The Living PDM: Complete Analogy Reference

# The Living PDM: Complete Analogy Reference

This document catalogs every real-world analogy that maps to the Planetary Defense Model across all six domains. These analogies are used throughout CDA.Wiki content as illustrations, sidebars, and connective metaphors. They make abstract cybersecurity concepts visceral, memorable, and accessible to audiences who might never read a standard technical article.

The organizing principle: the PDM describes the architecture of defense. That architecture exists in nature, in civilization, in geology, in biology, in weather systems, in space, and in human history. Every analogy below is a structural parallel, not a decorative comparison.

---

DPS: Data Protection and Sovereignty (Geology / The Core)

The Terrain Metaphor: Geology

The planet's geological core. Bedrock. The deepest layer, the one everything else sits on. If the core is compromised, the entire planet destabilizes.

| Geological Concept | Cybersecurity Parallel | Explanation | |--------------------|-----------------------|-------------| | The inner core | Crown jewel data (trade secrets, PII, credentials) | The most dense, most protected, most critical material. Everything else exists to protect it. | | Geological strata | Data classification tiers (Public, Internal, Confidential, Restricted) | Layers of material at different depths, each with different properties, different access requirements, different protection needs. | | Tectonic plates | Data sovereignty boundaries (GDPR, CCPA, data localization mandates) | Massive structural boundaries that shift slowly but reshape everything above them when they move. A tectonic event (new regulation) forces reconfiguration of everything built on the surface. | | Magma chamber | Unprotected data stores (shadow IT databases, unencrypted backups) | Enormous pressure and energy sitting beneath the surface. Stable until it is not. When a magma chamber breaches, the eruption devastates every layer above. An unencrypted database is a magma chamber: stable in normal conditions, catastrophic when breached. | | Fossils | Legacy data (old records, archived systems, retained-but-forgotten data assets) | Embedded in the strata. Forgotten. Still there. Still discoverable. Still a liability. Data retention without data disposal creates digital fossils that attackers can excavate. | | Mineral veins | High-value data concentrations (payment card data, health records, classified documents) | Concentrated deposits of valuable material running through the rock. Miners (attackers) seek these specifically. DLP controls are the security that prevents unauthorized extraction. | | Seismic activity | Data breach indicators (unusual data movement, access pattern anomalies) | Tremors that signal instability before the quake. DLP alerts, unusual download volumes, credential escalation preceding data access: these are the seismic signals that indicate the core is under stress. | | The Svalbard Seed Vault | Immutable backup architecture | The ultimate data protection strategy: store a copy of the most critical assets in a location isolated from all other threats. Air-gapped, geographically distant, tamper-evident, verified. | | Erosion exposing buried layers | Data exposure through configuration drift | Slow, invisible degradation that eventually reveals what was supposed to stay buried. A misconfigured S3 bucket is erosion: the protective layer is gone, and the data is exposed to anyone who walks by. |

Historical Parallels (DPS)

| Historical Example | Cybersecurity Parallel | |-------------------|----------------------| | The Roman Tabularium (state records archive) | Centralized data repository with sovereign control. Where data lives determines who governs it. | | Caesar's cipher (substitution encryption) | Encryption at rest and in transit. Render data unreadable without the key. | | Roman wax seal (sigillum) | Digital signatures and integrity verification. Guarantees the document has not been tampered with in transit. | | Burning dispatches after reading | Secure data disposal. Data you no longer need but still possess is a liability. | | The Vatican Secret Archives | Long-term data retention with restricted access controls. Centuries of records, access granted only by specific authority. | | The destruction of the Library of Alexandria | Catastrophic data loss without backup. Single point of failure in data architecture. | | Gutenberg's printing press | Data replication at scale. Once data can be copied cheaply, controlling distribution becomes the central challenge. |

