The Yom Kippur War intelligence failures were broad and to the highest level of government and military within Israel. They misperceived themselves as being free and safe of attack from the Arabs, at least in the near and current future. The Israelis were confidant an attack would only occur along the perimeters in which they themselves perceived the Arabs may attack, which they believed to be in the distant future. Israel felt that such an attack was bound to fail and thus preventing the Arabs from initiating an attack. Israel had let down their guard and therefore were surprised by the timing of the attack, the method of attack and also the place of the attack. Few military parallels are found as great as the strategic surprise Egypt and Syria enjoyed on October 6, 1973.
Information divulged years later is that King Hussein of Jordan made a visit September 25, 1973 to Israel and met with the Prime Minister and gave his assessment that Egypt and Syria were about to attack Israel. Warning was not heeded as the attack took place October 6, 1973. And importantly Jordan itself had been involved in former wars itself with Israel so their motivation for informing them of an impending attack was suspicious from the Israelis’ view. Skeptics argue that Hussein disavowed giving warning to Israel during this visit. Hussein had hoped that the warning would influence the Israeli Prime Minister to make changes and progress with the Arabs and avoid a costly war. Israel’s intelligence officer dismissed Hussein’s claim and believed that the Arabs were too weak to attack. Also believed by the Israelis is that the Arabs would not fight a war they knew they would lose. This may be a key point as to misperception as the Arab’s initially in the war obtained their objectives and possibly in their view set the course right from the “1967 War” in which they lost territory. Egypt’s Sadat even made a trip to Saudi Arabia before the war and made a plea that if the United States resupplied Israel during the war for Saudi Arabia to emplace an oil embargo on the United States to exert influence. The CIA passed a report on September 30th to the Israelis which was sourced to King Hussein which elaborated on what he had previously told the Prime Minister. By September Syria had received Soviet SAM’s and other equipment and were ready for war. The Soviets removed dependents of advisors and diplomats from Egypt and Syria October 5th.Israel suffered 2,656 dead and 7,250 wounded in the battle.
The Israeli armed forces were reliant on reservists which made up a large portion of Israel’s armed forces. In order to prove successful time was needed in times of attack to mobilize and move them from civilian life and emplace these personnel into a war-time theater of operation. As such, Israel put much effort into developing their intelligence services into the elite force for which much trust was given by the country to provide the warning it needs to prepare for war.With the failure of fore-warning to Israelis’ the Arab’s controlled the early moves in the war and brought initial success which they desired and in effect changed the balance of power within the Middle East away from Israel’s advantage.
Egypt and Syria’s attack on October 6, 1973 occurred at 14:00 hours which caught the IDF off guard and Israel’s military and political leaders did not understand a war was about to break out until 18:00, which was too late. The Commission investigating the intelligence failure indicated three reasons for the mistake. The first reason involved two assumptions in which Egypt would conduct air strikes deep into Israel against its air force before starting a war and the other assumption was Syria would not go full-scale war unless Egypt was in action against the Israelis already. The 2ndreasonwas a major mistake as Military Intelligence had guaranteed that they would be able to provide adequate advance warning of any attack and they did not do so. The 3rd reason is the intelligence services basically dismissed the adversaries’ forces buildups as either defensive or an exercise. Prime Minister Gold Meir and the Defense Minister Moshe Dayan concluded full mobilization was not necessary early on and they only placed the standing army on full alert.
To lend support to Israelis’ perception that attack was not probable at least not in the near future there is evidence and facts that the Arab’s did successfully employ deception methods on Israel as well as on the United States. The Arabs had been open to Dr. Kissinger’s peace negotiation in September 1973 and even planted items in a Lebanese newspaper about neglect and deterioration of equipment from the Soviet Union within the Suez Canal area. A very good synopsis which perhaps lends Israeli a sympathetic path is that estimating intentions are one of the most difficult and yet crucial element within intelligence. One may use hard evidence. If the evidence is incomplete it is more difficult to determine intention. Technology has advanced greatly in later years which makes a surprise attack much more difficult to achieve with the presence of advanced IMINT and SIGINT.
