The End Of The American Cyber Empire

American specialists in history and foreign policy love predicting the end of things.  The most famous example was Francis Fukuyama whose book the “End of History” was touted as showing the rather benign capitalist, democratic way forward following the fall of the Soviet Empire.  Unfortunately, no one told Osama Bin Laden, Vladimir Putin, Xi Jinping, etc., about it.  Or, at least, they weren’t paying attention in class in the few elite institutions which crank out US foreign policy “experts” who hope someday to sitting around negotiating tables in Paris talking grand political strategies – none of that ugly economic, cyber stuff for them.

In the fine tradition of such broad predictions, allow me to announce The End of the American Cyber Empire. As for evidence, I give you this week’s reveal that the Russians have penetrated just about every web link in America and Facebook/Google now under formal Federal investigation for malignant trade practices (with Amazon in the wings.)

For the first part, what can I say about the Russians?  As a spy, I say well done you.  You’ve have accomplished your goal of undermining the entire low intensity conflict “battlefield” of the American cyber system. 

As a U.S. citizen and taxpayer, I am outraged.  The good news is we have an initial job for the new National Cyber Director to figure out. 

The bad news – which is the real point here – is that tens of billions of dollars of security have been spent on cyber security public and private. Thousands of security personnel added. Bureaucracy like the new agency at DHS – The Cybersecurity and Infrastructure Security Agency (CISA) – with Security in the name twice.  Public/Private partnerships and other cliches of outreach. Massive changes in protocols and additional safety measures mandated and put in place. Innumerable warnings for other relatively smaller break ins were issues (Remember that little OMB one.) And we still get "skunked" – by what is reported to be an insider mistake.

Once again man triumphs over machine. And all our experts can do is say – well, we saw it coming and the Russians had a new way of doing it.  So, let me ask the question: what do we pay you guys for?

Meanwhile, three quarters of the bulwark of the new American Cyber Age (FANG) is now under federal scrutiny and legal action.  Facebook/Alphabet (Google)/Amazon – not Netflix which has escaped for now thanks to a heavily competitive market; though seeming unlimited resources – are all accused of stifling competition or unfair trading practices.

It’s not like they didn’t get warned either.  However, the hubris they have shown regarding the effectiveness of D.C. to do anything (save Amazon with a politically savvy Jeff Bezos at the helm) has been nothing less than breathtaking. 

 I am afraid Silicon Valley is going to discover an ancient truth that their Robber Baron ancestors also discovered – D.C. makes laws that you have to follow, taxes you have to pay, elected officials you have to answer to, and laws by the ton.  Oh yes, we have lawyers too.  An entire department filled with nothing but lawyers.  That you pay for with your tax money.  A Funny thing.  No borders nor boundaries is an illusion.  Welcome to the United States.

So where does this leave the incoming Biden Administration?  Well, worldwide we are declining in influence fast.  Our share of the world’s internet population is 280 million out of five billion users and the other nation state users are balkanizing fast regarding rules of the road like privacy and information “control.”  Our cyber security has proven to be say “flawed.”  And the major players in the first wave of App giants are monopolists which are going to be tough to breakup given their structure.

None of these issues is easily solved because they are wicked problems – the very people causing the problems are trying to solve the problem.  My condolences to the first National Cyber Director.  You have a nasty job on your hands.  We cannot rebuild the American Cyber Empire.  But we need to think hard about what is to replace it.

 Ronald Marks is Term Visiting Professor, George Mason University, Schar School of Policy and Government. He is President of ZPN Cyber & National Security Strategies

You Might Also Read:

The Rise and Fall Of America’s Unregulated Internet:

 

« Russian Hackers Have Stolen US Secrets
Tech Support Scams Steal Millions »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Jot Digital

Jot Digital

Jot Digital is a full-service technology company specializing in digital engineering, application modernization and business transformation.

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.

Mode

Mode

Mode is an out-of-band communication and crisis collaboration platform. One platform to manage your cyber crisis response. Stay connected when it's needed most.

Redblock

Redblock

Redblock's mission is to eliminate the drudgery and repetitive 'eye on the glass' work done by Security Teams.