Biological Parallels (DPS)

| Biological Concept | Cybersecurity Parallel | |-------------------|----------------------| | DNA | The fundamental data of life. If an organism's DNA is corrupted, the organism fails. If an organization's core data is corrupted, the organization fails. DNA replication errors = data integrity failures. | | Cell nucleus | The protected container for critical genetic data. Membranes, access controls, repair mechanisms. The nucleus is the vault. | | Immune memory (antibodies) | Data that records previous threats for future defense. Threat intelligence databases, signature libraries, IOC repositories. The immune system remembers what attacked it. | | Seeds | Compressed, portable, resilient data packages. A seed contains the complete blueprint for an organism. A backup contains the complete blueprint for an organization's data state. Both must be stored safely and remain viable over time. | | Viral RNA injection | Malicious data injection (SQL injection, code injection). A virus inserts its own data into a host cell's data processing machinery. An attacker inserts malicious code into a system's data processing pipeline. The mechanism is structurally identical. |

---

VSD: Vulnerability and Surface Defense (Oceans / The Coastline)

The Terrain Metaphor: Oceans

The vast, dynamic surface area surrounding the core. Every coast, inlet, harbor, reef, and open water is a potential entry point. The ocean is constantly in motion. The surface never holds still.

| Ocean Concept | Cybersecurity Parallel | Explanation | |--------------|-----------------------|-------------| | Coastline | External attack surface | The boundary between inside and outside. Longer coastline = larger attack surface. Reducing coastline reduces exposure. | | Tides | Attack surface fluctuation | The surface expands and contracts with business changes: new services deployed, old ones decommissioned, seasonal capacity changes. Like tides, this is predictable if you measure it. | | Coral reefs | Web application firewalls, API gateways, ingress controls | Natural barriers that filter what gets through before it reaches shore. Reefs absorb energy and break up incoming waves. WAFs absorb attack traffic and filter malicious requests. | | Deep ocean trenches | Hidden vulnerabilities (zero-days, deep misconfigurations, unknown assets) | Invisible from the surface. Enormous depth. Discovered only with specialized equipment (deep scanning, penetration testing). The Mariana Trench of your environment is the vulnerability you do not know exists. | | Icebergs | Shadow IT | Only 10% visible above the surface. 90% of the mass (and risk) is below the waterline, invisible to security teams. Every shadow IT asset is an iceberg: the visible part is a convenience. The hidden part is a threat. | | Rip currents | Supply chain vulnerabilities | Invisible currents that pull you out to sea from beneath the surface. You think you are standing on solid ground (trusted vendor relationship) but the supply chain current is pulling data and access in directions you cannot see. | | Tsunamis | Mass exploitation events (Log4Shell, SolarWinds, MOVEit) | A single geological event (vulnerability disclosure) creates a wave that hits every coastline simultaneously. The wave is already in motion before most defenders know the earthquake happened. | | Ports and harbors | Open ports, exposed services, API endpoints | Intentional openings in the coastline designed for authorized traffic. Every harbor is a controlled vulnerability: necessary for commerce, dangerous if unmonitored. | | Naval blockade | Network segmentation, access restriction | Controlling what can enter and exit through specific maritime routes. A blockade restricts movement to authorized channels. Network segmentation restricts lateral movement to authorized paths. | | Fog | Obfuscation, encryption of attacker C2 traffic | Reduces visibility. Attackers use encrypted channels and living-off-the-land techniques to operate in the fog. Defenders deploy sensors that see through it. |

Historical Parallels (VSD)

| Historical Example | Cybersecurity Parallel | |-------------------|----------------------| | Hadrian's Wall | Attack surface reduction. Define the boundary. Concentrate defense on it. | | The Atlantic Wall (WW2 Normandy) | Perimeter defense that failed because it tried to defend everything equally instead of reducing the surface. | | The Strait of Hormuz | Choke point (API gateway). All traffic flows through a narrow, defensible passage. Control the strait, control the traffic. | | Roman standardized castra (camp layout) | Infrastructure-as-code. Standardized deployments enable systematic vulnerability identification and remediation. | | The Great Wall of China | Extended perimeter defense. Effective as a monitoring and control surface, not as an impenetrable barrier. The wall was about controlling movement, not preventing it entirely. | | Portuguese maritime defense of trade routes | Protecting supply chain routes. Naval patrols securing the commercial network. | | Island nations (Britain, Japan) with natural moats | Air-gapped networks. Physical separation as the ultimate surface reduction. |

