Threats
Agencies and organizations cannot adequately detect or identify threat actor indicators if even the most basic security mitigations are poorly implemented. Once these threats and vulnerabilities are identified, they must be learned from, continuously mitigated, and systematically reassessed.
Education and awareness are the foundation to properly mitigating your organization’s threat landscape. Your organization must build a culture of trust; however, leadership must ensure proper verification occurs to close the identification cycle and mitigate threats to your organization’s equities.
Unfortunately, the victims of these threats typically do not become aware of the inherited risk until after the damage has already taken place. Security will always cost more when reacting to a threat rather than proactively mitigating it. The true cost is the redirected time, energy, and effort needed for mitigation.
Cyber
Cyber Crime will continue to increase as the digital age continues to innovate and create additional convenient resources for the day-to-day end-user. The need for convenience over security will become detrimental to an organization’s well-being unless proper mitigations are implemented to reduce the amount of risk posed by both regional and global cybercriminals. Cybercriminals have continued to sustain the ability to focus their efforts arbitrarily and unpredictably with advantageous results. The cyber threat operates without discretion and with levels of variation regarding the amount of tact applied. Therefore, without proper risk mitigations, your organization’s interests can be susceptible to various levels of significant risk. The more an organization becomes interconnected and independent, the higher the level of risk it will inherit. If an organization wishes to execute its agenda without compromise, the cyber threat posed by state actors, non-state actors, and their affiliates must be appropriately mitigated.
Dual-Use Commodities
Organizations must understand the context of dual-use commodities. Dual-use commodities can be defined by the type of material in question. For example, dual-use material can be used in both military/government programs or legitimate civilian applications. An example of dual-use commodities can range from electronics, computers, lasers, sensors, and even telecommunication platforms. Dual-use commodities are an excellent example of tangible material; however, there are also dual-use materials that are intangible. An example of an intangible dual-use technology is when a nation-state/agency continues to pursue the facilitation of internet access for economic development and commerce; while covertly using the system for policing online behaviors. The tangible commodity, the internet infrastructure, is entangled with the intangible commodity, the internet, and exploited by a particular entity. Dual-use gets even more complicated when one determines the amount of politics that go into the transfer or import/export of these tangible or intangible dual-use assets. That being said, it is important to distinguish that dual-use commodities can be tangible, intangible, or even both. For example, when looking at a specific dual-use chemical, the formula for a chemical, the system and process to transport or create the chemical, any trade secrets or intellectual property involving the chemical, and even how an organization can use or has used the chemical in the past, etc. are all considerations involving dual-use material or technology.