Is the current state of counterintelligence in the Intelligence Community adequate?
In regard to whether the state of counterintelligence within the Intelligence Community is adequate today one can best assume counterintelligence is a forever changing, evolving, assessment and reactive process of making sure our capabilities are up to date with the current world intelligence threat that exists in the world today. I do believe that counterintelligence is adequate as of today but that does not mean we do not need to improve. Much can be derived as to pre-9/11 or post-9/11 scenario. The intelligence officials and decision makers have to make sure that the IC is able to function strategically and operationally. Post 9/11 there exists “old” and “new” threats but clearly now we are primarily and immediately faced with “new” threats such as prevention of individual or small group acts rather than State actors. And because of this emphasis is placed upon utilizing human sources or spies, and interrogations of suspects or informants. The “old” threats still require IC collection, analysis and operations regarding State actors and these services are still intact and operating fully. The intelligence community may involve two ways in which it adapts to its external demands and when a perceived intelligence failure occurs then it reinvents itself to deal effectively. Or it may change proactively because of anticipating or observing environment changes.
There still exist threats from State actors in regard to our intelligence community and national decision makers and counterintelligence needs to be vigilant to deter, detect, exploit, neutralize and disrupt these attacks on an ongoing basis. National Security information as well as the US companies’ proprietary information will be targeted for collection. Some industries that may experience activity directed against them include the defense, finance, energy, dual-use technology, etc. Insider threats will continue to be a closely surveilled item of interest of the counterintelligence agencies. And Russia is believed to remain a threat through cyber operations meant to influence or convey misleading information to encourage public opinion towards Russia’s best interests. Elections have been targeted and efforts are believed to continue. Increased and vigilant counter-cyber terrorism programs need to be fully conducted and expanded to the utmost ability the United States can exhibit and emplace.
Transnational criminal groups as well as terrorists are learning and utilizing advanced intelligence capabilities in technical, physical and cyber means. And “insider threats”, which is the oldest form of spying still exist in today’s world.
The global strategy of computer hacking
Whoever operates on the Web and has even interesting or relevant data sooner or later will always be hacked by someone or by some organizations.
Usually “economic” hackers take the data of interest from the victim’s network and resell it in the dark web, i.e. the system of websites that cannot be reached by normal search engines.
Currently, however, after the Bayonet operation of July 2017 in which many dark web areas were penetrated, we are witnessing a specialization of the dark web and an evolution of web espionage methods against companies and States.
These operations which, in the past, were carried out by web amateurs, such as youngsters at home, are currently carried out by structured and connected networks of professional hackers that develop long-term projects and often sell themselves to certain States or, sometimes, to some international crime organizations.
As often happens in these cases, the dark web was born from research in the military field. In fact, in the 1990s, the Department of Defense had developed a covert and encrypted network that could permanently protect the communications of the U.S. espionage “operatives” who worked abroad.
Later the secret network became a non-profit network that could be used for the usual “human rights” and for protecting privacy, the last religion of our decadence.
That old network of the State Department then intersected with the new TOR Network, which is the acronym of The Onion Router, the IT “onion” covering communication with different and often separable encryption systems.
TOR lives on the Internet edge and it acts as the basic technology for its dark web.
Like the “Commendatore” vis-à-vis Don Giovanni in Mozart’s opera.
TOR, however, is a free browser that can be easily extracted from the Web.
Obviously, the more the anonymity of those who use TOR and go on the dark web is covered by effective encryption systems, the more unintentional signals are left when browsing the dark web.
Moreover, the farther you have to go, the more pebbles you need to go back, as in the Thumbelina fairy tale.
TOR and the Dark Web were born to allow the communications of U.S. secret agents, but were later downgraded to “free” communication system to defend Web surfers from “authoritarian governments”. Currently the dark web hosts a wide underground market where drugs, stolen identities, child pornography, jihadist terrorism and all forms of illegal business are traded.
Moreover, if these dark web services are paid with uncontrollable cryptocurrencies, it is very difficult to track any kind of dark web operations.
