Gaza conflicts involved "Search Engine Optimization"

(Brafton) In what may prove to be one of the ways global conflicts are fought in the 21st century, Israel used search engine optimization (SEO) to halt the online backlash it was receiving during the recent conflict in Gaza.

As well as some search engine optimization work (SEO) done by a Texas company for the Israeli Defense Force (IDF), numerous pro-Israeli Facebook groups along with a YouTube channel from the IDF were created in the days after the clash began.

"The stickiness makes it a medium that lets people feel, rather than remain passive," search engine optimization (SEO) expert Joel Leyden told Media Post. "You can put messages in MySpace or Facebook, but it goes nowhere until you drive the content through search engines like Google News. Now you're reaching 60 million people instantly."

In addition, the Israeli consulate began using the micro-blogging service Twitter and even used the service to take questions during a news conference.

The Web 2.0 war continued during the course of the conflict with hackers from both sides creating online propaganda with various sites being defaced.

Succeeding at open-source innovation: An interview with Mozilla's Mitchell Baker

http://www.mckinseyquarterly.com/Strategy/Innovation/Succeeding_at_open-source_innovation__An_interview_with_Mozillas_Mitchell_Baker_2098

As companies reach beyond their boundaries to find and develop ideas, they are exploring new models to manage innovation. In projects that tap external talent, questions quickly arise about process management, intellectual-property rights, and the right to make decisions. Some executives have been at this game longer than others. Mitchell Baker, chairman and former chief executive officer of Mozilla Corporation, has devoted the past ten years to leading an effort that relies extensively on people outside her company—not just for creative ideas, but also to develop products and make decisions. The result: Mozilla’s Firefox browser, with 150 million users, has become a rival of Microsoft’s market-leading Internet Explorer.

As Firefox flourished, the process that created it became a model for participatory, open-source collaboration. Baker’s role, central from the beginning, has taken many twists and turns. Ten years ago, she was a software lawyer at Netscape Communications—which developed the original commercial Web browser—when the company decided to release its product code to the public. Baker’s interest in defining and managing the project quickly earned her a place as one of its leaders. She continued to guide the project after Netscape was acquired by AOL, led the subsequent spin-off (to the nonprofit Mozilla Foundation and its subsidiary, the Mozilla Corporation) to develop the next-generation Firefox browser, and presided over Firefox’s impressive growth. In her role as “chief lizard wrangler,”¹ she balanced and blended Mozilla’s commercial needs with the motives and efforts of an army of volunteers who develop the code and distribute the browser. Over the years, Baker has helped define the legal and functional model that allows an open-source community and a corporation to share responsibility for product development while managing the project and maintaining the organization’s momentum—not to mention its financial viability.

Today, Mozilla and Firefox are successful on several levels. Having recaptured market share lost to Internet Explorer, Firefox now holds 15 percent of the browser market in the United States and a higher share elsewhere. In 2006, the company’s revenue-sharing arrangement with Google for searches that originate in Firefox delivered revenues three times greater than Mozilla’s expenses,²an impressive rate of return. Finally, the organization’s open-source development model is a visible and well-tested experiment in managing innovation beyond corporate borders. To learn more about that model, McKinsey director Lenny Mendonca and Robert Sutton, a professor at Stanford University’s Graduate School of Business, met with Baker in her Mountain View office before her change in roles.

The Quarterly: You’ve said that Mozilla’s real contribution isn’t just the browser but the model of participation. How do you manage participation in this environment?

Mitchell Baker: Our mission is about keeping the Internet safe and open, but also about building participation. We do that by setting up frameworks where people can get involved in a very decentralized fashion. These frameworks embody our values and our goals and get embedded in other people’s minds. We attract people who care about those things, and they go off and participate in the mission in a very decentralized way.

So for some things at the center, we must have extreme discipline. If you’re touching code that goes into Firefox, the process is very disciplined. But there are lots of areas for participation—whether it’s building an extension or localizing the product or building new products—that don’t need that degree of discipline. And a key point is for people to “own” what they are doing, not in a financial or legal sense but in an emotionally committed sense that gives them a chance to decide, “I’m excited about this. I want to do something. I want to write an extension. I want to go tell people how to do this.” And it also gives people the success and the relationships to go back out and do more.

