Robert Garigue: Carleton University Research Page

Advanced Cyber/IO, Historic Contributions

Below is secured for the future. As of 24 December 2010 it is still online at Carleton University.  Dr. Robert Garigue passed away 10 January 2007 at the age of 55.  He was the only person we knew then or know of today that was deliberately and completely integrating belief systems, knowledge, information, data, security, and technology as a single cyberspace.

Continue reading “Robert Garigue: Carleton University Research Page”

Robert Garigue: Feedback for Dynamic System Change

Advanced Cyber/IO, Analysis, Balance, Citizen-Centered, ICT-IT, Innovation, Leadership-Integrity, Multinational Plus, Policies-Harmonization, Processing, Reform, Strategy-Holistic Coherence, Threats, Tribes, True Cost
Click to Enlarge

Information security is not a static process–you cannot “lock down” information the way the Air Force has tried to do, prohibiting all flash drives because it has failed over decades to actually embed security in every aspect of the process from human to download alerts.  Interactive feedback loops are simple and effective.  Winn Schwartau pioneered time-based security and risk-based security.  Now if we just accept the fact that 80% or more of the information we need to be effective is not secret, not in English, and often not online at all, this represents a 180 degree turn away from the current focus on centralized cyber-security to the exclusion of all else (such as mission effectiveness).  As Russell Ackoff put forward: we have been doing the wrong thing righter, and are about to spend $12 billion doing the wrong thing righter, instead of going ALL STOP and redesigning all systems, human to technical, around M4IS2 (multinational, multiagency, multidisciplinary, multidomain information-sharing and sense-making).  One can no more merge all the Serious Games into one World Game than one can merge all the stovepipes into  one “all-source” system.  We have to do a clean-sheet requirements review and design for M4IS2 success, otherwise we automatically default to more of the failures that NSA and its various contractors are so notorious for….

See Also:

Robert Garigue, “Technical Preface” to Book Three

Robert Garigue, CISO Briefing

Robert Garigue: Role of the Chief Information Security Officer

Advanced Cyber/IO, Balance, ICT-IT, Innovation, Leadership-Integrity, Multinational Plus, Policies-Harmonization, Reform, Strategy-Holistic Coherence, Threats, True Cost
Click to Enlarge

IMPORTANT:  The Chief Information Security Officer (CISO) is not the Chief Knowledge Officer (CKO) nor the Mission Commander or the Mission Logistics Officer or any of the other mission support specialties.   The point is that security and knowledge must co-exist and in collaboration with one another, the CISO and CKO need to ensure that the force is trained, equipped, and organized so that the right information is available to the right person at the right time in the right format.  If in doubt, err on the side of access, not control.  It is much easier to do that if you are honest about NOT classifying the 80% that should NOT be classified.

See Also:

Robert Garigue, “Technical Preface” to Book Three

Robert Garigue, CISO Briefing

Robert Garigue: Security Services versus IT Processes

Advanced Cyber/IO, Corruption, ICT-IT
Click to Enlarge

Robert Garigue was focusing only on the “technical” side of the matter.  The above divide is compounded (made exponentially worse) by the divide between cyber-services and human end-users.  To the best of our knowledge, no one has done a full-up functional requirements survey since 1986, and we still do not have the eighteen CATALYST functionalities in a single integrated software tool-kit because no managers are ever held accountable for failure, nor do they hold vendors accountable for delivering vapor-ware rather than functionality.

Cyber-Spending: A Culture of Failure without Liability

Advanced Cyber/IO, Corruption

The Success of Failure

By Shane Harris sharris@nationaljournal.com April 4, 2007

Government Executive

In 1999, program managers at the National Security Agency knew they were in trouble. A new and important electronic filtering system, code-named Trailblazer, wasn't working as designed.

Planners imagined it would automatically find phone calls, e-mails and electronic communications of terrorists and other threats sitting in NSA's massive intelligence haul. But Trailblazer was coming unglued before it was out of the gate.

Rather than pull the plug, for six years the agency tried to save Trailblazer, transferring management responsibility to different teams that tweaked the design and made it more complicated. Like some toxic jug of moonshine, Trailblazer was passed around among agency and contract personnel until, $1.2 billion later, it still didn't work.

This story of massive failure came to light through the dogged reporting of The Baltimore Sun‘s Siobhan Gorman, who is deeply sourced on NSA issues. In February, she revealed that yet another data-sniffing project was under way. Aptly named Turbulence, it, too, is on the rocks, with annual costs approaching $500 million.

If you're shaking your head, it's probably because you know the Trailblazer story isn't unique. The FBI, the Internal Revenue Service and the Marine Corps, to name a few, have watched massive system modernizations crash and burn. The reasons for these disasters are well-documented and maddeningly similar: insufficient agency management, contractors that overpromised and anemic-to-nonexistent congressional oversight.

. . . . . .

This all sounds cynical, because it is. Whether or not it's deliberate is another matter. But you don't have to believe that people consciously fail to recognize the windfall it brings. Even if they don't know why, there's a reason people keep making the same mistakes: Failure is one of the most successful things going.

Read full article online….

Robert Garigue: The Evolving Role of the Chief Information Security Officer within the new structures of Information Systems

Advanced Cyber/IO, Historic Contributions
Click to Enlarge

Briefing as Presented

Seminal Technical Preface (2008)

Gunnar Peterson on Robert Garigue’s Last Briefing

Core Slides as Expandable JPEG with Comments:

Robert Garigue: When Everything Else is Distributed….

Robert Garigue: Information Security MANDATE

Robert Garigue: Structuring Risks (Role of Security)

Robert Garigue: Evolution of Cyber-Space

Robert Garigue: Three Information Security Domains–the Physical (Old), the Process (Current), and the Content (Future)