September 21, 2011
Shalom Rotundus
September 10, 2011
Rising From The Ashes of 9/11
Rising From The Ashes of 9/11
July 23, 2011
Getting To Swift Cyber Justice
The first Department of Defense Strategy for Operating in Cyberspace is out (July 2011).
- "DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial or service of access or service..., and the destructive action--including corruption, manipulation, or direct activity that threatens to destroy or degrade network or connected systems."
- "Cyber threats to U.S. national security go well beyond military targets and affects all aspects of society. Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks and systems that control civilian infrastructure."
- "Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies."
Getting To Swift Cyber Justice
July 10, 2011
When Free Speech Goes Afoul
Freedom of speech is one of our most precious rights.
When Free Speech Goes Afoul
June 25, 2011
Busting The Organizational Bunkers
Busting The Organizational Bunkers
June 5, 2011
Video Surveillance Made Easier
Video Surveillance Made Easier
April 16, 2011
Wake Up To Advanced Technology
Yet another air traffic controller asleep on the job today--OMG.
Is anyone down there?
Wake Up To Advanced Technology
October 8, 2010
You’ve Got An Alert
You’re all probably familiar with the capability of signing up for alerts to your computer or mobile device (phone, blackberry, pager, PDA, etc.).
By signing up, you can get notifications about severe weather (such as tornados or earthquacks), transportation troubles (such as street closures or metro incidents), utility disruptions (water, telephone, or power), government and school closings, Amber alerts, or breaking news and information on major crisis (such as homeland security or other emergency situations).
Unfortunately, not everyone bothers to sign up for these. Perhaps, they don’t want to bother registering for another site, giving and maintaining their personal contact information, or maybe they just prefer to rely on major news sources like CNN or social networking sites like Twitter for getting the word out.
The problem is that in a real crisis situation where time is of the essence and every minute and second counts—envision that tornado swooping in or that ticking time bomb about to go off—we need to let people know no matter what they are doing—ASAP!
According to GovTech (October 2010), the California Emergency Management Agency is planning to deploy a new system called Commercial Mobile Alert System (CMAS) to “deliver warnings and safety information via text alerts to wireless phones in specified areas without requiring individuals to subscribe to the service.”
A pilot is scheduled to begin in San Diego in the fall.
With CMAS, emergency information can be targeted to an area affected and transmitted to everyone in the receiving area without them having to do anything. Just like your televisions receiving the emerging alerts (which is great if you happen to be watching), now your mobile devices will get them too.
I remember hearing the stories from my father about World War II how the German Luftwaffe (air force) would blitz (i.e. carpet bomb) London and other Ally cities, and the sirens would go off, blaring to give the people the chance to take cover and save their lives.
Well, thank G-d, we don’t often hear any air raid sirens like that anymore, and with CMAS having the potential to someday grow into a full national network of wireless emergency alerts, we may never have to hear sirens like that again.
(Photo: Courtesy Oak Ridge National Laboratory Emergency Management Center; http://communication.howstuffworks.com/how-emergency-notifications-work1.htm)
You’ve Got An Alert
April 4, 2010
Advanced Biometrics for Law Enforcement
Homeland Security Today Magazine (March 2010) has an interesting article called “Biometrics on the Battlefield" about how the American military has had significant success in Afghanistan taking biometrics and in using it for “vetting, tracking, and identification.”
Here’s how it’s done:
The biometrics system uses HIIDE (Handheld Interagency Identity Detection System) devices, which is “similar in size to a large camera, [that] connects directly to the BATS [Biometrics Automated Tool Set] database and matches inputs against a biometrics watch list of 10,000 individuals.”
The database “BATS uses a combination of fingerprints, photographs and iris scans, in addition to an in-depth background examination” to “screen potential local employees, identify detainees, and differentiate friendly individuals from insurgents and terrorists.”
How successful has the use of biometrics been?
“The use of biometrics has clearly thwarted security breaches and helped prevent unwanted activities by the enemy. Additionally, in 2008 alone, hundreds of HVTs (high value targets) were identified through the use of this biometrics technology.”
The article suggests the application of this biometric system for domestic law enforcement use.
Currently, fingerprint cards or stationary scanners are common, but with the proposed military biometrics system, there is the technology potential to use mobile scanning devices quickly and easily in the field.
The article gives the example: “if an officer came into contact with an individual under suspect conditions, a simple scan of the iris would ascertain that person’s status as a convicted felon, convicted violent felon, convicted sex offender or someone on whom an alert has been placed.”