The Quarterly: How much of Firefox’s success depends on people you employ as opposed to the broader group of volunteers?

Mitchell Baker: I’d say we need both to be successful. If you took away our employees, we’d be a good open-source project but nothing like a force on the Internet. If you took away the volunteers and everyone else, we would die. On Firefox, for example, 40 percent of the code is not from employees—and that’s after a recent batch of hires from our volunteer community over the past year. We had 25 employees two years ago and now have more than 120. Sometimes we can hire from within our community, but not always. There are some people with a high degree of expertise and specialization who you can’t hire, and we would never find them if we weren’t an open project. We would never find these people if they couldn’t just step up and contribute. A lot of folks will start at one level, like fixing bugs, and go on to become star performers.

Actually, people can make a contribution without being either employees or members of our volunteer community. Firefox has about 150 million users worldwide, and since it doesn’t ship on new machines, that’s 150 million individual decisions to use it. How many people does it take to do that? I’m guessing hundreds of thousands of people around the world who said, “This is a great product. My family has to have it; my neighbors need to have it.” Hundreds of thousands of different decisions, and you cannot buy that.

The Quarterly: How do you motivate people to contribute to Mozilla, especially after ten years?

Mitchell Baker: I think that for the people who have kept Mozilla alive, the desire to maintain an open and participatory Internet has been very important. The Internet is hidden to human beings except for this piece of software we call the browser. Years ago, we could see that there was some risk of people not being able to reach the Web except through a browser that was part of a business plan. And by the year 2000, we were seeing pop-up ads, spyware, and other things that slowed down the whole computer. I think of this as abuse of the consumer, but it is a perfectly rational business decision for some companies to do that without considering it evil or nasty. But many people feel there should be an alternative, and that dedication to an open Internet has helped us.

The Quarterly: What else?

Mitchell Baker: Second, our product makes a giant difference in the lives of our volunteers, and they take ownership of it. I don’t know if you could build this degree of motivation for something that really didn’t change people’s lives, something that they weren’t emotionally committed to. But the number of people who feel that Firefox is partly theirs is very high.

That’s a tricky management challenge, but we work at it really hard. We see ourselves as part of a community, some of which is inside the organization and some that is outside it. Issues constantly come up within our walls, and we have to say, “This needs to be a public discussion; it needs to go up on the mailing list because other people are involved.” The community is reinforcing once you get started. We can’t ship Firefox or get it onto people’s machines without that community. So that means it’s very much a two-way street, and if we start to think of ourselves as the center, we will fail.

It’s a very exceptional emotional state to feel like you’re part of a healthy community and that you’re in trouble unless you’re reaching out and lots of people are reaching back. We also are extremely sensitive to community criticisms and desires—probably oversensitive sometimes. So when some significant part of the community gets upset, we pay a lot of attention. Sometimes our responses are defensive at first, but I think we’re pretty good at opening up. It’s pretty interesting to look at what somebody is complaining about and find the truth behind that. We also try to be very low spin. In fact, sometimes we joke that we’re negative spin. We don’t need the press or anybody else to do that; we’ll do it ourselves.

The Quarterly: The line between back stage and front stage appears to be pretty thin.

Mitchell Baker: Yes, and quite permeable. And that is a management challenge we haven’t quite solved yet. What’s the correct group of people for information to reach? The easy default is employees because we see each other regularly and they have signed confidentiality agreements. But that’s an unhealthy default for us because we’re not successful based just on employees. The community is as real as we are.

The Quarterly: How do you think about your role in enabling innovation in the communities?

Mitchell Baker: Sometimes, just giving people permission does wonders. Consider our quality control process. We have a public process for finding, tracking, and correcting bugs in the code we’re developing, and thousands of people are involved. When several people within the community began to take leadership in that effort, someone who worked with me said, “All we need to do is tell these people it’s OK.” So that’s what we did. We said to the leader, “You’re awesome; keep doing what you’re doing.” And after that, he became our release driver. There are more people like that than you would expect.

