Are we living in a super-VUCA world (Volatile, Uncertain, Complex, Ambiguous)?  To help members optimize opportunities and reduce risk in this VUCA world, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.

To encourage openness of discussion, these sessions take place with Chatham House rules, where participants are free to use the information in the meeting but are asked not to directly quote or identify other participants (we also keep privacy in mind when preparing summaries of these sessions, like the one that follows).

Topics for discussion on the October Monthly call were:

• General feedback on the recent October 13th Global Computer Chip Supply Chain Stratigame
• Review of the October 13th Global Computer Chip Supply Chain Stratigame Pre-Read Posts
• Big issues in the areas of geopolitical risk, technological risk, and cyber risk
  • Great Power Competition
  • Terrorism: Foreign and Domestic
  • Informal but Impactful Self-Organizing, Open-Source Information Networks (Non-state Actors/Informal OSINT Groups)
  • Signals and Sensemaking Methodologies and Frameworks Moving Forward
  • The Ghost in the Shell?
• Other general technology and policy topics for follow up research

 

 

General feedback on the recent October 13th Global Computer Chip Supply Chain Stratigame:  A variety of network members offered the following feedback on the initial Strsatgiame RE: a global chip supply chain disruption in the 7-to-10-year timeframe (Years 2028 – 2031):

• The initial framing with some working assumptions that created the model which was presented on the call was effective, as it gave the group something to speak to on the call. For this network member, the most valuable part of the Stratigame interaction was challenging the model and challenging the assumptions. Noted the member: ” I think we extended the model too. Seeing the updated model and what that looks like will be helpful –  that iterative process, and not forever, but a couple of iterations? – is really going to be valuable for the overall process.”
• It wasn’t just a discussion amongst technologists about technology. The model allowed a wide-ranging dialogue about the interplay between politics, social realities, and the technology itself, which we are usually segregated by topic. The tech people talk about tech and the policy folks talk about policy. The model allowed for an integrated conversation. It is a really good way to push people to think outside their own boxes.
• A private sector practitioner offered the perspective that breaking down the possible scenarios and the four quadrants was helpful: “It helped me think through what does this mean to my industry vertical (which is very technical, shipping dependent, and supply chain dependent)? I think the model will inform our enterprise risk model. How do we address some of these risks? No model is perfect, but this approach is helpful in discussing the topics in a way that an enterprise can understand.”
• Quadrant #4 (Let’s Go Crazy: Global Supply Chain is STABLE; Security Vulnerabilities are LOW) where everything is perfect – might not be such a good quadrant to be in “because it has this big risk of drifting back into the worst quadrant.”
• One network member put together the following graphic to think about innovations or scenarios that we have seen in the past for each quadrant:

 

• The member noted that he was having a hard time thinking of a historical precedent for Quadrant #1 (Purple Rain– Global Supply Chain UNSTABLE, Security Vulnerabilities LOW): “I could not think of any historical precedent. This might be my failure of imagination or knowledge, so if anyone has an example, I’d love to hear it.”
• One participant noted that “when we game this out further, the iterative component is vitally important.”
• Besides the X/Y axes of the scenario quadrants, four other uncertainties/trends (used by the OODA Loop Team when formulating the quadrant scenarios) were shared in the chat on the monthly call:
  • The national security impact of the disruption
  • The economic impact of the disruption
  • The severity of the ongoing political crisis and polarization in the U.S.
  • The level of USG and private sector strategic collaboration, preparation, and innovation prior to the disruption

Review of the October 13th Global Computer Chip Supply Chain Stratigame Pre-Read Posts:  A handful of OODA Loop website posts in the lead-up to the Stratigame on the 13th were designed as an informal pre-read for members in preparation for the exercise.  A couple of posts were related to the scenario planning methodology and the history of the OODA Loop to get people thinking about the process, the framing, and the tools that we are using:

Dan Gerstein and Lance Mortlock on Technology Futures and Scenario Planning

Chet Richards and the Origin Story of The OODA Loop (Part 1 of 2)

The other posts were concerned with uncertainties and trends specific to the global IT and ‘brick and mortar” intermodal supply chains:

Supply Chain Resiliency Critical to Exponential Quantum Computing Innovation and Climate Change Response

Building Resilient Supply Chains and Semiconductor Manufacturing

China’s Formal Bid for Global Dominance of the Semiconductor Supply Chain

U.S. Treasury’s Response to Ransomware Gangs: Punish the Attackers and the Victims

We plan to use this informal pre-read format in the lead-up to future Stratigame sessions – and would like network feedback on the effectiveness of the approach.

