In June 2011, President Obama announced the withdrawal of most American troops in Afghanistan by the end of 2014. NATO made the same decision in 2011, reducing its current force of some 100,000 military to 8,000–12,000 troops in 2014, in a new non-combat mission, to train, advise and assist the Afghan security forces.

When the West has mostly departed from Afghanistan after 2014, the East, i.e. Russia and its allies, will have to continue to cope with the Afghan security situation and its overflow to the Central Asian region. Russia, although not directly adjacent to Afghanistan, is affected by Afghan narcotics and terrorism. Afghanistan borders China and the Central Asian states of Uzbekistan and Tajikistan. These states, as well as Kazakhstan and Kyrgyzstan, are partners of Russia, bilateral but also multilateral, as members of the military alliance Collective Security Treaty Organization CSTO and/or the regional organization Shanghai Cooperation Organization (SCO). Much has already been said about post-2014 Afghanistan, but not enough about the consequences for Russia and its allies. This work deals with that largely untouched area, by explaining the security challenges; the mind-set of the Kremlin towards Afghanistan; the statements of CSTO and SCO on Afghanistan; the views of NATO and the EU on cooperating with these Eastern institutions; as well as the policy action towards post-2014 by Eastern and Western actors.

In preparation for post-2014 Afghanistan, different parties have different approaches. Russia, China and CSTO have no wish to deploy armed forces in Afghanistan. Russia is expanding its military presence in Central Asia (bases in Tajikistan and Kyrgyzstan); strengthening the borders with Afghanistan of the states with a fragile security, i.e. Kyrgyzstan and Tajikistan; as well as supplying CSTO with modern weapons and equipment, hence reinforcing its rapid reaction force. These actions are taken to counter terrorism and drugs trafficking. The Central Asian states give priority to strengthening border security.

Furthermore, in addition to their military cooperation with Russia (bilateral and through CSTO), these states have also demonstrated—to the dissatisfaction of Moscow—an interest in military cooperation with the West, by obtaining arms and equipment, which the U.S. and NATO intend to leave behind after their retreat. Regarding direct aid to Afghanistan, Moscow’s assistance lies mainly in the military realm, by supplying arms and training. China mostly cooperates economically with Kabul, with financial aid and investments, especially in mineral exploitation.

Kazakhstan and Uzbekistan, the strongest Central Asian states, are also involved in bilateral military and socio-economic cooperation with Afghanistan. CSTO supports Afghanistan by training its military and law enforcement agencies and by realizing socio-economic projects. The SCO lacks joint actions, such as CSTO’s collective counter-narcotics operations, but primarily supports the actions of its individual members. The U.S. financially supports reinforcement of the border security capacity of Kyrgyzstan and Tajikistan. In addition to the NATO-Russia Council (NRC) -projects like counter-narcotics training of Afghan and Central Asian personnel, the (Afghan air force) Helicopter Maintenance Trust Fund, and the Action Plan on Terrorism, NATO has mainly concentrated on the reverse transit route through Central Asia and Russia, to get its arms and equipment out of Afghanistan.

With regard to post-2014, the lack of cohesion of the mentioned parties is particularly stunning. A deficiency of unity, consistency and cooperation is visible, within the East (Russia, China, Central Asia, CSTO, SCO) and West (U.S., NATO, EU). Each of these actors has its own national or organizational objectives and corresponding agenda. However, time is running out. The East and West face the same threats: terrorism by the Taliban and Al Qaida, as well as drugs production and trafficking. Both sides will remain involved in and around Afghanistan after 2014, hence, cooperation is essential.

After its formal declaration rejecting Moscow’s alleged privileged interests in Central Asia, NATO has the possibility of opening a path to engage in joint action with CSTO/SCO. A division of labor could be established whereby CSTO and NATO carry out military and security teamwork and SCO and the EU handle socio-economic cooperation. CSTO-NATO military cooperation could entail exchanging liaison officers between their headquarters; information sharing by military intelligence services of both sides; joint CSTO-NATO-NRC training of Afghan (and Central Asian) law enforcement officers; border guards and military; coordinated delivery of weapons and maintenance to the Afghan army; as well as Russian-US-CSTO strengthening of border security capacities of the Central Asian states. Socio-economic cooperation by the EU and the SCO could be conducted in areas such as direct relief and assistance (water and food supplies), good governance, state-building, police training and reconstruction projects (building schools, hospitals, roads, railways, bridges, etc.). Such a mutual East-West approach would benefit all parties.