Nowadays, about 65,000 URLs operate in the dark web, which means Internet websites and Universal Resource Locators that operate mainly via TOR.
A recent study of a company dealing with cybersecurity has demonstrated that about 15% of all dark web URLs facilitate peer-to-peer communication between users and websites usually by means of chat rooms or websites collecting images, pictures and photos, which are often steganographic means and transmit hidden and concealed texts, but also for the exchange of real goods via specialized websites for peer-to-peer trading that are also encrypted, as can easily be imagined.
Moreover, a further study conducted by a U.S. communication company specialized in web operations has shown that at least 50% of the dark websites is, in fact, legal.
This means they officially deals with things, people, data and pictures that, apparently, also apply to “regular” websites.
In other words, the dark websites have been created by means of a regular request to the national reference office of ICANN, which grants the domains and registers the permitted websites, thus communicating them to the Californian cooperative that owns the web “source codes”, although not in a monopolistic way.
Currently all the large web organizations have a dark “Commendatore” in the TOR area, such as Facebook, and the same holds true for almost all major U.S. newspapers, for some European magazines but also for some security agencies such as CIA.
Nevertheless, about 75% of the TOR websites listed by the above stated IT consultancy companies are specialized URLs for trading.
Many of these websites operate only with Bitcoins or with other types of cryptocurrencies.
Mainly illegal pharmaceuticals or drugs, items and even weapons are sold in the dark web. Said weapons are often advanced and not available in the visible and overt networks.
Some URLs also sell counterfeit documents and access keys for credit cards, or even bank credentials, which are real but for subjects other than those for whom they were issued.
In 2018 Bitcoin operations were carried out in the dark web to the tune of over 872 million US dollars. This amount will certainly exceed one billion US dollars in late 2019.
It should be recalled that the total amount of money “laundered” in the world accounts for almost 5% of the world GDP, equal to 4 trillion US dollars approximately.
Who invented the Bitcoin?
In 2011, the cryptocurrency was used for the first time as a term of trade only for drug traffickers operating in the dark web, mainly through a website called Silk Road.
The alias used for those exchanges was called Satoshi Nakamoto, that was also filmed and interviewed, but was obviously another.
We should also recall web frauds or blackmails: for example, InFraud, a U.S. organization specialized in the collection, distribution and sale of stolen credit cards and other personal data.
Before being discovered, InFraud had illegally made a net gain of 530 million US dollars.
Another group of illegal operators, Fin7, also known as Carbanak, again based in the United States, has collected over a billion US dollars on the web and has put in crisis, by blackmailing them, some commercial organizations such as Saks Fifth Avenue and Chipotle, a widespread chain of burritos and other typical dishes of Mexican cuisine.
Obviously the introduction of new control and data processing technologies, ranging from 5G to biometric sensors, or of personal monitoring technologies, increases the criminal potential of the dark web.
Hence the dark web criminals will have an even larger mass of data from which to derive what they need.
The methods used will be the usual ones, such as phishing, i.d. the fraudulent attempt to obtain or to deceive people into sharing sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication possibly with a fake website, or the so-called “social engineering”, which is an online scam in which a third party pretends to be a company or an important individual in order to obtain the sensitive data and personal details of the potential victim, in an apparently legal way, or blackmail by e-mail and finally the manipulation of credentials.
With a mass of additional data on their “customers”, the web criminals will be able to perfect their operations, thus making them quicker and more effective. Or the new web technologies will be able to accelerate the time needed for blackmail or compromise, thus allowing a greater number of frauds for more victims.
Biometrics certainly expands the time for the use of data in the hands of cybercriminals. Facial detection or genetic and health data are stable, not to mention the poor security of data held by hospitals. Or we have to do with the widespread dissemination of genetic research, which will provide even more sensitive data to web swindlers.
According to some recent analyses carried out by the specialized laboratories for the Web, 56% of the data most used by web criminals comes from the victims’ personal data, while 44% of the data used by swindlers comes from financial news.
Moreover, specific types of credit cards, sold by geographical area, commercial type and issuing bank, can be bought in the dark web.