Biological Parallels (VSD)

| Biological Concept | Cybersecurity Parallel | |-------------------|----------------------| | Skin | The first defensive surface. Covers the entire organism. Any break in the skin (wound, abrasion) is a vulnerability. Patch it (bandage) or it gets infected. | | Mucous membranes | Soft entry points (email, web browsing, USB). Not as hard as skin, but necessary for the organism to function. Most infections enter through mucous membranes, not through unbroken skin. Most breaches enter through email and web, not through firewall exploits. | | Porcupine quills / hedgehog spines | Active defense measures that increase the cost of attacking the surface. Honeypots, deception technologies, aggressive rate limiting. Make the surface painful to probe. | | Turtle shell | Hardened external surface with limited openings. Effective but reduces agility. Over-hardening the attack surface can impair business operations, just as the shell limits the turtle's speed. Balance between protection and function. | | Hermit crab (borrowed shells) | Organizations using shared infrastructure (cloud, SaaS) for surface defense. The protection is real but depends on someone else's architecture. |

---

SPH: Security Posture and Hygiene (Terrain / The Ground)

The Terrain Metaphor: Terrain

The ground you defend on. Well-maintained terrain is difficult to traverse. Neglected terrain gives the attacker cover, concealment, and freedom of movement.

| Terrain Concept | Cybersecurity Parallel | Explanation | |----------------|-----------------------|-------------| | Cleared fields of fire | Hardened configurations with full visibility | No cover for attackers. Every movement is visible. Every approach is monitored. This is what a properly configured, fully monitored environment looks like. | | Overgrown forests | Unmanaged complexity, configuration sprawl | Dense growth that provides concealment for threats. Attackers hide in the complexity. The more unmanaged applications, services, and configurations, the denser the forest. | | Roads and paths | Network paths (maintained or deteriorated) | Well-maintained roads enable rapid defensive response. Deteriorated roads slow responders and create ambush opportunities. Network infrastructure that is patched and monitored vs. neglected. | | Bridges | Integration points (API connections, VPN tunnels, trust relationships) | Critical infrastructure that enables movement between areas. Destroy a bridge and you isolate a sector. Compromise a VPN tunnel and you bridge between networks. | | Minefields | Security controls that passively detect or deter | Trip wires, IDS rules, DLP policies. The intruder does not know they are there until they trigger one. | | Swamps and marshes | Legacy systems, technical debt | Difficult terrain that slows movement and drains resources. You cannot build on it. You cannot move through it quickly. You can get stuck in it. Legacy systems are swamps: they slow everything down and consume disproportionate maintenance effort. | | Mountain passes | Choke points in the network topology | Natural terrain that forces traffic through narrow, defensible routes. A well-defended pass controls movement across an entire region. A well-configured network choke point controls all east-west traffic. | | Seasonal changes (spring thaw, winter freeze) | Configuration drift across business cycles | The terrain changes with the seasons. Configurations drift with business cycles (holiday traffic, fiscal year-end, M&A activity). What was secure in January may not be secure in June. | | Gardening / cultivation | Continuous security maintenance (patching, updating, pruning) | Gardens do not maintain themselves. Left unattended, weeds (vulnerabilities) take over, paths (configurations) become overgrown, and the productive plants (legitimate services) get choked out. Cybersecurity hygiene is gardening: daily, unglamorous, essential. | | Earthquake (terrain shift) | Major breach or infrastructure failure | The ground itself moves. Everything built on the assumption of stability is suddenly unstable. Aftershocks continue for months. Recovery is measured in quarters, not days. | | Erosion | Slow compliance drift | Not catastrophic. Invisible year to year. But over time, the cliff gives way. Configuration baselines that nobody enforces gradually erode until the posture collapses under stress. |

Historical Parallels (SPH)

| Historical Example | Cybersecurity Parallel | |-------------------|----------------------| | Roman legions building camp every night | Daily security hygiene. Not when there is a threat. Every day. | | Centurion equipment inspection | Endpoint health monitoring, asset inventory, configuration compliance. | | Roman road maintenance | Network infrastructure maintenance. Patched, redundant, monitored. | | Vegetius: "Training was so rigorous that combat was almost a relief" | Security drills (C-DRILL). When you train constantly, incidents become execution problems, not panic events. | | Medieval castle concentric walls (motte-and-bailey) | Defense in depth. Multiple layers of terrain defense, each increasing the cost of further penetration. | | Japanese castle architecture (winding approaches, kill zones) | Micro-segmentation. The path through the environment is deliberately complex and monitored at every turn. |