Second, we create scaffolding for people to work from, so that even if we’re not innovating ourselves, other people can. You can see, with the extensions and the customization, that there are thousands of people doing interesting things we haven’t thought of, and they don’t have to tell us or ask us.

Third, we’ve assembled a set of people here who are really motivated by seeing other people do interesting things. So if somebody appears, out in another community, doing something interesting, we don’t have a not-invented-here culture; we just say, “Wow!”

Another thing: not just celebrating when people do great things but knowing how to react when people do things that are troublesome. There are days when somebody’s done something and you wonder, “What were they thinking?” At that point, you have to look really carefully and evaluate what’s just uncomfortable and what really must be fixed. And then you try to keep that latter category to a minimum. A healthy community will do a lot of self-correction.

The Quarterly: What kind of people do well here as employees?

Mitchell Baker: Typically, people whose motivations line up very strongly with either our mission or our technical vision. Also, people who can handle large amounts of their work being public. People here are following the bugs; they’re watching each other, watching their progress. They know how quickly you’re working, and they know if you’re stuck on something. So you have to be able to live not just your social life in public but your work life as well. We called it “life in the fishbowl” long before Facebook.

The Quarterly: What would be an example of a red flag that comes up during the hiring process?

Mitchell Baker: If we ask, “What do you do if someone disagrees with you? What do you do if you think something needs to happen and it seems to be slow or stopped?” And the answer is, “Well, I tell them I’m in charge.” Bing. Even our employees rarely get told that, because I believe that many of the things that work in open-source management are also very valuable for your employees. You can try to tell an employee what to do, but if the two of you disagree the employee may be right. There’s much more negotiation here, like a professional partnership.

The Quarterly: Has the culture of the open-source group changed the culture of the core organization over time?

Mitchell Baker: I wouldn’t say “over time,” because I think we were born out of that organization. I would say it infused us from the beginning because even back at Netscape, leadership had nothing to do with employment status. In fact, sometimes the managers of our project members were demanding that they do things very contrary to what we at Mozilla thought should happen.

The Quarterly: More traditional organizations that are now looking outside themselves may not be used to this management style.

Mitchell Baker: Well, there’s a real dividing line between simply getting input from outside, though that can be very valuable, and what we do. Our decision-making process is highly distributed and unrelated to employment status, and some of the people who make decisions about code are not employees. But what ships as Firefox, with the Mozilla name and brand on it—that’s going to be a Mozilla decision, even though other things are not.

The Quarterly: What has been the biggest surprise in the time you’ve been working at Mozilla?

Mitchell Baker: That we had exactly what was needed at exactly the right moment. You often see this in start-ups that burst onto the scene and grow dramatically. There’s a lot of hard work and smarts, but also some piece of timing is right. Those things, you can’t control; you need to be ready.

The Quarterly: Do you think your success in timing was related to the fact that you had so many more “sensors” in the community than you would have if you were a group of 40 developers sitting in Silicon Valley?

Mitchell Baker: Oh, absolutely. We could not have succeeded if we’d been a closed little area. Yes, we had not only the right product but also the right community of tens of thousands of people all those years, and some sense of hope that we were the alternative to a closed Internet. All of those things mattered. We knew we had a community because we had been living in it for quite a while. All that came together in the product’s success. There’s just no way we could have been or continue to be as successful without being this very diffuse organization.

The Quarterly: Looking ahead, what do you worry about for Firefox?

Mitchell Baker: That Firefox is only a part of what’s necessary for the Internet to remain open and participatory. We’re the part that touches human beings, and that’s a powerful part. But we’re just one element. There’s so much value and revenue in the Internet that it makes economic sense for companies to try to create proprietary places there. And of course, there’s room for companies to do that and generate revenue for their shareholders.

But there also needs to be a section of the Internet that’s open, where people can participate. Open source has been a phenomenal force in pushing us in that direction. Firefox needs to remain strong enough and innovative enough that we’re able to continue to show the industry that you can give people control or choice in an elegant manner and still be a professional vendor and that there are revenue opportunities in this. That’s my greatest concern.