85% of them are credit cards accredited for a bank ceiling, while 15% of “customers” asks for debit cards.
The web scammers, however, always prefer e-mail addresses even to passwords.
Furthermore, less than 25% of the 40,000 dark web files have a single title.
In the “dark” web there are over 44,000 manuals for e-frauds, available for sale and often sold at very low prices.
The large and sometimes famous companies are the mainly affected ones. In 2018 the following companies were the target of cyberattacks in the United States: Dixus, a mobile phone company which was stolen 10 million files; the Cathay Pacific airline, with 9.4 million files removed, but also the Marriott’s hotel chain (500 million data/files removed) and finally Quora, a website of scientific documents and generic data. Over 45 million files were removed from Quora.
How can we know whether we are the target of an attack from the Dark Web? There is certainly the presence of ransomware, such as the recent Phobos, which uses the Remote Desktop Protocols (RDP) that allow to control computers remotely.
Then there is the Distributed Denial of Service (DDoS), which is a temporary block of the Web, apparently accidental, and finally there is the traditional malware, the “malicious” software that is used to disrupt the victims’ computer operations and collects the data present on their computers.
However, the Dark Web ambiguity between common crime and the defence of “human rights” and safe communications in “authoritarian regimes” always remains.
The United States, Iran, China and other countries have already created a “fourth army”, composed only of hackers, that operates with cyberattacks against the enemies’ defence and civilian networks.
The US Cyber Command, for example, is estimated to be composed of as many as 100,000 men and women, who operate 24 hours a day to hit enemy servers (and also allies’ ones, when they contain useful information).
Just think also of the private group Telecomix, which supported the 2011 Arab rebellions and, often, also the subsequent ones.
Also in these months both Telecomix and Anonymous are working to permit the free use of the Syrian computer network.
There is often an operative interface between these groups and the Intelligence Agencies, which often autonomously acquire data from private networks, which, however, soon become aware of the State operations.
There is also cyber-rebellion, which tries – often successfully – to strike at the victims’ data stored, by deleting them.
DDoS, the most frequent type of attack, often uses a program called Low Orbit Ion Cannot (LOIC) which allows a large number of connections to be established simultaneously, thus leading to fast saturation of the enemy server.
The attacking computers can be used remotely and some groups of hackers use thousands of computers simultaneously, called “zombie machines”, to hit the database in which they are interested to delete it or to remove its files.
This type of “fourth army” can inflict greater damage on a target country than a conventional armed attack. The faster the attack, the easier is to identify the origin of the operation.
It is currently estimated that the “zombie” computers in the world are over 250 million – a greater network than any other today present in the military, scientific and financial world.
Hence a very dangerous military threat to critical infrastructure or to the economic resources of any country, no matter how “advanced” it is technologically or in terms of military Defence.
There have been reports of hackers linked to global drug organizations, especially Mexican cartels, and to jihadist or fundamentalist terrorist groups.
Financial hacking, which often supports all these initiatives, remains fundamental.
The South Korean intelligence services’ operative Lim was found “suicidal” after having purchased a program from the Milanese Hacking Team.
A necessary tool for these operations is often a briefcase containing circuits which mimic the towers of cellular repeaters and store in the briefcase itself all the data which is transferred via cetel or via the Internet Network.
The Central Bank of Cyprus, the German CDU Party and many LinkedIn accounts – a particularly favourite target of hackers – some NATO websites and, in Italy, some business and financial consultancy companies were attacked in this way.
It is a completely new war logic, which must be analysed both at technical and operational levels and at theoretical and strategic levels.
The Failures of 737 Max: Political consequences in the making
Last month, as Boeing scaled new contracts for the 737 Max, horrific remains in Bishoftu, from the crashed Ethiopian Airlines Flight 302, witnessed the Dubai Air show in despair; the plane manufacturer had sealed another 70 contracts for the future. Still, the dreaded MCAS software is looking for a resolution at last. Two of the fatal Max 8 crashes have been reportedly caused by censor failures, accounted to software malfunctions. Hundred and fifty-seven people died inside flight 302, only months after Lion Air 610 crashed into the Java Sea with 180 passengers on board.
Both accidents are predisposed towards the highly sophisticated Maneuvering Characteristics Augmentation System (MCAS), an algorithm that prevents 737 aircrafts from steep take offs; or de-escalates the vehicle at its own will. However, there is more to Boeing accidents than just a co-incidental MCAS failure. Largely, it is only a consequence of political and economic interests.
While Boeing’s European competitor, Airbus, relaunched its A320’s in 2010, there were fewer changes in the operating manual. Airbus 320 Neo, as it was re-named, had larger engines on the wings, primarily designed for fuel efficiency. The Neo models claimed a whopping 7% increment in the overall performance; inviting thousands of orders worldwide. Consequently, Boeing’s market share of more than 35% was immediately under threat after Lufthansa introduced it for the first time in 2016. Despite of major competition from the A320, 737’s lack of ground clearance space, hindered for a major engine configuration. Nevertheless, Boeing responded to the mechanical challenge and introduced the MCAS for flight safety. As bigger engines in 737 was increasing the take-off weight, the MCAS would automatically re-orient the aeroplane’s steepness to avoid stall. Boeing’s lust to stay afloat in the competitive market, led by a robotic intrusion in flight controls did not fare too long. Flight investigations claimed that although Lion Air 610 was gaining altitude in normal circumstances, the MCAS read it wrongly; hence, pulling the aircraftlower, beyond the control of physical pilots. It was a design flaw, motivated by the need to overcome dwindling sales profits.
Neither is Airbus enjoying smooth performances over the years; it however has not performed as miserly as the 737. Indigo, a major Indian airline is the largest importer of A320 Neo; despite new technologies, it has been warned of repeating problems like momentary engine vibration. Months back, an Indigo flight stalled on its way from Kolkata to Pune, before being forced to return to its departure. Unlike the Boeing 737, Airbus malfunctioning does not lead to a major disaster. There is an element of mechanical interference available to pilots flying the European prototypes. Still, it is not everything that separates the two giants.
The Ethiopian disaster, scrutinized Boeing’s leadership at home; a congressional hearing concluded that after repeated attempts to warn the airline manufacturer to present information as transparently as possible, deaf ears have persisted. As the statement read, Boeing was hiding significant information away from airline companies and pilots. While it plans to resume sales in 2020, progress has been waning, in terms of improving the knowledge behind operating the 737 Max. The investigative hearing concluded that Boeing was manufacturing flying coffins.
Unsurprisingly, there is little amusement towards the development of airline sales around the world. Visibly, there is a band of companies, preferring the American manufacturer to the other. The politics is simple; it is merely about technological superiority, but more related with subsidies and after sales services. Regardless of whether Boeing will scrap the 737 Max or improve the software configuration, doubts have presided over choosing to fly altogether with choosing to fly a specific model. Air travel could not be safer in 2020. That claim is in serious trouble.
Digital Privacy vs. Cybersecurity: The Confusing Complexity of Information Security in 2020
There is a small and potentially tumultuous revolution building on the horizon of 2020. Ironically, it’s a revolution very few people on the street are even aware of but literally every single corporation around the globe currently sits in finger-biting, hand-wringing anticipation: is it ready to meet the new challenge of the California Consumer Privacy Act, which comes into full effect on January 1, 2020. Interestingly, the CCPA is really nothing more than California trying to both piggy-back AND surpass the GDPR (General Data Protection Regulation) of the European Union, which was passed all the way back in 2016. In each case, these competing/coincident pieces of regulation aim to do something quite noble at first glance for all consumers: to enhance the privacy rights and data protection of all people from all digital threats, shenanigans, and malfeasance. While the EU legislation first of all focuses on the countries that make up the European Union and the California piece formally claims to be about the protection of California residents alone, the de facto reality is far more reaching. No one, literally no one, thinks these pieces can remain geographically contained or limited. Instead, they will either become governing pieces across a far greater transregional area (the EU case) or will become a driving spur for other states to develop their own set of client privacy regulations (the California case). Despite the fact that most people welcome the idea of formal legal repercussions for corporations that do not adequately protect consumer data/information privacy, there are multiple confusions and complexity hidden within this overly simple statement. As we head into 2020, what should be chief for corporations is not trying to just blindly satisfy both GDPR and CCPA. Rather, it should be about how to remedy these confusions first. However, that elimination is not nearly as easy to achieve as some might think.
First off, a not-so-simple question: what is privacy? It is a bit awe-inspiring to consider that there are many ways to define privacy. When considering GDPR and CCPA, it is essential to have precise and explicit definitions so that corporations can at least have a realistic chance to set goals that are manageable and achievable, let alone provide them with security against reckless litigation. Failure to define privacy explicitly carries radically ambiguous legal consequences in the coming CCPA atmosphere, something all corporations should rightly avoid like the plague. Perhaps worse, no matter how much time you spend defining consumer privacy beforehand, trying to create this improved consumer protection digitally becomes almost hopelessly complicated. The high-technology, instant-communication, constant-access, massively-diversified world we live in today makes some argue that ‘digital privacy’ in any real sense is dead and buried without the possibility for resurrection. If this is true, then how quixotic will it be for corporations to try to meet the regulation demands of legislative projects like GDPR and CCPA if they do not first try to establish both clarity and transparency of terms and goals?
This is not a nihilistic argument just trying to have every corporation around the world throw up its hands in despair and give up on improved consumer privacy and data protection. But note the word ‘improved.’ In order for corporations to realistically provide consumer data protection, the irony of ironies may be that the first successful step will be finally embracing transparency in admitting that ‘perfect digital privacy’ will not and cannot exist. Realistic cyber expectations mean admitting that external threats always have an upper hand over internal defenders. Not because they are more talented or more committed or more diligent. But because what it takes to successfully perpetrate a threat is far simpler, quicker, cheaper, and easier than what is necessary to successfully enact a comprehensive defense program that can answer those threats and remain agile, flexible, and adaptive far into the future.
The broken glass analogy helps illustrate this conundrum. I am in charge of protecting 100 windows from being broken. But I must protect them from 1000 people coming toward me with rocks. Ultimately, it is far easier for the 1000 to individually achieve a single success (breaking a window) than it is for me to achieve success in totality (keeping all 100 windows intact). The resolution, therefore, is transparency: there is greater chance of ‘success’ for the chief actors (namely, me as defender and the client as owner of the windows) if I can be liberated from the impossible futility of ‘perfect protection’ and set a more realistic definition of protection as ‘true success.’ As long as there are recovery/restitution processes in place (replacing/repairing a broken window), then ‘success’ should be legitimately defined as a percentage less than 100. This is the same for corporations dealing with clients/consumers in the new world of 2020 CCPA: if the idea is that these pieces of legislations finally make corporations commit to perfect digital privacy and such perfection is the only definition of success against which they can measure themselves, then 2020 will be nothing but a year of frustration and failure.
The funny thing in all of this is that the EU legislation somewhat admits the above. Consider the seven principles of data protection as laid out by GDPR:
- Lawfulness, fairness, and transparency.
- Purpose limitation.
- Data minimization.
- Storage limitation.
- Integrity and confidentiality.
Nothing in these seven principles would bring about the establishment of perfect digital privacy or sets the expectation that failures in consumer protection must never occur. But they do hint at a darker secret underlying the European concept of client privacy that sits in contradiction to the very essence of American economics.