Biological Parallels (SPH)

| Biological Concept | Cybersecurity Parallel | |-------------------|----------------------| | Personal hygiene (brushing teeth, washing hands) | Endpoint hygiene (patching, updating, scanning). Daily practices that prevent the vast majority of infections. Boring. Essential. | | Immune system baseline (white blood cell count) | Security posture score. A healthy organism has measurable baseline indicators. Deviation from baseline signals a problem. | | Exercise and fitness | Regular security testing and hardening. A fit organism withstands stress better. A fit security program withstands attacks better. | | Parasites | Persistent malware, cryptominers, unauthorized software. Organisms that live on the host, consuming resources without providing benefit. The host often does not know they are present until performance degrades. | | Symbiotic organisms (gut bacteria) | Authorized third-party software, legitimate SaaS tools. They provide value, but if the balance is disrupted (misconfiguration, overprovisioning), they become harmful. | | Homeostasis | Autonomous Posture Command (APC). The body maintains temperature, pH, blood pressure within narrow ranges automatically. APC maintains security posture within defined parameters automatically. Both are self-correcting systems that detect drift and restore equilibrium. |

---

IAT: Identity Access and Trust (Civilization / Cities and Nations)

The Terrain Metaphor: Civilization

The society built on the terrain. Who lives here. Who is a citizen. Who is a visitor. Who is a spy. How trust is established, maintained, and revoked.

| Civilization Concept | Cybersecurity Parallel | Explanation | |---------------------|-----------------------|-------------| | Citizens | Authenticated, authorized users | They have rights (access), responsibilities (policy compliance), and identification (credentials). Most are loyal. Some are compromised. | | Visitors / diplomats | Guest accounts, contractor access, B2B partner integrations | Legitimate presence with limited, defined access. Monitored. Time-bounded. A diplomat has access to the court but not to the war room. | | Spies / traitors | Compromised credentials, insider threats | Trusted insiders who use authorized access for unauthorized purposes. The most dangerous threat is not the army outside. It is the advisor who opens the gate at night. | | Ghost citizens (census fraud) | Orphaned accounts, ghost accounts | Identities on the rolls that do not correspond to real, active people. Every orphaned account is a ghost citizen: it has access rights, but nobody is managing or monitoring it. | | Immigrant vetting | New hire onboarding, third-party identity proofing | The process of establishing identity and granting initial trust. How thoroughly you vet determines how much risk you accept. | | Exile / banishment | Account deprovisioning, access revocation | Removing identity and access rights when trust is broken or the relationship ends. Incomplete exile (lingering access) creates the same risk as a banished noble who keeps the keys to the treasury. | | City gates | Authentication checkpoints (login, MFA, VPN entry) | The controlled entry point. Present your credentials. Get verified. Proceed or be denied. The gate is only as strong as the verification process. | | City walls | Network perimeter (diminishing relevance in zero-trust world) | The boundary between inside and outside. Once critical, now less relevant as "inside" and "outside" blur (cloud, remote work, SaaS). Zero trust says the wall is not enough; every building inside needs its own lock. | | The agora / marketplace | Shared services, collaboration platforms, public-facing applications | Open spaces where authorized citizens interact. Accessible but monitored. A marketplace is not a private residence; the security model is different. | | Private homes | Individual user workspaces, personal data stores | Higher privacy, restricted access. Only the resident and explicitly invited guests. | | The treasury / vault | Privileged access systems, admin consoles, key management | The most restricted space in the city. Access only with the highest credentials. Guarded at all times. | | Census | Identity lifecycle management, directory services | Knowing who is in the city, what their role is, and what access they hold. An out-of-date census means you do not know who is in your environment. | | Tiered citizenship (Rome: plebeian, equestrian, senatorial) | Role-based access control (RBAC), tiered permissions | Not all citizens have the same access. Access is tied to role, rank, and trust level. | | Foreign allied nations | Trusted partner organizations, federated identity | Sovereign entities with their own identity systems, granted limited trust based on treaties (agreements, integrations). Access is real but bounded by the relationship terms. | | Neutral nations | Unknown external entities, general internet traffic | Not hostile, not trusted. Interactions are public-facing, standard access controls, no special privileges. | | Hostile nations | Adversarial actors (state-sponsored APTs, cybercriminal organizations) | Sovereign entities with offensive intent. They probe borders. They recruit spies inside your walls. They attack when the opportunity presents. | | Nations at war | Active cyber conflict (state-on-state operations, ransomware campaigns) | Open hostilities where offensive operations target critical infrastructure, civilian systems, and economic assets. | | Empires using military against their own citizens | Authoritarian regimes weaponizing cyber offense domestically | Surveillance states, internet shutdowns, domestic hacking of dissidents. The tools of defense turned inward as tools of repression. The fundamental perversion of cybersecurity: using the capability meant to protect people to control them instead. | | The Republic vs. the Empire | Democratic cyber defense vs. authoritarian cyber offense | Democratic societies prioritize defensive capability, citizen protection, oversight, accountability. Authoritarian regimes prioritize offensive capability, surveillance, repression, deniability. CDA is the Cyber Defense Army. The name is the position. | | Mercenaries | Contractors, outsourced security teams, CDArmy Mercs | Professionals who fight for a cause not originally their own, but with real capability and commitment when properly led. The Roman auxilia, the Renaissance condottieri, modern PMCs. CDA's Merc model: skilled operators deployed on mission. | | Refugees / displaced persons | Migrated accounts, users from acquired organizations | Identities from another system that must be integrated into yours. They carry their own history, their own credentials, their own habits. Integration without proper identity proofing creates risk. | | Double agents | Compromised service accounts, hijacked sessions | Identities that appear authorized but are controlled by an adversary. The most dangerous because they pass authentication. | | The Civitas concept | Secure democratic participation through identity assurance + access enablement | How ZPA (Zero Possession Architecture) could secure voting: verify every citizen's identity with certainty, then enable access to the democratic process from any device, without the system possessing or storing votes in a way that enables manipulation. Identity assurance enables access. Access enables participation. Participation sustains the republic. |

