How to Solve Problems

As I read Elizabeth Bartel’s post at the RAND Blog on how to deter cyber-attacks on non-government computers:

Over the years, a great deal of attention has been paid to gaining security in cyberspace to prevent unauthorized access to critical infrastructure like those that control electrical grids and financial systems, and military networks. In recent years a new category of threat has emerged: the cyber-theft and subsequent public release of large troves of private communications, personal documents and other data.

This category of incident includes the release of government data by inside actors such as Chelsea Manning and Edward Snowden. However, hacks of the Democratic National Committee and John Podesta, a Democratic party strategist, illustrate that the risk goes beyond the theft of government data to include information that has the potential to harm individuals or threaten the proper functioning of government. Because the federal government depends on proxies such as contractors, non-profit organizations, and local governments to administer so many public functions, securing information that could harm the government — but is not on government-secured systems — may require a different approach.

I sincerely wished that she had greater familiarity with proven strategies for solving problems and that the RAND Blog had a comments section. The proven strategy is that you start by addressing the biggest facets of the problem first. Even fractional solutions of the biggest facets can produce big payoffs while even if you solve 100% of something that’s only 10% of the problem you’ve only solved 10% of the problem and you can never solve 100% of anything.

To give you some idea of how to approach solving the problem of computer attacks I’ll return you to a mesmerizing map I’ve posted on before. Look at it (and the associated data) for five minutes and, if you can avoid an epileptic seizure, you’ll have a pretty good idea of what needs to be done.