In a recent essay in Harvard’s National Security Journal, security expert Daniel Geer proposes how cyber insecurity is the paramount national security risk because of the nation’s ability to project power depends on IT.
Geer sums up three risks that can be considered national security concerns, the first being “any mechanism that, to operate correctly, must be a single point of function, thereby containing a single point of failure.”
“The red telephone on the president's desk is just such a mechanism; having 23 red telephones would be far worse than having one red telephone,” he notes. “As such, that single red telephone deserves defense in depth, which is simply a referendum on one's willingness to spend money for layers; it is rarely, if at all, a research-grade problem.”
The second risk is cascade failure, which constitutes a collapse in a system of interconnected parts in which the failure of a part can trigger the breakdown of successive parts. This kind of failure, according to Geer, is easier to detonate in a monoculture when the perpetrator only needs to create one bit of malware, not millions.
“[W]hen you deploy a computing monoculture, you are making a risk-management decision: that the downside risk of a ‘black swan event’ is more tolerable than the downside risk of perpetual inconsistency,” he writes.
The third issue that constitutes a nation security risk is dependence on system state, including dependence on expectations of system state reliability, Geer writes. He notes increasing dependence results in heightened difficulty in crafting mitigations, leading to an increasing complexity that embeds dependencies in a way that could decrease the frequency of surprises.
Geer sees the society’s reliance on cyber an issue that is “inestimably irreversible and irreversibly inestimable.”
“That sounds more apocalyptic than I intend, but the competent risk manager always asks, ‘How bad could it be?’ or, in the altogether American tortious style, ‘Who will have to pay?'” he asks.
Making his conclusion about cybersecurity and national policy, Geer writes the nation’s paramount aim cannot be risk avoidance, but rather risk absorption–the ability to operate in degraded states, in micro and macro spheres, to take as an axiom opponents have and will penetrate U.S. systems at all levels, and to be prepared to adjust accordingly.
“To this extent, security becomes a subset of reliability in that an insecure system will not be reliable, but a reliable system is not necessarily secure,” he notes.