Historical Parallels (IAT)

| Historical Example | Cybersecurity Parallel | |-------------------|----------------------| | The Roman tessera (identity token) | Hardware MFA token (FIDO2/WebAuthn). Physical possession proves identity. | | The nightly watchword (signum) | Rotating credentials, session tokens, TOTP. Valid for a limited period, distributed through controlled channels. | | Roman citizenship tiers | CDA membership tiers (Civilian through Crew). Progressive access based on verified trust level. | | Medieval guild marks | Service accounts with defined scope. The mark identifies the guild (service) and what it is authorized to do. | | Athenian kleroterion (random selection device) | Anti-corruption access controls. Randomization prevents gaming the system. | | Praetorian Guard selling the emperorship | Privileged access abuse. The people with the highest access using it for personal gain rather than organizational defense. | | The assassination of Julius Caesar | Insider threat from the most trusted circle. 23 senators with authorized access to the most privileged space. |

---

TID: Threat Intelligence and Defense (Atmosphere / Weather and Sky)

The Terrain Metaphor: Atmosphere

The sky overhead. Weather systems, surveillance, early warning. The atmosphere filters what reaches the surface. When the atmosphere fails, the ground takes the hit.

| Atmospheric Concept | Cybersecurity Parallel | Explanation | |--------------------|-----------------------|-------------| | Storm clouds | Gathering threats (threat actor campaigns in preparation) | Visible to radar (threat intelligence) before the storm makes landfall. The time between detection and impact is the window for defensive preparation. | | Clear skies | Calm periods (not threat absence, threat invisibility) | The absence of visible storms does not mean the absence of threats. It means the threats are not yet detected. Complacency during clear skies is the most common defensive failure. | | Weather stations / radar | SIEM, IDS/IPS, log collection infrastructure | Distributed sensors that measure atmospheric conditions and detect anomalies. The more stations, the better the coverage. Gaps in coverage are gaps in detection. | | Satellites | Threat intelligence feeds (commercial, government, OSINT) | Overhead surveillance that provides strategic-level visibility. A single satellite sees the big picture. Ground stations see local detail. Both are necessary. | | Lightning | Zero-day exploitation | A sudden, high-energy strike with little warning. Damage is localized but severe. The only defense is grounding (hardened systems) and rapid response. | | Meteorologists | Threat intelligence analysts | Professionals who interpret raw data (telemetry) into actionable forecasts (threat assessments). Raw weather data is useless without interpretation. Raw log data is useless without analysis. | | Fog | Encrypted attacker communications, living-off-the-land techniques | Reduces visibility. The adversary is present but obscured. Defenders need sensors that penetrate fog (behavioral analytics, anomaly detection, NDR). | | Wind patterns | Attack vectors and traffic patterns | Prevailing winds follow predictable routes. Attack traffic follows predictable vectors (phishing, exposed RDP, vulnerable web apps). Understanding the patterns enables positioning defenses. | | Jet streams | Advanced persistent threat campaigns | High-altitude, high-velocity currents that influence weather globally. APT campaigns influence the threat landscape across industries and geographies. They are persistent, directional, and powerful. | | Acid rain | Collateral damage from adjacent breaches (supply chain compromise, shared