Total Pageviews

Wednesday, March 1, 2017

What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment

"What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment", by Rebecca Slayton, International Security, Winter 2016/17, Vo.41, n°3, p.72-109. 
Abstract: Most scholars and policymakers claim that cyberspace favors the offense; a minority of scholars disagree. Sweeping claims about the offense-defense balance in cyberspace are misguided because the balance can be assessed only with respect to specific organizational skills and technologies. The balance is defined in dyadic terms, that is, the value less the costs of offensive operations and the value less the costs of defensive operations. The costs of cyber operations are shaped primarily by the organizational skills needed to create and manage complex information technology efficiently. The current success of offense results primarily from poor defensive management and the relatively simpler goals of offense; it can be very costly to exert precise physical effects using cyberweapons. An empirical analysis shows that the Stuxnet cyberattacks on Iran's nuclear facilities very likely cost the offense much more than the defense. The perceived benefits of both the Stuxnet offense and defense, moreover, were likely two orders of magnitude greater than the perceived costs, making it unlikely that decisionmakers focused on costs.

Deterrence and Dissuasion in Cyberspace, by Joseph Nye

"Deterrence and Dissuasion in Cyberspace", by Joseph Nye, International Security, Winter 2016/17, Vol. 41, No. 3, Pages: 44-71
Abstract: Understanding deterrence and dissuasion in cyberspace is often difficult because our minds are captured by Cold War images of massive retaliation to a nuclear attack by nuclear means. The analogy to nuclear deterrence is misleading, however, because many aspects of cyber behavior are more like other behaviors, such as crime, that states try (imperfectly) to deter. Preventing harm in cyberspace involves four complex mechanisms: threats of punishment, denial, entanglement, and norms. Even when punishment is used, deterrent threats need not be limited to cyber responses, and they may address general behavior as well as specific acts. Cyber threats are plentiful, often ambiguous, and difficult to attribute. Problems of attribution are said to limit deterrence and dissuasion in the cyber domain, but three of the major means—denial by defense, entanglement, and normative taboos—are not strongly hindered by the attribution problem. The effectiveness of different mechanisms depends on context, and the question of whether deterrence works in cyberspace depends on “who and what.” Not all cyberattacks are of equal importance; not all can be deterred; and not all rise to the level of significant national security threats. The lesson for policymakers is to focus on the most important attacks and to understand the context in which such attacks may occur and the full range of mechanisms available to prevent them.

Kensho Cyber Security Index

Le Kensho Cyber Security Index mesure l'évolution du marché de la cybersécurité. Le dernier rapport  datant du 28 février 2017 est disponible ici. L'indice actuel tourne autour de 180 points (base 100 au 15 mai 2013), 

Sunday, February 26, 2017

Conference - The Politics of Algorithmic Modelling

Conference - "The Politics of Algorithmic Modelling", Université Libre de Bruxelles, 30-31 mars 2017. This conference concludes a four year research project funded by the FNRS. 

The Black Report

"The Blach Report. Decoding the minds of hackers", Chris Pogue (Ed.), 52 pages, 2017. 

Trajectoires comparées des nanotechnologies et de l’impression 3D

"Trajectoires comparées des nanotechnologieset de l’impression 3D", Volny Fages, Stéphanie Lacour et Sacha Loeve, Cahiers Droit, Sciences & Technologies, juin 2016, mis en ligne le 20 février 2017, 19 pages. 

How are mobile phone users spied on in Birmingham?

"How are mobile phone users spied on in Birmingham?", short document published by OpenRightsGroup. February 2017, 24 pages.