The Quarterly: What can other leaders learn from the Mozilla project about running an innovative company?

Mitchell Baker: Turning people loose is really valuable. You have to figure out what space and what range, but you get a lot more than you would expect out of them, because they’re not you.

Second, figure out where you want input. There are different varieties of input and user-generated content. Figuring out what you really want is very important because you can get benefits out of any of those things. But if you’re doing one thing and sending out a message that you’re doing another, I think you’re dead.

Third, look hard at whether there are areas where you can give up some control, because the returns are great. And if you can’t, then stay away from this type of model. If you have a good group of people around you—people you trust—sometimes just stepping back when you don’t like something is really valuable. Let the problem play out a little bit. The idea that a single individual is the best decision maker for everything and should have ultimate control works only some of the time. I think for Steve Jobs it works because he’s so good at what he does. But if you’re not Steve Jobs, I have found that, sometimes, even when I don’t like something, there’s often real value in stepping back and asking questions. When you just ask people to stop what they are doing, you lose their creative thought. And this approach can get even harder when that person shows that you’re making a mistake. In a lot of organizations, people don’t really admit when they make a mistake, which I think is delusional because we all know that no one’s perfect. 

About the Authors

Lenny Mendonca is a director in McKinsey’s San Francisco office; Robert Sutton is professor of management science and engineering at Stanford University.

EU Information Sharing Legislation Proposal - CIWIN (Critical Infrastructure Warning Information Network)

On the European Parliament Web Site is now available the proposal for an European Legislation on Information Sharing. 

The document can be accessed here. 

This legislation proposal is part of the European Program for Critical Infrastructure Protection (EPCIP) and its aim is to support the Critical Infrastructure Warning Information Network (CIWIN), a prototype developed by the European Commission in 2007. 

NIAC publishes "Critical Infrstructure Partnership Strategic Assessment"

The National Infrastructure Advisory Council (more on NIAC here), published a final report on "

Critical Infrastructure Partnership Strategic Assessment" 

NIAC is indirectly mentioned in the CSIS "Security Cyberspace for the 44th Presidency" report, where it asked to work on a new Private-Public partnership strategy. 

The document has been published in October. 

Information Sharing (second priority of HSPD-7) is mentioned many times in the report as one of the key strategies to better protect the National Infrastructure. Private-Public partnership is the way identified to support Information Sharing. 

UK: WARP Annual Forum Report now available

On the WARP website is now available the report of the 2008 annual forum. I participated to this event and gave a presentation on Information Sharing from an International perspective. On the website you find copy of my presentation.

http://www.warp.gov.uk/Index/Forum/indexannualforum.htm

"The WARP Annual Forum held on Tuesday 3 June 2008, at The Law Society (photo) was a great success with feedback showing 100% saying yes to the question: Would you attend this event next year or recommend it to a colleague?

Presentations for the 2008 forum are available here.
The event was attended by over 100 delegates and included attendees from Holland, Ireland and Canada with presentations from the US, Italy and Greece. As usual, the Annual WARP Forum offered delegates a unique opportunity to listen to presentations from experts in the field, network with other people active in the area, and to share advice and experiences. For some delegates it was also the first opportunity to learn about WARPS and gave them a chance to talk to people who had had experience of setting up and running WARPs.

WSJ: U.S. Fears Threat of Cyberspying at Olympics

WASHINGTON -- A debate is brewing in the U.S. government over whether to publicly warn businesspeople and other travelers heading to the Beijing Olympics about the dangers posed by Chinese computer hackers.

According to government officials and security consultants, U.S. intelligence agencies are worried about the potential threat to U.S. laptops and cellphones. But others, including the State and Commerce departments and some companies, are trying to quiet the issue for fear of offending the Chinese, these people say.
Barack Obama became the first major presidential candidate to propose new cybersecurity policies Wednesday when he unveiled his cybersecurity strategy, which includes combating corporate espionage, shielding the country's Internet infrastructure and establishing a national cybersecurity adviser.
U.S. intelligence and security officials are concerned by the frequency with which spies in China and other countries are targeting traveling U.S. corporate and government officials. The Department of Homeland Security issued a warning last month to certain government and private-sector officials stating that business and government travelers' electronic devices are often targeted by foreign governments. The warning wasn't available to the public. [...]