On the monthly call, the participants discussed the “Supply Chain, Quantum Computing and Exponential Technologies” pre-read post. An animated discussion ensued, with the following vital takeaways:

• The post does not specifically talk about the supply chain but highlighted the market signals around quantum computing – and exponential technology innovation generally – and how it relates to modeling climate change in the 7-to-10-year timeframe.
• Climate change is positioned in the post as an existential threat that impacts all strategic thinking.
• The post was primarily designed to keep front and center one of the initial concerns expressed by the membership on the August monthly member call – which is the impact of a semiconductor supply disruption on AI innovation.
• Questions posed by the Quantum post included: will an increase in machine learning datasets need to be handled by a quantum computing innovation on the back end of data centers? Is a disruption in AI innovation dependent on quantum innovation as a solution to global semiconductor dependency?
• The discussion turned to the current quantum computing market signals: are they following the success of current AI delivery platforms and ecosystem (like AWS Microsoft Azure Platform as a Service [PaaS]) models?  Will the infrastructure be in place for quantum to be platform/ecosystem scaled into a hybrid subscription model to provide the computational capabilities to support AI/ML innovation in the 7-to-10-year timeframe of the Stratigame? If so, what are some of the use cases?
• Based on PAI, the quantum computing marketplace was positioned on the call as showing “pretty good signals that quantum is going to have a pretty robust startup ecosystem – and then M&A acquisition and innovation environment moving forward, again mirroring the AI/ML marketplace for platforms and products.”
• This analysis was met with a productive pushback by a network member, highlighting that based on personal experience doing high-quality research in this area and talking to real physicists working in this domain, the quantum computing market being discussed is a classic hype cycle. Specific to the Stratigame topic, the member noted that “connecting chip shortages with quantum computing is not a good idea at this point because the Qubits are still in the research stage. I know some of the startup companies that, off the record, admit they know they are trying to cash out. It’s not a real thing. Your points are legitimate about machine learning and the necessity for advanced chips to maximize AI innovation. I agree with that, but I would hate to see that clouded by trying to tie it to quantum computing.”
• “The analogy for quantum computing startups is not MySpace, it is Cold Fusion. Even IBM is pushing that they have a quantum computer. This is not real. Qubits that are not like chips. All this work on quantum is important and it’s being done at a research level, it is intense; it is not seven to ten years out: it’s decades out. And the real applications for quantum computing have to do with Shor’s algorithm.”
• Another network member offered that “having talked to engineers at AWS, there are some use cases emerging, i.e., a way to better model the production of ammonia. It is a simple use case that could generate huge savings in a chemical process that would make a lot of research worthwhile. It is not Shor’s algorithm, but it is a use case.”
• Overall, the point was made that all these quantum use cases mentioned for climate change or ammonia production are “hammers looking for nails.”
• A really sophisticated point emerged from the conversation, which is the potential for a brain drain caused by talent flocking to the quantum startup space: “Everybody wants to jump on this startup bus. They want to get into it and they’re going to fail. And China is waiting in the wings ready to invest in those companies after they have failed – and do the equivalent of an “acquisition hire” essentially of smart people who are trying to jump on this quantum bandwagon. So, there is going to be a problem here, but you are talking around the wrong problem. The problem is going to be a depletion of a highly capable workforce then being mined by the Chinese.”
• The conversation got one network member thinking outside of the quantum hype cycle to technologies that may actually be viable to solve the “pain points” framed by the Stratigame: “there is a whole set of current technology development that has really not received the attention it should. Specifically, I am referring to Josephson Junctions – this stuff has really come a long way towards use cases you could install in an enterprise. IBM did a lot of the work in this area. Intel’s Neuromorphic efforts were also referenced.
• There are a lot of implementation approaches or bab approaches or design approaches that have the potential to be better than what we have had in the past. So, there are some potentials for some jumps between now and this next timeframe we are talking about that are not getting covered in the press. They should be covered because I have seen real-world implementations of this stuff. So, I think rather than assume that quantum is the next significant foundational leap that defies Moore’s law, for example, be advised there are other things that might be contenders that have more of a track record.”
• The final discussion point on this topic, left open for follow up, was encouraging the membership “to consider exponential technologies generally, and the bigger question of: in what order would you put your concern for the impact of a semiconductor disruption (as framed by the Stratigame) on the following technologies: quantum computing, artificial intelligence, robotics, additive manufacturing, and synthetic or industrial biology?”

