"From the CIA to Strategic Cyber" - with Hans Holmer

Spela upp

Summary Hans Holmer (LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss his time as a CIA operations officer and his transition to a cyber strategist. He served on every continent except South America and won a CIA Intelligence Star. What You’ll Learn Intelligence The advantages for a case officer growing up in two cultures and speaking multiple languages before joining the IC The tech person trained to be a case officer vs. a case officer trained to be a tech person debate That no amount of technology will make up for a lack of “cyber strategy” The concept of “digital dandruff” Reflections Growing up in Denmark, moving to the US for high school, joining the Army then CIA Privatizing information gains but collectivizing information losses What it was like to program back in 1973! And more… Episode Notes  Hans Holmer describes the cat-and-mouse of surveillance and counter-surveillance the most fun you can have (a) in public and (b) sober. Ever wondered how you go from a CIA case officer in the Sub-continent, to a technical counterintelligence evangelist who travelled the world, to a cyber strategist living in Vienna, Austria? To find out, listen to this week’s episode where you’ll find Hans thoughtful and articulate, but I think you will also appreciate his forthright views on corporate data leaks and digital personal responsibility. He originally got in touch to talk about the Operation Silver, the British intelligence operation that covertly tapped the communications of the Soviet Army HQ in Vienna, at SPY we actually have a piece – yes, an actual piece – of the Berlin Tunnel, which was a successor operation – betrayed by communist MI6 officer George Blake – which borrowed heavily from Silver: it was even called Operation Gold! The monitoring station in Op. Silver was disguised as a tweed clothing shop on the assumption that no one in Vienna would be interested in Scottish clothing! Hans actually tracked down the modern site of the tweed store and is trying to dig (no pun intended) for further information on the operation – can anyone help…? Quote of the Week "I've been arguing that the way to improve cyber security in the U.S. is very simple. Any company that loses personally identifiable information, payment card information, healthcare information, HIPAA data, or access to critical infrastructure, has to pay each victim a dollar a day from the beginning of the breach till it's been closed off…the average breach lasts about a hundred days…some of the more recent breaches are a hundred million people. So, imagine a hundred million people who get a dollar a day for a hundred days. Companies would take that seriously." Resources SpyCasts “Operation Gold” - Steve Vogel & Bernd von Kostka (Berlin Tunnel) “George Blake, Happy Traitor” – Simon Kuper (Berlin Tunnel) Zero Days – Nicole Perloth Part I and II (Cyber) “The Cyber Zeitgeist” – Dave Bittner (Cyber) “Snowden & Surveillance” – Barton Gellman (Cyber) Books Betrayal in Berlin, S. Vogel (CH, 2019) Spymaster – MI6 Chief Oldfield, M. Pearce (Transworld, 2016)  Documents on the Intelligence War in Berlin, D. Steury (CSI, 1999) Best Books on Cybersecurity (Five Books) Articles “Engineering the Berlin Tunnel,” SII (2008) “Betrayal in Berlin - Review,” WaPo (2019) Documentaries The Great Hack, Noujaim & Amer (2019) Zero Days, A. Gibney (2016) Education Cyber Training Series (DNI) The Danger of Stone Age Habits in a Cyber World (HSToday, 2019) Primary Sources Cyber Security Officer (CIA, 2022) CIA Director Burns - Cyber (WSJ, 2021) National Cyber Strategy of the USA (WH, 2018) Interview with CIA Director Brennan - Cyber (NPR, 2016) The IC’s Role Within Cyber R&D (FAS, 2013) Remarks by DNI Clapper at HPSCI (DNI, 2011) Securing Critical Infrastructure in the Age of Stuxnet (HSGA, 2010) Mail Service of the Soviet Army in Austria (CIA, 1955) Wildcard Resource “Technical Counterintelligence Officer,” INTEL.gov