To get notices of new blogs via email, click here:

Thursday, December 16, 2010

The Perfect Virus principle #21: Institutional Memory

As indicated in my post of Monday, 11/22/2010, I am extrapolating Jeff Walker's Principles for the Perfect Application into a discussion of The Perfect Virus. Since Jeff's monograph on the subject did not anticipate stealth or suicide mechanisms, any errors or lapses into stupidity are solely my additions and should not reflect poorly on what I consider to be the biggest single contribution to software application design since the invention of computers. And Jeff, thanks for giving me permission to do surgery on your baby.
THE PRINCIPLE OF INSTITUTIONAL MEMORY:  The Perfect Virus aggregates genetic memory—from previous Mutation Control (principle #6) trails, failed attacks or suicides documented as part of Feral Fertility (principle #2), and various other penetration metrics reported to the Prosumption (principle #11) dashboard—into an Artificial Intelligence (AI) help desk mechanism for leaders as well as individual workers. The AI uses Institutional Memory to compute the probability of and the timeframe for success at each state of an operation.


Institutional Memory contains:

  1. Tactics that have worked in the past;
  2. Tactics that no longer work in certain areas;
  3. Windows of opportunity that may close soon;
  4. Performance analytics sliced and diced by personnel and organizational performance, financial yield, historical timeline, etc.;
  5. Hardened sites and their defensive countermeasures;
  6. Cumulative Genetic Memory (a la Frank Herbert's Dune novels); 
  7. Mutation history analytics, including timeline;
  8. Parley statistics (conversations invoked due to the institution's compliance with the Cyber Privateer Code) and resolution analysis;
  9. Competitive statistics obtained from run-ins with other privateering/virus-launching organizations; and
  10. Rule-based escalation analytics to immediately notify the command chain of exceptional situations.
The above examples show the importance of maintaining an Institutional Memory that's self normalizing, dynamic, and can not only be queried from the ARRGH (the Astructural Recon & Raid Generation Hyperlanguage) facility but, as is important in any AI environment, also offers the ability to ask "Why?" when an explanation for a given logical inference is questioned. For example, if a dashboard suggests a low probability of success for a given exploit, then management may require the individual operator to drill down the logic chain in order to mitigate high-risk scenarios. The AI's answer to the "Why?" question may give a road map for eliminating certain risks and thereby increasing the probability of success past a minimum-acceptable threshold.

Over time, the Institutional Memory AI will become the crown jewel of any cyber privateering enterprise. In fact, M&A (Mergers and Acquisitioins) activity may depend upon sharing and/or combining Institutional Memory assets of multiple organizations. And an IPO (Initial Public Offering) may require audit by a trusted third party.

Tomorrow will be the final principle, #22: Defense. And I confess, it's the one that let me take some giant leaps of fantasy as I considered the defensive arsenal made possible by The Perfect Virus. Stay tuned.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?