Information Warfare is a Powerful Approach for Attaining and Maintaining a Competitive Advantage

The purpose of a business is to create value for its shareholders, and the purpose of a government is to provide for the common good. From a business viewpoint, being effective and efficient in current markets and opening new lines of business is key to sustained revenue generation and profits. At the same time, the business may be the target of an IW attack (see Figure 13.5). From a national security perspective, we should expect the military, intelligence community, and law enforcement to develop and use capabilities in order to maintain sovereignty, create and sustain peace and economic prosperity, and ensure public safety from criminals and monopolies. Neither entity can survive by insulating itself. They must embrace, within their value system, whatever it takes to go beyond surviving in order to "thrive."

Figure 13.5: How to use IW to achieve goals and objectives.

The complexity interwoven across government, industry, and society presents a daunting challenge for IW. It is in the best interest of any government, business, and other organization to take prudent action to defend against information warfare attacks and to be able to launch them.

The advanced cracker breaks into online shopping exchanges, manipulates orders, steals merchandise, plunders credit card numbers—the modern day pirate, highway robber, and Wild West outlaw. Those who would be part of the online shopping population come to expect this malicious behavior and are dissuaded from shopping online. The result: "dot-coms" go out of business, venture capitalists withdraw support and are reluctant to back new startups, and, in the very near future, insurance either will not be written or the premiums will be too high and there will be lawsuits. It appears IW is tailor-made to handle such a situation.

Espionage, disinformation, physical destruction (normally permitted by law only for the military and law enforcement), and other actions are a means to an end. IW is a higher level, cerebral activity. The target can be a population (the national will or a specific political, religious, or ethnic group), a despot, a general, or anyone in an organization. How, then, should IW be applied to industry? After all, isn't war a declaration of Congress, Parliament, or other government entity? If a business is destroyed by an act of war or terrorism, it will not be remunerated by insurance. Is this a misnomer? By no means!

Since business is war, the principles of war normally associated with the military ought to be applied. These are not rigid, and their application is tailored to each use. Objective, offensive, mass, economy of force, unity of leadership, maneuver, security, surprise, and simplicity are generally recognized principles that will benefit any organization. Applying the principles to coherent and synchronized IW will produce a positive return on investment (ROI).

In the IT world, determining ROI is considered the Holy Grail. The problem for quantitative metrics for IW is orders of magnitude more difficult because of the many disciplines, organizational levels, and the sheer scope involved. Some prefer it that way because it allows them to hide behind classified information and black magic. If IW is to be successful, metrics are necessary. Existing traditional measures are a good start (e.g., How many probes did our intrusion detection system pick up?), but are not sufficiently expansive and precise. What is the value of a database? What is the value of that database after it has been successfully data mined? Since quantitative metrics still need to be developed, qualitative ones will need to be used.

Information warfare is an embracing approach, customizable to produce positive results in any organization, and tailorable to meet the demands of the marketplace. By balancing tried and true capabilities with leading-edge technologies and concepts, IW remains fresh and a useful approach for achieving goals and objectives on the way to attaining and maintaining a competitive advantage.