In this scenario, quicker and more accurate identification of suspects could not only aid in dealing with dangerous offenders and benefit the officers in terms of their personal safety, but also contribute to ensuring community safety and security through enhanced enforcement capabilities.
Of course, using such a system for law enforcement would have to pass legal muster including applicable privacy concerns, but as the author, Godfrey Garner, a retired special forces officer, states “hopefully, this valuable technology will be recognized and properly utilized to protect law enforcement officer in the United States. I know that I’ve seen it protect our sons and daughters on the battlefields of Afghanistan.”
We are living in an amazing time of technology advances, and the potential to save lives and increase public safety and security through lawful use of biometrics is a hopeful advancement for all.
Advanced Biometrics for Law Enforcement
March 31, 2010
Balancing Freedom and Security
There is a new vision for security technology that blends high-tech with behavioral psychology, so that we can seemingly read people’s minds as to their intentions to do harm or not.
There was a fascinating article (8 January 2010) by AP via Fox News called “Mind-Reading Systems Could Change Air Security.”
One Israeli-based company, WeCU (Read as we see you) Technologies “projects images onto airport screen, such as symbols associated with a certain terrorist group or some other image only a would be terrorist would recognize.”
Then hidden cameras and sensors monitoring the airport pickup on human reactions such as “darting eyes, increased heartbeats, nervous twitches, faster breathing,” or rising body temperature.
According to the article, a more subtle version of this technology called Future Attribute Screening Technology (FAST) is being tested by The Department of Homeland Security—either travelers can be passively scanned as they walk through security or when they are pulled aside for additional screening are subjected to “a battery of tests, including scans of facial movements and pupil dilation, for signs of deception. Small platforms similar to balancing boards…would help detect fidgeting.”
The new security technology combined with behavioral psychology aims to detect those who harbor ill will through the “display of involuntary physiological reactions that others—such as those stressed out for ordinary reasons, such as being late for a plane—don’t.”
While the technology married to psychology is potentially a potent mix for detecting terrorists or criminals, there are various concerns about the trend with this, such as:
1) Becoming Big Brother—As we tighten up the monitoring of people, are we becoming an Orwellian society, where surveillance is ubiquitious?
2) Targeting “Precrimes”—Are we moving toward a future like the movie Minority Report, where people are under fire just thinking about breaking the law?
3) Profiling—How do we protect against discriminatory profiling, but ensure reasonable scanning?
4) Hardships—Will additional security scanning, searches, and interrogations cause delays and inconvenience to travelers?
5) Privacy—At what point are we infringing on people’s privacy and being overly intrusive?
As a society, we are learning to balance the need for security with safeguarding our freedoms and fundamental rights. Certainly, we don’t want to trade our democratic ideals and the value we place on our core humanity for a totalitarianism state with rigid social controls. Yet, at the same time, we want to live in peace and security, and must commit to stopping those with bad intentions from doing us harm.
The duality of security and freedom that we value and desire for ourselves and our children will no doubt arouse continued angst as we must balance the two. However, with high-technology solutions supported by sound behavioral psychology and maybe most importantly, good common sense, we can continue to advance our ability to live in a free and secure world—where “we have our cake and eat it too.”
Balancing Freedom and Security
January 9, 2010
Architecting A Secure Society
Once again, we are confronted with the basic security question of how much is the right amount?
It’s a classic catch-22 that requires us to architect security to meet opposing ends: we expect security to be as much as necessary to stop the terrorists, but as little as possible to ensure efficient travel and trade and maintain people’s privacy and equality.
In the last decades, we have behaved schizophrenically, calling for more security every time there is an attempted attack, only to withdraw and demand greater privacy protections, speedier security processing, and only random checks when things cool down.
The Wall Street Journal reported in the January 9-10, 2010 edition that the U.S.’s handling of security nowadays is an ever-losing proposition. The article calls it a virtual game of “Terrorball,” in which we cannot win, because there only two perpetual rules:
· “The game lasts as long as there are terrorists who want to harm Americans; and
· If terrorists should manage to kill or injure or seriously frighten any of us, they win.”
Based on the above, I believe that we can only win the game by changing its rules. Rather than being reactive to every terror scare, we are prepared with one approach—one that delivers an optimal level of security based on the current level of risk.
I recall when Michael Chertoff was Secretary of Homeland Security. During that time, he was a strong advocate for a risk-based approach that was multilayered, strong yet flexible enough to accommodate changing circumstances. From that perspective, which I think made a lot of sense: security decisions are made on the basis of objective criteria. These include technical feasibility, maximum effect, cost-benefit analysis, and so on.
A risk-based approach, or what I call “optimal security,” clearly makes a lot of sense. Yet it is tempting, when a security situation actually occurs, to let emotions get the better of us. On the one extreme, sometimes hysteria takes place and everybody seems a potential threat. Other times, we get angry that anyone at all is subjected to scrutiny or questioning.
In order to save the most lives and change the terror game, we have to decide to become more rational about the threat that faces us. This doesn’t mean being cold and calculating, but rather rational and proactive in developing a security architecture and governance that seeks to protect the most with the least negative impacts—but not trying to plug every possible hole at all costs.
In optimal security: sure, there is the ideal where we want to protect every American from every possible threat. However, there is also the reality where, because of competing priorities and scarce resources (to address everything from the deficit, health care, education, social programs, energy, science, defense, and more) we cannot—no matter how much we genuinely want to—prevent every terror instance.
So the terror playbook can and should be transformed. We can recognize there will always be terrorists—enemies of the state—who want to harm us and given enough attempts, no matter how optimal our security, they will occasionally get a sucker punch in on us—and we must be prepared for this. Moreover, rather than “freaking out” about this the terror threat, we can grow and commit to doing the best we can and accepting that we will increase security when information is there to support that need, and we will relax when that becomes possible.
Bottom line: We must move away from hysteria and any other factor that prevents us from being objective and make rational choices to deploy protections that are most effective and simultaneously safeguard our liberty.
“Life, liberty and the pursuit of happiness” captures the security debate well. We want to safeguard lives, but at the same ensure liberty and we want to be happy and not afraid all the time.
To accomplish this balance, our optimal security realization should be based on highly effective intelligence, supported by the very best technology, and a security platform that adjusts to threats in real time.
While our intelligence continues to strengthen and our technology continues to improve, the greatest challenge is our ability as a nation and as individual human beings to cope with the distress caused by terrorism.
We are ambivalent emotionally about the threat and what needs to be done to combat it. However, once we look inside and understand the emotions that this issue raises, and come to terms with reality we face, we will as a nation be more at peace and less likely to jump from one extreme to another in terms of our demands and expectations from those who protect us every day.
Architecting A Secure Society
June 12, 2009
Future Police Cruiser Architected for Law Enforcement
Carbon Motors E7 Police Car Photoshoot - Douglas Sonders Photography from Douglas Sonders on Vimeo.
Future Police Cruiser Architected for Law Enforcement
January 17, 2009
Decentralization, Technology, and Anti-Terror Planning
Read about Decentralization, Technology, and Anti-Terror Planning in The Total CIO.
Decentralization, Technology, and Anti-Terror Planning
Decentralization, Technology, and Anti-Terror Planning
The concept of decentralization is very simple. Rather than concentrating all your vital assets in one place, you spread them out so that if one is destroyed, the others remain functional. The terrorists already do this by operating in dispersed “cells.” Not only that, but we know that very often one “cell” doesn’t know what the other one is doing or even who they are. All this to keep the core organization intact in case one part of it is compromised.
Both the public and private sectors understand this and often strategically decentralize and have backup and recovery plans. However, we still physically concentrate the seat of our federal government in a geographically close space. Given that 9/11 represented an attack on geographically concentrated seats of U.S. financial and government power, is it a good enterprise architecture decision to centralize many or all government headquarters in one single geographic area?
On the one hand the rationale for co-locating federal agencies is clear: The physical proximity promotes information-sharing, collaboration, productivity, a concentrated talent pool, and so on. Further, it is a signal to the world that we are a free and proud nation and will not cower before those who threaten us.
Yet on the other hand, technology has advanced to a point where physical proximity, while a nice-to-have, is no longer an imperative to efficient government. With modern telecommunications and the Internet, far more is possible today than ever before in this area. Furthermore, while we have field offices dispersed throughout the country, perhaps having some headquarters outside DC would bring us closer to the citizens we serve.
On balance, I believe that both centralization and decentralization have their merits, but that we need to more fully balance these. To do this, we should explore the potential of decentralization before automatically reverting to the former.
It seems to me that decentralization carries some urgency given the recent report “World At Risk,” by The Commission on the Prevention of Weapons of Mass Destruction Proliferation and Terrorism—it states that “terrorists are determined to attack us again—with weapons of mass destruction if they can. Osama bin Laden has said that obtaining these weapons is a ‘religious duty’ and is reported to have sought to perpetuate another ‘Hiroshima.’