infrastructure attacks) | The pollution originates elsewhere, but the corrosive effects land on your terrain. NotPetya originated as a targeted attack on Ukraine and corroded organizations worldwide. | | Volcanic ash cloud (from DPS eruption) | When a data breach (DPS core failure) fills the atmosphere with debris | Breach fallout contaminates TID operations: alert noise spikes, investigation queues flood, SOC capacity is overwhelmed. The ash cloud from a core breach degrades atmospheric visibility for months. | | Tornado | Ransomware attack | Rapid formation, devastating localized impact, short duration but massive damage. Difficult to predict exact impact zone. Preparation (drills, backups, response plans) is the only reliable defense. | | Hurricane | Coordinated multi-vector attack campaign | Large-scale, sustained, multi-directional. Hits the coastline (VSD), floods the terrain (SPH), downs communications (TID), and challenges governance response (RGA). The most dangerous because it stresses every layer simultaneously. | | Aurora borealis | Threat actor reconnaissance (port scanning, social engineering research) | Beautiful to observe if you are not paying attention to what causes it: charged particles (attacker probes) interacting with the magnetic field (perimeter defenses). The aurora means someone is testing the field. |

Biological Parallels (TID)

| Biological Concept | Cybersecurity Parallel | |-------------------|----------------------| | Apex predators | Ransomware operators. Top of the food chain. Hunt for profit. Specialized, evolved, efficient. | | Parasites | Cryptominers, data exfiltration malware. Live on the host without killing it. Consume resources over time. | | Viruses (biological) | Computer viruses. Self-replicating code that requires a host to execute. The biological virus infects a cell and hijacks its machinery. The computer virus infects a system and hijacks its processes. | | Worms (parasitic) | Network worms. Self-propagating without requiring a host. Spread through connected systems consuming resources. | | Trojans (Trojan horse, but also parasitic organisms that mimic harmless species) | Trojan malware. Presents as legitimate. Gains entry. Deploys payload. | | Swarms (locusts, army ants) | Botnets, DDoS attacks. Individually insignificant. Collectively devastating. The swarm overwhelms through volume, not sophistication. | | Pack hunters (wolves, orcas) | APT groups. Coordinate, communicate, target specific prey, execute patient, planned attacks. | | Camouflage (chameleons, octopi) | Polymorphic malware, living-off-the-land binaries (LOLBins). Change appearance to avoid detection. Use the environment's own features for concealment. | | Venom / toxin injection | Exploit delivery (payload injection). A precise mechanism that delivers a harmful payload past the organism's defenses. | | Unknown species / undiscovered organisms | Zero-day vulnerabilities. Threats you cannot defend against because you do not know they exist. Discovery only happens when someone encounters them. | | Immune response (fever, inflammation) | Incident response. The organism detects a threat and mobilizes a systemic response. Fever is resource-expensive (incident response is expensive) but necessary to fight the infection. | | Autoimmune disease | False positives, security controls that impede legitimate operations. The immune system attacks the body's own cells. Over-aggressive security controls block legitimate business activity. | | Antibiotic resistance | Attacker evolution past defenses. The pathogen adapts to the treatment. The attacker adapts to the control. Static defenses inevitably fail against evolving threats. |