High Time to Act Against Information Catastrophe: Time to Strengthen Cyber Security

We need stronger cyber security to protect against massive consumer data breaches

If you are a leader in business or government, or even just a private citizen, there is an emerging phenomenon that you need to know more about. It’s called “information catastrophe.”

This is the event where the marvelous technologies of the cyber age combine with the actions of a person (accidental or malicious) to dump the larger share of your confidential database into the public domain, to criminals or to hostile governments.

It just happened in Korea, as announced this week. The event in question involved the theft and illegal sale of the credit card information of most of the country’s consumer population.

Don’t worry so much about identity theft, though that is happening. You need to be preparing for information catastrophe.

There are important defensive measures, such as reviewing security procedures, vetting your staff or associates better, or establishing strong relations with law enforcement or national intelligence agencies. Those approaches, however, are only band-aid solutions and temporary fixes.

Market pressure + policy failures = low security

The biggest source of the problem is the low-security character of the information systems and networks you are using.

A series of market pressures over half a century as well as regulatory policy failures have somehow convinced most of us to entrust our life savings of information and our inner-most feelings and secrets to data “banks” somewhere in the ether.

Only gradually are people becoming aware that these data banks are highly insecure and more regularly being breached in the bright glare of unwanted publicity.

The data banks comprise software and hardware products in which high vulnerability to attack has been tolerated as a trade-off for lower cost and more convenient accessibility.

When the initial choices for lower cost and lower security were made in many technical sub-fields decades ago, we did not quite foresee the combined effect of those choices.

A paradigm shift in cyber security

Now that we fear NSA can hack anything and anyone, and we know some other, more sinister governments are mining all of our personal information with malicious intent, it is time for us all to trade-up to “highly secure computing.”

In a recent paper released by the East West Institute, called “Resetting the System,” German researcher Sandro Gaycken and I make the case for this paradigm shift in cyber security.

We note that the U.S. Department of Homeland Security (DHS) has identified highly secure computing as one of the highest priorities for research in this field. U.S. scientists are reserving the right to legally develop NSA-resistant encryption.

And the Defense Advanced Research Projects Agency (DARPA), where key elements of Internet technology were developed, is now running new projects in highly secure computing.

We understand that term to mean information technology with security that is unlikely to be breached — except in unusual and rare circumstances (or at high cost and risk to the perpetrator).

Highly security computing is a gigantic investment

This is not some unachievable holy grail. As John Dobson and Brian Randell argued in 1986, while being critical of those who believed it possible to build totally secure systems, “highly secure computing” is a worthwhile goal for scientific research and public policy.

As the DHS’s research plan mentioned above has noted, the more highly secure technologies cannot be bolted on top of the existing ones.

By and large, a move to less vulnerable IT would require a gigantic initial investment by manufacturers and consumers. It could be more expensive to operate and perhaps less convenient and less functional. So consumers—firms and individuals—will not rush to adopt it voluntarily.

The roles of governments and the private sector

Typically, a market failure—where private markets do not provide goods or services needed by customers or do not provide them in adequate quantities at an affordable price—triggers the question of government intervention.

In most market economies, considerable care is taken to craft policies that address the national interest (or public interest) without unduly constraining innovation and competitiveness in the private sector.

But once a government chooses to intervene, the inevitable result—absent a complete course reversal by the private sector—must be some compromise with and by private sector interests. Just how this might play out in particular economies demands detailed study. The policy outcome would inevitably be imperfect.

At the very least, this cyber security dilemma probably demands a price signal of some sort by government and a transition plan with clear benchmarks and standards to provide for phasing out of low security equipment and software.

With or against markets: the EU and China

While this may seem anathema within a U.S. free market environment, the pace of change may be forced on the global market by the European Union or its individual member states with considerable influence.

China is definitely acting against the market, as we have known it. The Snowden leaks about NSA successes against it have led to decisions by the government to accelerate its indigenous cyber security efforts, including new design standards. China is also reviewing its exposure to commercially available products that fall into the low-security and highly vulnerable category.

Today, it seems like we are many years from a consistent effort by any government to adopt highly secure standards for its IT market.

But as the information catastrophes start to affect more and more politicians or significant national economic or security actors, the rush to new products will intensify.

As we move closer to adoption of cloud computing, where confidentiality expectations will be paramount, we can expect that to drive a more rapid move to maximum security in cyber space. The companies that judge this moment well may ride the crest of a new wave of IT wealth.