This special issue of the War Diaries tackles the topic of cyber security and electromagnetic warfare, while adding a business studies angle to it. Its author Hex Novoa is a leader, strategist, and researcher with over two decades of experience spanning military operations, FinTech security and strategy execution. Formerly an operations officer in the South African Navy, he brings a deep understanding of operational and strategic resilience to his corporate roles. Currently serving as the Security and Fraud Manager at Kazang, he holds an MBA from the University of Cape Town and a postgraduate diploma in joint operations and national security from the United States Naval War College. See the podcast here Bridging Military Tactics with Cybersecurity in FinTech – Underground Strategy | Acast
Introduction
Cyber Security is essential for gaining and maintaining a competitive advantage through support, protection and simulated attack. This intersection spans various modern warfare and information management disciplines, including: EW (Electromagnetic Warfare, which involves the use of the electromagnetic spectrum); IW (Information Warfare, which focuses on the use and management of information and communication technology); and CW (Cyber Warfare, using cyber systems for operational dominance).
This article draws from insights gained through experience in both military operations and FinTech security, reflecting the author’s unique perspective gained as an operations officer in the South African Navy and a leader in corporate cyber security. This dual expertise offers a nuanced understanding of how military strategies can inform and enhance cyber security resilience in complex, high-stakes environments.
Overview of Electromagnetic Warfare
Electromagnetic warfare is a military operational discipline that involves using the electromagnetic spectrum to achieve various objectives. These objectives are divided into three main categories:
- Electronic Support involves gathering intelligence on enemy electromagnetic activities, which could include identifying the use of drones or tracking electromagnetic pulses. Such intelligence-gathering is crucial for anticipating enemy tactics and formulating defensive responses.
- Electronic Protection aims to secure friendly forces from enemy electronic attacks. This often includes frequency management, shielding sensitive equipment and using encryption to safeguard communications from interception.
- Electronic Attack encompasses offensive measures, such as jamming enemy communications, utilising lasers, or deploying directed energy weapons. The objective is to disrupt or impair the enemy’s operational capabilities. Electronic attack includes simulated attack to test friendly protection and support measures.
These categories form a framework that has guided electronic and electromagnetic warfare for decades. As such, they offer a logical structure that can be applied to cyber security at the operational and strategic levels.
Strategic Intersections with Cyber Security
Strategy is the path that guides you from your operations today, to a desired future end state or vision; a horizon of favourable goals that align with your purpose.
At first glance, electromagnetic warfare and cyber security may appear dissimilar, particularly at the tactical level; EW primarily focuses on physical spectrum manipulation, cyber security focuses on data protection and network integrity. Yet, the overlap between these fields becomes evident when viewed through a strategic lens; both fields encompass support, defensive and offensive roles, creating a shared foundation for tackling modern security threats.
Mapping Cyber Security
The three core components of EW – attack, protection and support – correspond to similar facets in cyber security:
- Cyber Security Support: Support functions in cyber security mirror those in EW by providing continuous monitoring, training and vulnerability assessments. Cyber security awareness training is crucial, particularly as social engineering remains one of the most common entry points for attacks. Such training empowers staff to recognise and counteract phishing attempts, weak passwords and other human-factor vulnerabilities.
- Cyber Protection: Protection measures in cyber security involve firewalls, encryption, endpoint security and anomaly detection. Much like in EW, these tools are designed to secure systems against infiltration. For example, anomaly detection systems can identify irregularities in transaction patterns, safeguarding corporate assets and customer data.
- Cyber Attack: Just as electronic attacks target enemy capabilities, cyber-attacks focus on offensive strategies like penetration testing, malware deployment and social engineering simulations. These proactive actions enable organisations to identify and mitigate vulnerabilities before exploitation.
This high-level mapping of EW principles to cyber security creates a unified framework that organisations can apply to reinforce their defences and enhance resilience.
Figure 1: Cyber Security Operational Overview
© 2023 Cyber Vanguard Institute, Hex Novoa
Figure 2: Cyber Security Tactical Overview
© 2023 Cyber Vanguard Institute, Hex Novoa
Practical Applications in Corporate Security
EW principles have influenced the development of anomaly detection and monitoring systems in FinTech environments, especially within high-transaction settings like those at Kazang. Drawing from EW’s core objectives – support, protect and attack – Kazang’s security teams have adopted an approach that leverages anomaly detection to flag unusual patterns in transaction flows, which might indicate fraudulent activity.
Given the high volume of transactions, often reaching up to 8,000 per minute, sophisticated algorithms are essential to detect deviations from typical behaviour. We empower our vendors and our business by building tools that identify unique patterns in behaviour – as unique as a fingerprint.
Inspired by EW’s electronic protection tactics, anomaly detection tools act as protective measures by identifying unusual transaction spikes or atypical behaviours associated with potential threats. These tools provide a form of cyber protection, similar to EW’s frequency management and shielding techniques, which safeguard financial transactions by continuously scanning for outliers that deviate from historical data patterns.
Supporting the Cyber Security Framework
Cyber security support involves proactive training and monitoring practices. Employees receive regular training on social engineering threats and secure handling of sensitive information, a practice critical to thwarting attacks that often rely on human error. Moreover, continuous monitoring allows security teams to respond quickly to any breaches, ensuring that sensitive data remains secure.