---

RGA: Risk Governance and Assurance (Outer Space / The Strategic Envelope)

The Terrain Metaphor: Outer Space

The strategic envelope that governs everything within it. Gravity, orbital mechanics, cosmic forces. Without outer space's governing physics, the planet cannot hold its atmosphere, maintain its orbit, or sustain life on its surface.

| Space Concept | Cybersecurity Parallel | Explanation | |--------------|-----------------------|-------------| | Gravity | Governance. The force that holds everything in orbit. | Without governance, every other layer flies apart. Teams diverge. Policies conflict. Resources scatter. Gravity is invisible until it is absent, at which point everything destabilizes immediately. | | Orbital mechanics | Compliance cycles (annual audits, quarterly reviews, continuous monitoring) | Predictable, mathematical patterns that keep everything in its proper path. Deviation from the orbit (compliance drift) requires corrective thrust (remediation) or the object crashes. | | Space debris | Legacy risk, accumulated technical debt, orphaned policies | Debris from past operations that remains in orbit, creating collision risk for active systems. Every decommissioned policy, retired system, or unresolved audit finding is space debris. It accumulates. It endangers current operations. | | The sun | Executive leadership (board, C-suite) | The energy source that sustains the entire system. Provides light (strategic direction) and heat (resources). Too close and you burn (micromanagement). Too far and you freeze (neglect). The right distance sustains life. | | Black holes | Catastrophic risk events (existential breaches, regulatory enforcement actions, bankrupting lawsuits) | Massive gravitational events from which nothing escapes. Organizations that fall past the event horizon do not recover. The risk register exists to identify and avoid black holes. | | Asteroids | Low-probability, high-impact risk events | They exist. They are trackable. Most miss. Some hit. The ones that hit can cause extinction-level damage. Business continuity planning is asteroid defense: track the risk, prepare the response, hope you never need it. | | Nebulae | Emerging risk categories (AI governance, quantum readiness, neurotech ethics) | Diffuse clouds of material that have not yet coalesced into defined objects. The risk is real but not yet crystallized into specific regulatory or operational requirements. Monitor. Prepare. Do not ignore. | | Constellations | Framework mappings (NIST CSF, ISO 27001, SOC 2, HIPAA overlaid on the same sky) | Different observers group the same stars (controls) into different patterns (frameworks). The stars are the same. The grouping depends on your perspective and regulatory requirements. Cross-framework mapping is constellation mapping. | | The cosmic microwave background (residual radiation from the Big Bang) | Organizational culture and historical precedent | The faint but pervasive signal from the organization's origin that influences everything. Culture is the CMB: you cannot see it directly, but it shapes the temperature of the entire universe. | | Telescope / observatory | Risk assessment tools (GRC platforms, quantitative risk analysis) | Instruments that enable visibility into the strategic environment. Without them, you are making governance decisions based on naked-eye observation. With them, you can see threats and opportunities that are invisible otherwise. |

Historical Parallels (RGA)

| Historical Example | Cybersecurity Parallel | |-------------------|----------------------| | The Roman Senate | Board of directors providing strategic oversight. Set direction, allocate resources, hold commanders accountable. | | Provincial governors | Business unit security leads. Operate within corporate policy with local autonomy. | | Roman law (ius civile) | The compliance framework. Continuous enforcement, not annual audit. | | The census | Risk register. Quantitative assessment of resources, vulnerabilities, and exposure. | | Treaty of Westphalia (1648) | International cybersecurity norms. The first governance framework for multi-sovereign security. | | Magna Carta (1215) | Governance reform through accountability. Even the king (CEO) is subject to the law (policy). | | The Nuremberg Trials | Accountability for governance failures. "I was following orders" does not exempt leaders from responsibility for the consequences of their decisions. |