Big issues in the areas of geopolitical risk, technological risk, and cyber risk:  The conversation then opened to a discussion of ongoing research topics as itemized in The OODA C-Suite Report: Operational Intelligence for Business Leaders for further research:

• Great Power Competition
  • This time out, will a Cold War and Terrorism act as formal proxy warfare? Will that persist?
  • The last Great Power Competition was Sub-national Conflict. Places like Latin America are disintegrating with high levels of corruption. Africa? We should look at that subnational conflict that we never got quite right.
  • China does have some internal dynamics that could cause it to crash, but when groups are likely to fail, they do become more violent. Is there a threshold?
• Terrorism: Foreign and Domestic
  • Did we calibrate the response to terrorism properly? Do we understand domestic intelligence? There are a lot of sub-ordinant threats within the bigger threats.  You must play the “major theme”, but then you need to play some other games and challenge them.
  • An extreme but interesting example was given:  “the need to look at the development of a new religion is often looked at as a ‘ridiculous’ notion considering the metrics that show that people are moving away from religion. But what about La Santa Muerte in Mexico? and Q-Anon having a belief system that is like a religion? There are things that look like they are not plausible or trending in a separate way – but they just manifest themselves differently. I think we do not want to get locked into one viewpoint.”
  • Another network member responded: “I don’t think it is ridiculous at all. I will pull a little bit on that thread: millions and millions and millions of people are subscribing to ‘I’m not religious, but I do all these rituals et cetera, et cetera.’ So, I do not think it is ridiculous at all. I think that we do not train people to care about these things in the schools that they go to. And that we now have a generation of people raised to do foreign policy and national security who have little life experience but have $300,000 degrees.”
• Signals and Sensemaking Methodologies and Frameworks Moving Forward
  • There are singular threats. We need to have some ubiquitous threat sensing and methodologies for that ubiquitous threat sensing – then play that through iterations into other things. The long-term dilemma has always been how you integrate strategic foresight into an early warning system and then into current intelligence? There is a tendency to break them up. How do you work them all simultaneously?
  • We got rid of the draft, war taxes – these blunt instruments that were feedback loops to the domestic US population. Do some power centers in Washington find it convenient to ignore domestic policy, focusing on international relations and the post-World War II world order? A network member suggested that “we have a lot of signals indicating that structure is no longer working and that there are a lot of people that are angry and are disinterested in the elite perspective. This is not just a US problem. This is playing out in Europe as well. Looking for signals where this is starting to break down is going to be incredibly important.”
• Informal but Impactful Self-Organizing, Open-Source Information Networks (Non-state Actors/Informal OSINT Groups)
  • The next share from a network member came with a compliment about the ‘safe space’ the monthly call creates for discussing any topic, no matter how far out or formative: “I made a note coming into this call about something that I have been reticent to bring up. It is something I have discussed privately with two people here on the call and the problem is that it is hard to find a venue where I can find people just dispassionate enough to have the conversation. I have been collecting on what we now call malicious hackers and trolls since before the US government was – I have been focused on it for about two years. What has become apparent to me – I’m going to make an audacious statement so feel free to shoot me down – But I have personal experience and I have reached a conclusion that there are active groups that have capabilities that probably rivals some countries – that are completely informal and not as structured as everybody thinks they are.”
  • The same network member then described the successful effort by 4Chan users to track down the location of Shia Lebouf’s Trump protest flag: “Just pointing at this flag on the sky with no other information, within about six hours, people had figured out from ambient sounds, aircraft traffic passing by open sources where in the world, cause there was no hint about where in the world this was in the world, this thing was located and then proceeded to steal the flag that night. So, I look at this analysis: this is credible analytical work by people just following around. The problem we have now is unless you have the skills to correct your own analytical biases and to understand that influence campaigns are a real thing, there are constant arguments taken as fact by both the press and the government about what motivates certain groups.”
  • The member continued:  “We have a problem now in the social and influence campaign world, where there is a tier of actors with capabilities that nobody realizes are there. And yet we see reactions that amplify things as if both sides of a perspective are true. I have been unwilling to even advance this topic formally because everybody thinks I want to talk about their political opinions. And I do not.  This is a “meta” consideration that I think affects the integrity of analysis, whether you are in the private sector or the public sector. And I am not even sure how to broach it or what to name it or how best to frame it further.”
• The Ghost in the Shell?
  • Another participant on the call “wanted to double down on what is being said. I am in the Midwest right now and so moving from DC to Missouri during the pandemic, I have been living the pandemic through two lenses. So, I am working remotely back to DC., and my brother here locally in the Midwest is like one splinter shy of being a full-fledged prepper. And so, we have been talking a lot about how COVID and the vaccines have begun to split people not along party lines, but along these weird lines that are becoming unpredictable. So, I think what we are talking about is about to become even more interesting because people make assumptions that you are in a certain box based on a few things which they affiliate with your ‘meta’ layer of views. And I just think there’s a lot of this percolating through the system and I think what the other network member was saying is really getting to that.”
  • A few participants picked up on this discussion, point out that the cubby holes and categories that the media offers up to classify all this activity are something that could be addressed in follow-up OODA Loop research. Global and local networks, as well as affinity groups, were also mentioned as a further area of research: “Part of it is the level of analysis, but also bridging divergent communities.” Another member added: “There is a theme here that is going across a whole variety of things within our country and through organizations and how they are playing out. It needs to get attention.”