US: A National Fusion Centre Network

A National Fusion Center Network
The Department and states have made a lot of progress in making the State and Local Fusion Center Program -- a key provision of the 9/11 Commission Implementation Act -- a success in the last three years. Now we are committed to building on that success by supporting the implementation of a National Fusion Center Network.What do I mean by that? Working with our colleagues in the Department of Justice, Office of the Director of National Intelligence, Federal Bureau of Investigation and the Program Manager-Information Sharing Environment, the National Fusion Center Network strategy will connect more than 50 state and major city fusion centers and the federal government in a partnership to protect America.I envision a community of state, local and federal intelligence and law enforcement professionals working together – supported by appropriate tools – to achieve a common goal: protection of the nation.These men and women would leverage federal as well as state and local networks; move relevant information and intelligence quickly; and enable rapid analytic and operational judgments. That is what this National Fusion Center Network is all about.Our ability to move, analyze and act on information is our greatest strength. We must use the network and the information in that network to push our defensive perimeter outward. That’s what the National Fusion Center Network will do for us.We in the federal government recognize that state and local authorities have been working at this for years. We, particularly those of us in the Office of Intelligence and Analysis and the rest of the National Intelligence Community, must aggressively support the states in this endeavor and become a committed partner in creating the National Fusion Center Network.That is exactly what we are doing.Intelligence officers equipped with exiting capabilities are helping local authorities as needed and appropriate. In addition, information once only available in cities and states can be shared with the federal government and used to protect the nation as a whole.This is all very new and different for the Intelligence Community. We are working hard to educate ourselves on the information needs of our state, local and tribal partners, as well as increase our ability to provide them information.And we all must do this while paying the utmost respect to the civil liberties and privacy of our citizens.Creating this National Fusion Center Network is a challenging but achievable task. We are doing many things for the first time, and will likely make mistakes. But we will learn from those mistakes, do better, and create what the country should have had before 9/11.Charlie Allen
Under Secretary for Intelligence & Analysis
Published by the U.S. Department of Homeland Security Washington, D.C.

CIP Report - new International Issue

On this month CIP report, published by George Mason University School of Law, you find an article I wrote on Protecting the Critical Infrastructure in Europe.
You can access the report on the GMU CIP website: http://cipp.gmu.edu
Or directly here

National Information Exchange Model

One of my favourit topics is Information Sharing and you find many articles in my blog about it. In US, to address the Homeland Security Presidential Directive HSPD-5 on Information Sharing, a partnership between US DOK and DHS launched the National Information Echange Model (NIEM) Initiative.
Below you find the links to their website, together with the link to an introductory presentation. Enjoy

Presentation: http://www.niem.gov/ppt/Chicago_EB_082007_FINAL.pdf

Website: www.niem.gov

UK Ministry of Defence to bolster internet intelligence

Ministry of Defence to bolster internet intelligence - SC Magazine UK: "The Ministry of Defence is aiming to increase its online intelligence gathering in a growing realisation of the threat to the UK from international cybercrime activity.

Air Commodore Graham Wright, a senior information professional from the Ministry of Defence said it is placing great focus on analysing the internet threats to the UK and being able to compromise the data of enemy countries.

'Computer Network Defence is something we take a great deal of interest in. There is a huge shift towards holding information on networks,' Wright told a conference in Westminster yesterday organised by the government-funded Cyber Security Knowledge Transfer Network."