Moreover, the report goes on to state that the commission “believes that unless the world community acts decisively and with great urgency, it is more likely than not that a weapon of mass destruction will be used in a terrorist attack somewhere in the world by the end of 2013.”
Ominously the report states “we know the threat we face. We know our margin of safety is shrinking, not growing. And we know what we must do to counter the risk.”
Enterprise architecture teaches us to carefully vet and make sound investment decisions. Where should we be investing our federal assets—centrally or decentralized and how much in each category?
Obviously, changing the status quo is not cheap and would be especially difficult in the current global economic realty. But it is still something we should carefully consider.
Decentralization, Technology, and Anti-Terror Planning
March 18, 2008
Bioterror Sensors and Enterprise Architecture
Since the events of 9/11, America has been widely and deeply broadening its homeland security capabilities. One area that this has been occurring in is in the ability to detect an attack and respond quickly to save lives.
MIT Technology Review, 18 March 2008, reports on a new sensor system that can “detect six potential airborne bioterror agents” within three minutes.
The “new detector uses living cells that light up in the presence of airborne bioterror agents such as anthrax and smallpox” as well as botulinum, ricin and two other bacteria.
“The company selling the sensor, Innovative Biosensors of Rockville, MD, is marketing it for use in airports and other buildings, including laboratories where research on dangerous pathogens is performed.”
“The company has a contract with the U.S. Department of Defense for building security in the Washington, DC area.” And one would imagine that similar precautions are being taken in other major metropolitan areas in the country.
This is serious business and Innovative Biosensors is taking no chances. “The system can run 16 tests simultaneously, one in each chamber of the disc…when at least two chambers are devoted to each pathogen, there are no false positives.”
Certainly, we will continue to mature our homeland defenses. To do this, all agencies involved in homeland security must grow and develop their enterprise architectures. As with the new sensor system, protecting this country cannot be done by human factors alone, but will require ever greater technological sophistication to monitor the “bad guys” and prevent, protect, respond to, and recover from any threats.
Our adversaries will not resist using technology to harm us—whether through improvised explosive devises or attacks on our networks—and we will need every technological advantage we can get to defeat them.
One way to maintain our technology edge is through the rigors of enterprise architecture. This discipline is critical in developing a well thought-out business and technology plan, making sound IT investments, and governing our IT with care and diligence.
While at times it may seem that this great country has limitless resources, the truth is that all resources are finite and we must put those to the best uses, so that the technology we develop and deploy truly enables the mission of protecting this honored country and its noble citizens.
Bioterror Sensors and Enterprise Architecture
September 29, 2007
24 TV Series and Enterprise Architecture
“24, last year’s most Emmy Award-winning television series with five Emmys, including Outstanding Lead Actor in a Drama Series (Kiefer Sutherland) and Outstanding Drama Series, is one of the most innovative, thrilling and acclaimed drama series on television.” (TV.com)
What makes 24 so thrilling?
Well there is the drama, the intrigue, the ever twisting plot and constant terrorist threats, and of course, Keifer Sutherland and the rest of the 24 team.
There is also the technology and its application to track the terrorists, communicate effectively, and the business intelligence to decipher the terrorist plots. While the technology is not perfect and often it is used by the terrorists to thwart
On a Bluetooth technology website, I found this:
“Fox's hit television show ’24’ has always displayed the latest in cutting edge technology.
The technology used in 24 is viewed as cutting-edge and trend-setting (i.e. everyone wants to know which model
On another site, Government Computer News,
Again, the 24 series is viewed as a model for information technology users and IT sharing.
In the same GCN article, Homeland Security Department, G. Guy Thomas, the Coast Guard’s science and technology adviser for the Maritime Domain Awareness Project, states: “The ultimate goal that technologists and policy-makers should strive for is user-definable interfaces, which would provide a ‘common operational picture [
The
For Homeland Security enterprise architecture, 24 can serve as a target state forsynthesizing business process and technology. For example, the integration between the business processes and the technology is virtually flawless in
Additionally, even the character Jack Bauer himself displays not only tremendous heroism and patriotism in his efforts to protect this nation and its citizens, but also his innovative and can-do persona is a model for enterprise architecture development of creative yet grounded target technology states and transition plans for our organizations.
Additionally, from a User-centric EA perspective, we need to look outside our agencies at business and technology best practices in the public and private sectors, and yes, even at fictional portrayals. It is even from dramas like 24, and maybe especially from such visionary elements that EA can adapt information, creativity, and innovation to plan a genuine target state for our enterprises.
24 TV Series and Enterprise Architecture