Other general technology and policy topics discussed, for follow up research, included:

• “Comparatively low bandwidth, utterly ubiquitous, mesh-oriented networks that are mostly used by devices to send tiny things to each other:  There are three contenders for protocols in this space. One of the most available networks like this to date has been something called the things network and it uses this protocol called LoRa. There is also a new thing called Helium, which is the same kind of protocol, but the way they are incentivizing availability and uptime is really interesting. Andreesen Horowitz is involved to the tune of $111 Million.  These guys have created the best incentive structure I have ever seen for having everybody put a node up. Interestingly, you used to be able to build your own nodes, and they are not letting you do that anymore because we already think people are spoofing the GPS because one of the things that it will do is cut the payout rate I if you have more than one node within 300 meters. This is not a flash in the pan. It is not going to be this narrowband IoT thing that Verizon wants to sell you. No one cares. It’s going to be LoRaWan or SIGFox or one of these other mesh protocols that people are standing up.”  Meshtastic was also mentioned as representative of a “whole other layer of applications that get interesting from an intelligence perspective.”
• The Future of Education: Education and the way it’s changing, because “no education, no science, no science, no technology, no science, no business. The $300,000 degree has come up a few times on this call and there is an ‘emperor has no clothes kind of thing about those degrees. It would be interesting to explore what that all means.” A member added: “I really think people have to get serious about giving real education to kids again.”
• We are using the future right now: What are the implications of Zoom and all the ICT formats that emerged during the pandemic?
• Criminalizing the responsible disclosure of a vulnerability? A member shared that this happened on a Missouri government website – and policymakers started a criminal investigation,  announcing it after it was fixed: “I don’t know if you would call it a threat. I think thinking it is still 1996 is a threat.” The conversation then turned to the following question offered by a private sector SME on the call: A good trend to follow is how are we financially mitigating cyber security instances? I work on the prevention side, detection, and remediation side, but I do not deal with the financial mitigation side yet. That is an area that few people really think about it.”
• Cybersecurity Insurance Coverage sub-limits: A wealth manager, what kind of insurance are they going to need per cybersecurity incident? The risk is that they may lose everything, especially if they are managing something risky, like cryptocurrencies or retirement portfolios. Cyber insurance and what it really means to protect people in these relationships are growing trends. How does a board member or board even know they have a good CI sub? What are the things you can say to people who have a 20-minute attention span that actually would make a difference?.” A cybersecurity SME on the call added: “Cyber insurance is optics. There are a whole lot of reasons why it will not pay. There is a ton of work to do on this topic. Another queried: “Why does everybody need to have insurance? I mean, it’s not going to solve the problem?” Another participant spoke from previous experience: “The utility of these policies is somewhat better. If they have an incident, the rest is exclusions and tiny limits. The insurance carriers get to act like they have products in this space. I think what we think of for other property and casualty type of insurance – like fire:  it’s not the same thing and it’s not even analogous.”
•  A network member shared that “the whole issue of cybersecurity is really a business problem twice and a technology problem once”: He encourages his business team “to not treat everything cyber like it is magic and acquiesce to the technology people for them to lead in a magic/precious fashion on all things cybersecurity. This insurance issue sounds like a perfect example of what I am talking about. The main thing I work with my business teams on is to explain, to provide the information, data, and to reach them so that they realize they have a voice. The goals should be actionable for the business teams to do. It is eye-opening for the business team: ‘I did not know. I did not realize. Now I do. This makes sense. Here are the five things we need to get done.’ Here is how we are going to invest. That is when you know you have an effective cyber security program or an effective technology program –  because there’s a realization by the business teams about how to outline and drive outcomes so that people can execute.”
• The largest ransomware payout in history was $40 million by a cyber insurance company. What does that tell you? Coalition and Morningstar Ratings were mentioned on the call as examples in this cybersecurity insurance space: “Morningstar ratings mean something to certain people. Coalition is a fintech company, but they are really an insurance company. They got the technology that they needed to start making better decisions about who not to give insurance. I think it will be the same thing. Cyber insurance at some point will become mandatory, just like directors’ and officers’ insurance.”

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for business and governments

From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast