Technology Investment Implications in the New National Security Strategy
Published: January 17, 2018
December 2017’s new National Security Strategy outlines potential technology investments.
Back in December 2017, the White House published a new National Security Strategy intended to replace the NSS announced by the previous administration several years back. The new strategy discusses national security developments at the macro level, including several technology areas that the administration finds worthy of pursuing. This post examines the NSS in an effort to identify potential areas of future investment.
Big Data/Artificial Intelligence
Employing a new term – Information Statecraft – the new NSS claims that “America’s competitors [have] weaponized information to attack the values and institutions that underpin free societies, while shielding themselves from outside information.” The key to success in this area is integrating “information derived from personal and commercial sources with intelligence collection and data analytic capabilities based on Artificial Intelligence (AI) and machine learning,” something the United States faces stiff competition from in China especially. The result is an ever growing number of security breaches – both governmental and commercial – that threaten the operations of significant institutions.
Implications – The administration frames the discussion of advanced analytics and artificial intelligence in the context of cyber warfare and efforts to shape public opinion, suggesting that the government takes steps to develop new strategies and avenues for countering threats. Suggested solutions include modernizing platforms to deliver the administration’s message and enhancing analysis of adversarial activities so that they can be countered. In practical terms this should translate into increased spending across the Department of Defense, State Department, Justice, and Homeland Security on advanced analytics which track adversarial behavior online, as well as on machine learning solutions that automate security processes and, lastly, on situational awareness tools that clarify the understanding of things occurring in cyberspace.
Addressing transnational criminal organizations, including terror cells and drug cartels, as well as state-actors and lone wolves, the NSS recognizes the threat that malicious activities in cyberspace pose to U.S. banking, political systems, and critical infrastructure. Defeating these activities by enhancing situational awareness and hardening cyber defenses will be administration priorities. Offensive capabilities are also not left out. The administration proposes identifying and prioritizing risk, building defensible government networks, developing layered defenses to deter and disrupt malicious actors, and imposing costly consequences on such actors.
Implications – The NSS provides a clear mandate for federal agencies to maintain the ramping up of spending on cybersecurity that we have seen in recent years. Building defensible government networks in an era of outsourcing suggests that commercial networks will be required to prove they are as secure as possible; particularly cloud computing providers. In other words, while agencies might spend on implementing cybersecurity enhancements in-house, they will also spend an increased amount on buying commercial cloud services that vendors not necessarily the government must defend. Outsourcing basically shifts the burden of securing government data onto industry partners with all the attendant risk that entails.
Another possible dimension of cyber-spending that involves cloud capabilities, but which merges them with agency IT infrastructures, involves the Security Operations Centers-as-a-Service proposed by the White House’s American Technology Council in its autumn 2017 report. Agencies are encouraged in the ATC report to employ commercial SOCaaS in place of in-house solutions.
As the new NSS makes clear, the federal government will have a multitude of requirements it needs industry partners to provide. From machine learning and advanced analytics to cloud capabilities and cyber warfare tools, agencies will need to invest millions to ensure that their operations remain safe and operable while introducing modern technology solutions that enhance performance.