LTC Jason Brown, PhD

Army Cyber Institute

March 18, 2024 (First published in the Connexions 2024 Conference Journal)

When teaching my courses at the United States Military Academy at West Point, I try to sneak in discussion about the future whenever I can. Whether in a guest lecture for a strategic studies course, a module on problem definitions in a systems design course, or a practical exercise in my cyber risk management course, I ask my cadets to tell me why Threatcasting might be important. Invariably, at least one of them says, “Threatcasting helps you predict how bad things can happen.” To that, I say, “Thank you!” and then I share with them the wise words of science fiction author, Isaac Asimov, who said, “Predicting the future is a hopeless, thankless task, with ridicule to begin with, and all too often, scorn to end with.” 

Threatcasting is not designed as a tool to predict the future. Rather it is a tool to help present opportunities and possibilities of what could happen in the future. Within the cone of futures there are possible, plausible, probable, and preferable futures (see Figure 1). Threatcasting allows us to imagine those plausible and probable futures that are instead undesirable; we just don't want to them happen, so we try to find ways to remove them from the cone of possibilities. What remains are the preferable futures!

Threatcasting is a conceptual framework used to help multidisciplinary groups envision future scenarios. It is also a process that enables systematic planning against threats sometime in the next 10 years. Utilizing the Threatcasting process, groups explore possible future threats and how to transform the future they desire into reality while avoiding undesired futures. Threatcasting is a continuous, multi-step process with inputs from social science, technical research, cultural history, economics, trends, expert interviews, and science fiction storytelling. These inputs inform the exploration of potential visions of the future (see Figure 2).

During a Threatcasting workshop, we guide participants through two distinct exercises. First, we share trends and expert opinions relevant to the project area. We ask participants to reflect on how these data points collide together in undesirable ways in the future, and what their implications are to the system. Early recommendations begin to shape solutions that might appear again at the end of the next exercise.

In the second exercise, called the futurecast, participants fill out a workbook with guided questions that help them create a vision of a person, in a place, experiencing a threat. They use the data from the research synthesis to create a viable scenario but combine it with science fiction to make an interesting story. 

This vision is purposefully human-centric, because only humans can help get ourselves out of the trajectory of an undesirable event speeding down the cone of futures (or at least until machines become sentient -- however, Skynet comes with its own set of future threats!). This vision is an effects-based model that has many details about how the central character experiences the threat, who else it might affect, and the immediate or long-term impacts of that threat event on their lives. It also includes details about what factors enable or create the threat. Sometimes, the threat is a bad actor seeking to cause problems; other times, it’s just the Universe yawning and the world having a bad day.

The final portion of the guided workbook is the backcast. During this activity, we ask participants to consider how friendly forces and practitioners can take action to shape the future. We ask them to consider gates that mitigate or disrupt a threat before it happens as well as think about how to recover once it does happen. The workbook also asks participants to imagine the unavoidable flags that must be navigated regardless of the actions of the gatekeepers. A combined futurecast and backcast completes one full modeling cycle. 

During a workshop we collect dozens of these effects based models, and we thoroughly analyze them in the post analysis process, ending up with a written technical report. Throughout the post analysis process, we seek for new ideas, or novelties, that can be used to explain how the future is a threat. These novelties are usually as surprising to us as they are to our readers.

There are a couple of ways to envision these new ideas and how they apply to our studied problem. The first is called an experiential novelty, which is an observation that might be new to the analyst, but it likely has evidence within the world and the system. Often, it appears as a new “structure” within the context of our problem area. Structural changes often indicate a functional change is on the horizon.

The second way to describe a new finding is called an evolutionary novelty. Evolutionary novelty mirrors biology. For example, when the ancestors of birds began evolving lighter bones and membranes in their forelimbs, this was a structural change to their bodies. The novel idea of flight became a functional change to the system of birds. Whenever an analyst finds changes to the structure of a system, they should be seeking to tie it to an emerging change in the function of that system. In this case, function follows form. Other times, analysts might observe a system undergoing functional change and then dig into the threat models to look for any structural changes that might explain what is going on. In this case, form follows function! Both approaches are useful, depending on the research question.

In the work I have done within the information disorder space, I have always pushed our teams to identify emerging structural changes that indicate a functional shift is about to occur. For example, in our report on Information Disorder Machines in 2019, we recognized emerging artificial intelligence and machine learning could be used to provide tailored, individualized content for both benign and nefarious purpose. OpenAI had released GPT-1 in 2018, just as we were beginning our study on the causes and implications of information disorder. OpenAI released GPT-2, in early 2019, but would not release it to the public because of concerns about misuse. Although we did not name OpenAI nor GPT-2 in our report, we recognized there was a structural change happening right before us (e.g., the emergence of generative pre-trained transformers) which could, with the right data, create a functional shift in the information warfare space (e.g., lowering the bar to AI-assisted microtargeting). The latter became the subject of our most recent study on microtargeting. (You can check out any of the reports mentioned here on the ACI website or on the Threatcasting.ai Library page).

Threatcasting is a methodology with a successful track record in manufacturing, banking, and national security. Education, smart cities, and logistics organizations have recently adopted Threatcasting. As we continually update and improve our processes, we constantly find new areas where it is useful, leading to the realization that there is no perceived limit to the usefulness of this methodology. And that is exciting news indeed for all of us.

Disclaimer: The views expressed in this article are those of the author(s) and do not reflect the official policy or position of the United States Military Academy, United States Army, United States Department of Defense, or United States Government.

References

[1] I. Asimov, “The World of 1990,” The Diner’s Club Magazine, Jan. 1965.

[2] B. D. Johnson, Information Disorder Machines: Weaponizing Narrative and the Future of the United States of America. Tempe, AZ: Arizona State University, 2019.

[3] B. Marr, “A Short History of ChatGPT: How We Got to Where We Are Today,” Forbes. Accessed: Feb. 22, 2024. [Online]. Available: https://www.forbes.com/sites/bernardmarr/2023/05/19/a-short-history-of-chatgpt-how-we-got-to-where-we-are-today/

[4] G. Lindsay, J. C. Brown, B. D. Johnson, C. Owens, A. Hall, and J. H. Carrott, Microtargeting Unmasked: Safeguarding Law Enforcement, the Military, and the Nation in the Era of Personalized Threats. Army Cyber Institute, 2023. [Online]. Available: https://hdl.handle.net/20.500.14216/662.2