Information Warfare (IW) and your Company Risks

Information Warfare (IW) and your Company Risks

Aug 17th, 2009

There are two ways to look at Information Warfare IW and your Company Risks from a Entreprise Risk Management (ERM) point of view: the good one and the bad one.

The good one encompasses good thinking and planning, the bad one goes into premature acquisition of technical solutions, hardware and “magic gear”.

Information Warfare IW and your Company Risks

Cyber Defense Operations Command Monitor

First of all let’s look at the reality of things: does IW exist? Sure it does: there are even schools that teach it, addressing corporate needs; and it has been abundantly used in recent armed conflicts.

Secondly let’s answer a simple question: is IW at the exclusive reach of highly skilled programmers and hackers? Here the reply is again clear: with minimal study and efforts anyone can implement an IW attack and start a campaign against a corporation.

Information Warfare IW and your Company Risks

Riskope International was asked by a European army to perform an IW risk assessment on an entire country. More specifically we were asked to evaluate how much money should be invested by an hostile party to obtain a certain damage level to a country, and what the likelihood of reaching that goal would be. We were asked to stay away from hacking or technical procedures, as the military are well equipped in those areas, but rather to examine the information related risks. We found out there is a very fine line between IW and good old propaganda, as defined from WW-I on to nowadays. Obviously information vectors have evolved, and therefore deployment tactics have/should changed.

The results of Riskope International study changed the view of our clients on what objectives can be achieved, what damage can be brought to an organization, and what it takes to get there. During the study an attack on Italian Civil Protection, perpetrated by a non identified group, showed that our conclusions closely matched reality.

Finally, looking at what kind of protection a corporation can develop, it becomes apparent that filtering and properly fusing information in order to trigger timely (immediate) and pertinent response seems to be the way. Recent documented examples in industry have shown how true this statement is.

Riskope International IW missions for corporate clients are geared towards helping clients to detect informational vulnerabilities, finding how easy it is to “fake” or distort information, how “colorful and vivid” the distorted information would be…and finally how that information can be brought to self-amplify and infect the informational environment of the corporation.

Once clear filtering and fusing criteria have been selected, it will be time to start thinking about gearing up…not before that, the penalty being a significant waste of mitigative investments and most likely no protection at all.

Tagged with: , , , , ,

Category: Crisis management, Risk analysis, Risk management

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog latests posts

  • Wells Fargo judgement and Tailings risks
  • 1-02-2023
  • We thought of Wells Fargo judgement and Tailings risks in follow-up to the recent judgement against a number of bank’s…
  • Read More
  • Prefeasibility hazard adjusted NPV
  • 25-01-2023
  • A mining company asked us to perform a Prefeasibility hazard adjusted NPV evaluation. Our action first focused on bringing clarity…
  • Read More
  • OpenAI’s ChatGPT applied to tailings dams and associated risks
  • 11-01-2023
  • As everyone else, we got excited about the new ChatGPT so we tried OpenAI’s ChatGPT applied to tailings dams and…
  • Read More
  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Hosted and powered by WR London.