When people call CCPA the ‘almost GDPR,’ it is hinting at how the spirit of the two legislations are somewhat diametrically opposed to one another. The EU crafted GDPR under strong social democratic norms that encompass many of the core member governments. As such, it is most decidedly not legislation engineered to first protect the sacred right to free market business enterprise and a fundamental belief in the market to solve its own problems. Rather, GDPR has within it, implicitly, a questioning skepticism about the core priorities of major corporations and the belief that governance is the only way to make free-market economics work fairly. As such, GDPR is not just about protecting consumer data and information privacy from hackers, outside agents, and foreign actors: it is alsoabout protecting consumers from “untrustworthy corporations” themselves. This is something that should not infuse the CCPA (whether it does or not is yet to be determined and 2020 will therefore prove to be a very interesting judgment year). Because while California is staunchly to the left on the American political spectrum, it still operates as a constituent member of the US, the most fiercely protective country of its capitalist roots and belief in the sanctity of the free-market system. As such, government regulation in the EU that works for consumer privacy protection will not be looking at corporations as a willing or even necessarily helpful partner in a joint initiative. American government regulation should and must. As time progresses, if CCPA proves itself to be too close to GDPR, to European as opposed to American market norms, expect to see other states in the US create competing legislation. And even if those competing pieces aim to create a more ‘American’ conceptualization of consumer digital privacy as opposed to ‘European,’ what it means in real terms for corporations is yet more competing standards to try to synergize and make sense of. Thus, executive leaders in charge of information security in 2020 are going to need to have critical reasoning and analytical research skills far more than they ever have in the past.
In the end, protecting consumer privacy and providing client data protection is an essential, proper, and critical element for doing business in 2020. Legislation like GDPR and CCPA are meant to help provide an acknowledged framework for all actors to understand the expectations and consequences of the success/failure of that mission. Having such protocols is a good thing. But when protocols do not recognize reality, skip over crucial elements of clarity and transparency, hide some of the futility that likely cannot be overcome, and ignore their own competing contradictions, then those protocols might end up providing more problems than protection. What corporations must do, as they head into 2020, is not blindly follow CCPA. Nor should they facetiously do superficial work to achieve ‘CCPA compliance’ while not really providing ‘privacy.’ What is most crucial is innovative executive thinking, where new analytical minds are brought in to positions like CISO (Chief Information Security Officer) that are intellectually innovative, entrepreneurial, adaptive, and agile in how they approach the mission of privacy and security. Traditionally, these positions have often been hired from very rigid and orthodox backgrounds. The enactment of CCPA in 2020 means it might be time to throw that hiring rulebook out. In real terms, the injection of new thinking, new intellectualism, new concept agility, and new practical backgrounds will be crucial for all information security leadership positions. Failure to do so will not just be the death of privacy, but the crippling of corporate success in the client relationship experience.
Comprehension of the S-400 Crisis
Turkey’s air defence has had a severe weakness for decades. Hence, Turkey was in a position to base its air...
Agreement on linking the emissions trading systems of the EU and Switzerland
As ministers gather at the COP25 in Madrid to discuss the rules for international carbon markets, the EU and Switzerland...
Sri Lanka Appoints New Minister for Foreign Relations
The newly-elected Sri Lankan President, Gotabaya Rajapaksa appointed Dinesh Gunawardena as the Minister of Foreign Relations after his Presidential election...
From Trade War to Strait War: China Warn U.S. Stop Stretching its Muscles in the Contested Waters
Up till now, no one distinguishes the actual explanations behind the hostile faces. If a trade war isn’t the exact...
An anatomy of U.S. human rights diplomacy
Authors: Zhou Dong-chen & Paul Wang Over the past two weeks, the United States Congress has successively passed two acts...
Income Growth Sluggish for Malaysian Youth, Lower- Income Households
Slowing income growth among lower-income households and younger workers has contributed to perceptions of being “left behind”, according to the...
The global strategy of computer hacking
Whoever operates on the Web and has even interesting or relevant data sooner or later will always be hacked by...
Economy3 days ago
BRICS countries deem a single crypto currency
South Asia3 days ago
A visible shift in US policy in South Asia
South Asia2 days ago
Pakistan and the Game of Throne
Energy News3 days ago
ADB Approves $300 Million to Reform Pakistan’s Energy Sector
New Social Compact2 days ago
Gold-digging & Gender Biases in Pakistani Dramas
Diplomacy2 days ago
The Role of Political Psychology in Diplomacy
Reports3 days ago
Concerted Action Needed to Address Unique Challenges Faced by Pacific Island Countries
South Asia2 days ago
Who wields “authority” in Pakistan? Need for maintaining separation of powers