“You ain’t seen nothing yet!”

That’s the collective view from global cyberexperts as they describe the coming year of new data breaches and technology disruption that will impact every area of life.

As we exit 2016, a year in which hackers stole the show for a variety of causes, cybersecurity has risen to the top of the international priority list in areas ranging from politics to national defense and from smart homes to our global economic system. With new drones, artificial intelligence, social media websites, robots, autonomous cars, smart city infrastructure, and a plethora of Internet of Things (IoT) devices coming onto the market daily, how can we prepare for next-generation cyberattacks?

At the beginning of this year, I answered the question: Why more security predictions and how can you benefit? At the end of that article, I told readers to expect even more security predictions as we head into 2017. That has turned out to be true — with a twist.

No doubt, there are more lists looking toward the future than ever before. As I examined hundreds of technology and security articles, blogs, slideshows, videos and infographics related to upcoming 2017 events, I’ve seen a growing number of organizations prefer to name their views on the coming year as “forecasts” or “trends” or “projections.” I suppose that a “forecast” does sound more scientific — like a weather forecast that is based on mathematical models, satellites, radar and much more.

What is quite clear is that these lists contain a wide variety of content that ranges from hopes (you might even call them New Year's resolutions based on what vendors are already working on) to connecting-the-dots threat projections (based on 2015 and 2016 data) to educated guesses on security to dramatic cyberspeculations that get media attention. Security predictions are also showing up on other lists from automobile announcements to defense spending to the home toy market.

Nevertheless, I maintain my view that the security and technology industries offer tremendous value with these cyber research reports and expert analysis on threats from their best and brightest. I strongly urge technology and security pros to review these referenced lists and check them twice, in order to improve your strategic plans, product road maps, incident response scenarios and overall business operation.


From disruptive distributed denial of service (DDoS) attacks rendering entire swathes of the Internet including Netflix, Twitter, PayPal, CNN, The New York Times, and Amazon hosting services inaccessible, to nation-states inserting themselves into the democratic process of other countries’ self-determination, it has truly been a landmark year for cybersecurity—or lack thereof.

Nations are desperately attempting to exert national sovereignty over cyberspace via controversial new laws, massive breaches compromising the personal data of millions continue, and the stalemate over encryption technology endures as the rift between Washington and Silicon Valley only grows.

Cybercriminals are as prevalent as ever, and Nation-states have been emboldened in cyberspace. While both China and Russia use cyberspace to conduct all forms of espionage, China focuses on furthering its economic goals while Russia uses its toolset for influence operations to further its foreign policy objectives.

Perhaps most importantly, the reliability of attribution has come under increasing scrutiny, particularly because many states outsource their cyber operations to proxy outfits making the last mile of attribution even more challenging. As a result, the political will to respond to state-sponsored hacking is often lacking—a major hindrance to any hope of deterrence in cyber space.

So how should one best characterize the security of the virtual domain in 2016? And what have we learned that may illuminate cybersecurity efforts in 2017?

Chinese Economic Espionage

Following the U.S. indictment of Chinese military hackers last year and the subsequent agreement between the U.S. and China to halt economic espionage targeting intellectual property, China’s cyber activity appears to have declined this year—suggesting that responding to cyber attacks can actually create deterrence.


The Association of Former Intelligence Officers (AFIO) Notes featured the newest book written by Bob Wallace and Keith Melton, "Spy Sites of Washington, DC" as their book of the week.  The book is the third in a series of "Spy Sites" books and, like its predecessors "Spy Sites of New York" and "Spy Sites of Philadelphia", provides the most comprehensive view into the real "business" of espionage.  It's a must read! 

David E. Hoffman, author of The Billion Dollar Spy: A True Story of Cold War Epionage and Betrayal wrote:

"Wallace and Melton are expert chroniclers of the spy business.  Spy Sites of Washington, DC is admirably detailed and thoroughly enjoyable.  If you loved their book Spycraft on the intricate world of espionage tradecraft, you will find Spy Sites an essential guide to the intelligence landmarks of Washington."

