastructure Security Agency (CISA) – with Security in the name twice.  Public/Private partnerships and other cliches of outreach. Massive changes in protocols and additional safety measures mandated and put in place. Innumerable warnings for other relatively smaller break ins were issues (Remember that little OMB one.) And we still get "skunked" – by what is reported to be an insider mistake.

Once again man triumphs over machine. And all our experts can do is say – well, we saw it coming and the Russians had a new way of doing it.  So, let me ask the question: what do we pay you guys for?

Meanwhile, three quarters of the bulwark of the new American Cyber Age (FANG) is now under federal scrutiny and legal action.  Facebook/Alphabet (Google)/Amazon – not Netflix which has escaped for now thanks to a heavily competitive market; though seeming unlimited resources – are all accused of stifling competition or unfair trading practices.

It’s not like they didn’t get warned either.  However, the hubris they have shown regarding the effectiveness of D.C. to do anything (save Amazon with a politically savvy Jeff Bezos at the helm) has been nothing less than breathtaking. 

 I am afraid Silicon Valley is going to discover an ancient truth that their Robber Baron ancestors also discovered – D.C. makes laws that you have to follow, taxes you have to pay, elected officials you have to answer to, and laws by the ton.  Oh yes, we have lawyers too.  An entire department filled with nothing but lawyers.  That you pay for with your tax money.  A Funny thing.  No borders nor boundaries is an illusion.  Welcome to the United States.

So where does this leave the incoming Biden Administration?  Well, worldwide we are declining in influence fast.  Our share of the world’s internet population is 280 million out of five billion users and the other nation state users are balkanizing fast regarding rules of the road like privacy and information “control.”  Our cyber security has proven to be say “flawed.”  And the major players in the first wave of App giants are monopolists which are going to be tough to breakup given their structure.

None of these issues is easily solved because they are wicked problems – the very people causing the problems are trying to solve the problem.  My condolences to the first National Cyber Director.  You have a nasty job on your hands.  We cannot rebuild the American Cyber Empire.  But we need to think hard about what is to replace it.

 Ronald Marks is Term Visiting Professor, George Mason University, Schar School of Policy and Government. He is President of ZPN Cyber & National Security Strategies

You Might Also Read:

The Rise and Fall Of America’s Unregulated Internet:

 

« Russian Hackers Have Stolen US Secrets
Tech Support Scams Steal Millions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Absolute Software

Absolute Software

Absolute provides persistent endpoint security and data risk management solutions for mobile devices - computers, tablets, and smartphones.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

European Organisation for Security (EOS)

European Organisation for Security (EOS)

EOS represents all domains of security solutions and services.providers including ICT information and communications technologies.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Logsign

Logsign

Logsign is a Security Orchestration, Automation and Response (SOAR) platform with next-gen Security Information and Event Management (SIEM) solution.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

CAPSLOCK

CAPSLOCK

CAPSLOCK delivers career-changing cyber training to help adults re-skill. Learn online to become a cyber security professional and pay no tuition until you land a high-paying job.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.

Interlynk

Interlynk

Interlynk's #SBOM and # VEX-powered platform automates and continuously monitors first-party and vendor software supply chains and helps meet #FDA, #CRA, #GSA, and #DoD compliance obligations.