Disruption is only positive for those with a plan to take advantage of it.
With tools in place, disruption can lead to new advantage, a rebalancing of prior arrangements, an exploited symmetry. Disrupting a drone’s control is often the first step to crashing that drone. Disruption can be an enabler, but it only works for those actively betting on disruption and those prepared for it.
For everyone else, disruption is the threat, the risk around which plans are designed to hedge.
I’m Kelsey D. Atherton, reporting from CyberCon in Crystal City, Virginia. Apologies for the, ahem, disruption in regular newsletter scheduling this week.
While disruption has obvious applications when it comes to how technology is used on the battlefield, it’s a dominant feature of the modern market, and disruption risks sweeping forced changes across the defense industry.
Consider, if you will, the humble server motherboard.
Autonomy and AI require a communications back-end, either for direction in the field or processing and refining sensor information between missions. Even without the robots, the modern battlefield is heavy with data-capture and data-transfer, and that means passing information through servers.
Servers, though, are built across the globe. Not just in the sense that many countries make them, but that even when one country is the final manufacturer for the server, the component parts have likely been sourced globally, and preliminary assembly took place before the parts made it to the final manufacturer.
Should a server motherboard be found compromised, the potential for where the vulnerability started stretches through the entirety of the supply chain. The potential for downstream disruption is, also, the whole of the market, as customers delays buys on fears of getting compromised product, government agencies and private firms conduct security reviews, and others in the market both capitalize on the void and scramble to make sure they have not been compromised in the same way.
Managing this risk, and the whole supply chain as an attack surface, can require several approaches. In 2019, Congress has mostly focused on national origin as the locus of security risk. Taken to its furthest extreme, concerns over supply chain security might ultimately require the creation and substitution of whole new domestic supply chains for those spread across the world. As disruptions in technology go, this decoupling could be extensive, leading to technology shortages in the short term, high prices in the medium term, and a world of hardware and firmware made by national champions instead of an interconnected international market.
Such a disruption is a choice. If it is to be a defining characteristic of security policy in acquisitions of commercial technology for government and military use in the future, it is a choice that should be backed up by planning.
Disruption only favors the prepared.