Protecting Organisational Assets
In line with the EW-inspired model, cyber protection strategies encompass a range of defensive tools. At the FinTech company, encryption and firewalls protect sensitive financial transactions. Anomaly detection helps to flag suspicious activity that deviates from normal transaction patterns, allowing the team to address potential security issues in real-time.
Simulating Attacks for Defensive Strength
Offensive measures like penetration testing serve as proactive approaches to expose and resolve vulnerabilities before attackers can exploit them. By simulating attacks, the security team anticipates potential intrusions and fortifies the system, embodying the EW concept of “offense as a means of defence”.
Applying the OODA Loop in Cyber Security Strategy
In cyber security, the OODA loop (Observe, Orientate, Decide, Act) offers an additional framework that parallels the defensive and offensive measures used in both EW and cyber strategy.
- Observe begins with identifying risks, both internal and external, by monitoring connected devices, networks and information flows using AI (Artificial Intelligence) and ML (Machine Learning)-powered systems. Just as EW support functions gather intelligence on potential threats, this phase aggregates data to detect early warning signals across the digital landscape.
- Orientate involves quantifying and qualifying identified risks, aligning with cyber support, protection and attack tactics (TTPs) to gain a comprehensive understanding of potential vulnerabilities.
- Next, in the Decide phase, mitigation strategies are selected, while opportunities to enhance the security posture are identified – mirroring EW’s adaptive approach to resource allocation.
- Finally, Act involves implementing these strategies and comparing them to competitive benchmarks, ensuring that organisational defences are robust enough to outperform potential threats. As in EW, the guiding principle here is to maintain a security “fence” that is consistently stronger and more resilient than the competition’s capabilities.
Lessons from Military to Corporate Strategy
The transition from military operations to FinTech security has influenced approaches to crisis management. In military contexts, handling threats often involves the assembly of task forces and ‘war rooms’ to establish clear roles and coordinate a swift response. Adapting this structure to corporate use enables organisations to maintain clarity and agility when addressing security incidents.
In a recent corporate incident, this military-inspired framework proved essential. A system vulnerability required immediate attention and a task force composed of members from various departments was assembled. Through open communication channels, the team swiftly identified the weak point, implemented security measures and conducted a thorough debrief to refine future response protocols. This example highlights how clarity in roles and a structured yet adaptable framework ensure effective crisis management.
Adaptive, Collaborative Approach in Building Resilient Security
Applying military practices to corporate security is not a simple one-to-one transfer. Military experience in electromagnetic warfare provides a valuable perspective on cyber security, while further studies have contributed up-to-date frameworks and theories suited for corporate settings. At the same time, the team’s specialised knowledge of the company and its industry context is irreplaceable. This balance – drawing on diverse experiences and expertise – underscores the value of an adaptive, collaborative approach in building a resilient security environment.
Conclusion: Uniting EW and Cyber Security for Resilience
As security threats grow increasingly sophisticated, the strategic intersection of EW and cyber security underscores the need for a unified, adaptable approach. Integrating military-inspired frameworks into corporate security settings not only strengthens organisational resilience but also fosters a strategic mindset capable of employing support, defensive and offensive measures to counter evolving cyber threats.
Looking ahead, advancements in AI and ML promise to play a pivotal role in both EW and cyber security, offering predictive insights and automated responses that enhance threat detection and response capabilities. And as technology advances, the human element remains critical; fostering cross-disciplinary training and awareness is essential to maintaining an agile and resilient security framework. For organisations navigating today’s complex security landscape, embracing EW principles within cyber security provides a structured, proactive strategy that safeguards both assets and operations, preparing them to face the challenges of tomorrow.
Further Thoughts for the Hard Core Reader
In a world increasingly dependent on digital technology and interconnected systems, cyber security seeks to protect against the threats posed by the manipulation, disruption, or destruction of information and communication systems. This is a multifaceted challenge:
- Technical, requiring advanced and continually evolving measures to protect against sophisticated cyber threats;
- Management, necessitating strategic integration of security principles into business operations and decision-making processes;
- Vital component of National and Global Security, as it plays a crucial role in safeguarding critical infrastructure and maintaining the integrity of governmental and international systems.
- The Technical Challenge of Cyber Security: Cyber security demands a deep understanding of the technical aspects of information systems, networks and digital technologies. This involves not only the deployment of protective measures like firewalls, antivirus software, intrusion detection systems, hardware security and user education, but also staying ahead of cybercriminals through proactive threat hunting, vulnerability assessments and the development of robust security architectures.
- The Management Challenge of Cyber Security: Beyond the technical realm, cyber security is a strategic issue that requires careful planning and management. It involves aligning security protocols with business objectives, ensuring compliance with regulations, managing risk and fostering a culture of security awareness among all stakeholders. Effective cyber security management means integrating security considerations into every aspect of business operations, from the boardroom to the various technical and non-technical users to the server room.
- National and Global Cyber Security Component: On a larger scale, cyber security is integral to national and international security. It involves protecting critical infrastructure, such as power grids, transportation systems and communication networks, from cyber attacks that could have far-reaching consequences. Additionally, it encompasses the defence against cyber espionage, information warfare and other forms of cyber aggression that can undermine national security, disrupt international relations and destabilise global peace and economy.