For those who are unable to view the AFIO write-up, please take a look:


Spy Sites of Washington, DC: A Guide to the Capital Region's Secret History

by Robert Wallace and H. Keith Melton

(Georgetown University Press; Feb 2017)

The ideal late Christmas Gift to self and colleagues.

"Wallace and Melton are expert chroniclers of the spy business. Spy Sites of Washington, DC is admirably detailed and thoroughly enjoyable. If you loved their book Spycraft on the intricate world of espionage tradecraft, you will find Spy Sites an essential guide to the intelligence landmarks of Washington." -- David E. Hoffman, author of The Billion Dollar Spy: A True Story of Cold War Espionage and Betrayal (see Hoffman event Dec 11 in this WIN issue)  

"This delightfully informative book is a Who's Who of spy vs. spy skullduggery in the world's most powerful city. Spy experts Robert Wallace and H. Keith Melton take us on a mesmerizing tour of traitors and tradecraft revealing the wheres and whys of Washington's second-oldest profession. It's a must read for both the curious and serious researchers. Bravo!" -- Pete Earley, New York Bestselling author of Family of Spies: Inside the John Walker Spy Ring and Confessions of A Spy: The Real Story of Aldrich Ames

Washington, DC stands at the epicenter of world espionage. Mapping this history from the halls of government to tranquil suburban neighborhoods reveals scores of dead drops, covert meeting places, and secret facilities - a constellation of clandestine sites unknown to even the most avid history buffs. Until now.

Spy Sites of Washington, DC traces over two centuries of secret history from the Mt. Vernon study of spymaster George Washington to the Cleveland Park apartment of the "Queen of Cuba." With two hundred twenty main entries as well as listings for dozens more spy sites, intelligence historians Robert Wallace and H. Keith Melton weave incredible true stories of derring-do and double-crosses that put even the best spy fiction to shame. Maps and more than three hundred photos allow readers to follow in the winding footsteps of moles and sleuths, trace the covert operations that influenced wars hot and cold, and understand the tradecraft used by traitors and spies alike in the do-or-die chess games that changed the course of history.

Informing and entertaining, Spy Sites of Washington, DC is the comprehensive guidebook to the shadow history of our nation's capital.

The book may be pre-ordered here.


For kinetic weapons like tanks, production costs generally outweigh research and development. For cyber weapons, R&D is almost everything.

Max Smeets’ take on the cost of cyber weapons is a thoughtful piece about the economics of cyber warfare, and the article is a useful point of departure on this topic. However, a few additional points not discussed by Smeets are worth considering, and they all point in the direction of higher costs that his piece might predict.

Begin with the fact that the economics for cyber weapons usable in a military context are fundamentally different than for kinetic weapons. With the latter, military power is highly correlated with number—specifically, the number of identical units of a given weapon. One hundred tanks (with crews, logistics, etc.) provides more military power than one tank. That is, for kinetic weapons, military power accrues as the result of procurement processes.

Not so for cyber weapons. No one would argue that a nation has more cyber power in a military sense if it has 100 identical CD-ROMs with a software-based cyber weapon on it. For cyber weapons, military power accrues as the result of research and development (R&D) processes.

So what? In the weapons acquisition process, R&D costs are amortized over multiple copies of a weapon. The effectiveness of a cyber weapon is a very strong function of the target’s characteristics. For example, the smallest change in configuration of the target can under many circumstances completely negate the effectiveness of a cyber weapon against it. To successfully attack two cyber targets that are almost identical may require two very different cyber weapons employing two different approaches to achieving their destructive effects. The coupling between weapons effectiveness and target characteristics is much weaker for kinetic weapons.

The consequence is that as a general rule, a targetable cyber weapon has to be customized to its target(s) to a much greater degree, and thus any given cyber weapon is likely to be usable over a much smaller target set than for a kinetic weapon. Thus, the cost of a cyber weapon, which is almost entirely in R&D cannot be amortized over as many targets as would be the case for a kinetic weapon. This fact necessarily increases the cost-per-target destroyed.