Fighting cyber terrorism

IMPACT, or International Multilateral Partnership Against Cyber Terrorism, is the first global public-private initiative against cyber terrorism.
Malaysia’s Prime Minister Abdullah Badawi has approved a US$13 million grant to lay the foundation of IMPACT, a not-for-profit global organisation, to rally efforts from governments, the private sector, and academia worldwide, against the growing threat of cyber terrorism. IMPACT, or International Multilateral Partnership Against Cyber Terrorism, is the first global public-private initiative against cyber terrorism. It drives collaboration among governments, industry leaders and cyber security experts to enhance the global community’s capacity to prevent and respond to cyber threats.The start-up grant will be used to construct the IMPACT building in Cyberjaya, Malaysia, and operations are expected to start in December. The fund will also finance the infrastructure for the four centres of IMPACT: the Centre for Training & Skills Development; the Centre for Security Certification, Research & Development; the Centre for Global Response; and, the Centre for Policy, Regulatory Framework & International Co-operation. Currently chaired by the Malaysian PM, the leadership of the International Advisory Board of IMPACT will be handed over to other member countries after the initial three-year term. “From the standpoint of the Malaysian government, their contribution is a gift to the global community. Someone has to start. They feel they’re just giving the seed,” said Mohd Noor Amin, Chairman, Management Board, IMPACT.
Warning SystemIMPACT is currently building two systems for its member countries. One is an early warning system. which will aggregate ‘feeds’ from IMPACT’s security partners and member countries, which will be redistributed across the world to member countries.Another is a collaboration system that, according to Amin, is a secure electronic platform enabling experts from member countries to collaborate with one another based on their specialty and niche areas.

DHS moves ahead on info sharing network

DHS moves ahead on info sharing network:
The Homeland Security Department plans to pay General Dynamics One Source at least $18 million to upgrade its Homeland Security Information Network (HSIN), which shares sensitive but unclassified data among federal, state, local and private sector organizations.The HSIN Next Generation (NextGen) will be a secure and trusted national platform for information management, collaboration capabilities and search services with enhanced capabilities, DHS said in a statement. The department also said the upgraded network will help users meet their collaboration and information-sharing needs.DHS’ plans to consolidate the more than 100 aging Web portals on the legacy HSIN into the new enterprise collaboration Web portal.

Information sharing is top priority for federal CIOs, says Pentagon official (3/4/08) -- www.GovernmentExecutive.com

Information sharing is top priority for federal CIOs, says Pentagon official : "Information sharing is top priority for federal CIOs, says Pentagon officialBy Jill R. Aitoro jaitoro@govexec.com March 4, 2008 Information sharing is the 'top imperative' of federal chief information officers, said a top Defense Department IT official on Monday. But progress will be stifled as long as agencies regard information sharing and security as mutually exclusive, said the Pentagon's deputy chief information officer."

WARP annual forum

WARP annual forum: "Annual Forum 2008"
The next WARP (Warning, Advice and Reporting Point) Annual Forum will be held on Tuesday 3 June 2008, at The Law Society, 113 Chancery Lane, London WC2A 1PL


This year’s Annual WARP Forum will explore the expansion of the WARP model from purely electronic ICT related Warnings, Advice and Reporting into the related areas of physical and personnel security. This is a logical development, but needs to be tested, and if successful it will increase the utility and appeal of WARPs.

In the afternoon, I will manage the session entitled "Information Sharing accross Systems", that I will introduce during the morning panel. I will publish soon an abstact of the session.

SARMA Conference

Last week I participated to the SARMA Conference, in Arlington (VA), hosted by the George Mason University School of Law (GMU).

SARMA is the US Security Analysis and Risk Management Association.

This year they had:
200 participants - 50 excellent speakers- representatives from most federal, state and local agencies- representatives from numerous leading academic institutions- attendees from the US, Canada, Australia and Italy.

My speech was about the Role of Information Sharing on Threat and Vulnerability Analysis. Presentations should be available on their website soon.

20th FIRST Annual Conference

This year the FIRST Conference will be in Vancouver (June 22-27, 2008 - Hyatt Regency Vancouver, British Columbia, Canada).
For the first time I will attend not as a guest, but as a speaker: the title of my speech is "Models and Experiences for National and International Information Sharing".
More info on the conference can be found at the following addresses:

Conference

Agenda
Speakers

See you in Vancouver!