Biological Parallels (RGA)

| Biological Concept | Cybersecurity Parallel | |-------------------|----------------------| | Ecosystem | The complete organizational risk environment. Every organism (system, user, vendor) interacts with every other. The health of the ecosystem depends on balance. | | Apex species (keystone species) | Critical infrastructure, essential controls. Remove the keystone species and the ecosystem collapses. Remove the critical control and the security program collapses. | | Extinction events | Catastrophic organizational failure. When governance fails completely, the organization does not adapt; it ceases to exist. | | Evolution | Continuous improvement. The organisms that adapt to changing conditions survive. The organizations that evolve their security programs in response to changing threats survive. Static programs are pre-extinction. | | Symbiosis | Vendor relationships, industry partnerships, information sharing. Mutually beneficial relationships where both parties contribute to each other's survival. | | Biodiversity | Tool and control diversity. Monoculture (single-vendor dependency) creates systemic fragility. Diverse control ecosystems are more resilient. |

---

Cross-Domain Analogies

These analogies span multiple PDM domains simultaneously, illustrating how the domains interact.

| Analogy | Domains | Explanation | |---------|---------|-------------| | A medieval siege | All 6 | The attacker probes the walls (VSD), the defenders maintain the terrain (SPH), spies inside report to the enemy (IAT), scouts monitor the approaching army (TID), the treasury and granary are protected (DPS), and the lord coordinates the defense strategy (RGA). A siege stresses every domain simultaneously. | | A pandemic | All 6 | The pathogen enters (VSD), spreads through unprotected populations (SPH/IAT), intelligence races to identify it (TID), critical medical data must be protected (DPS), and public health governance coordinates the response (RGA). | | A nation going to war | All 6 | Protecting the homeland (DPS), securing borders (VSD), mobilizing the military (SPH), identifying friend from foe (IAT), intelligence operations (TID), and strategic command (RGA). War is the ultimate cross-domain operation. | | The human body | All 6 | DNA is the core data (DPS). Skin is the attack surface (VSD). Daily hygiene maintains health (SPH). The immune system identifies self from non-self (IAT). The nervous system detects and responds to threats (TID). The brain governs all systems (RGA). | | A city-state | All 6 | The treasury (DPS), the walls (VSD), the streets and infrastructure (SPH), the citizens and gates (IAT), the watchtowers and scouts (TID), the senate and laws (RGA). | | Earth itself (the PDM's namesake) | All 6 | Geological core (DPS), oceans (VSD), terrain (SPH), civilization (IAT), atmosphere (TID), outer space (RGA). The Planetary Defense Model is not an analogy. It is a description. The planet defends itself in exactly these six layers. |

---

The Republic, the Empire, and the Defender's Choice

This is the ideological undercurrent of CDA's geopolitical content. It is not the main thread in any article, but it is the position from which all geopolitical content is written.

The Republic (democratic societies, NATO, Western alliance):

• Practices cyber defense as a priority
• Builds capability to protect citizens, infrastructure, and democratic institutions
• Operates under oversight, accountability, and legal constraint
• Shares threat intelligence with allies
• Uses offensive capability against military and intelligence targets with legal authorization

The Empire (authoritarian regimes that weaponize cyber offensively):

• Practices cyber offense as a primary mode
• Builds capability to surveil, repress, and control domestic populations
• Operates without meaningful oversight or accountability
• Uses cyber to undermine democratic institutions in other nations (election interference, disinformation, critical infrastructure pre-positioning)
• Targets civilian infrastructure, private companies, and individual citizens

CDA's position: We are the Cyber Defense Army. The name is the doctrine. We train defenders. We protect organizations and people. We operate on the side of the Republic. This is not a political statement. It is an operational one.

The IWI/Princeton/West Point publication, "Eroding Global Stability: The Cybersecurity Strategies of China, Russia, North Korea, and Iran," documents the specific mechanisms by which adversarial states weaponize cyber offensively. CDA's geopolitical content builds on this foundation with the PDM as the analytical lens.

---

This document is a living reference. New analogies are added as content is produced. Every analogy must map structurally to the PDM domain it illustrates. Decorative comparisons that do not hold under examination are excluded.