Total Pageviews

Wednesday, March 1, 2017

The Convergence of Information Warfare

"The Convergence of Information Warfare", by Martin Libicki, Strategic Studies Quarterly, Spring 2017, pp.49-65. 
Abstract: If information technology trends continue and, more importantly, if other countries begin to exploit these trends, the US focus on defeating a cyberwar threat will have to evolve into a focus on defeating a broader information warfare threat. It is far less plausible to imagine a cyber attack campaign unaccompanied by other elements of information warfare—in large part because almost all situations where cyber attacks are useful are those which offer no good reason not to use other elements of information warfare. Thus the various elements of information warfare should increasingly be considered elements of a larger whole rather than separate specialties that individually support kinetic military operations.

Five Kinds of Cyber Deterrence

"Five Kinds of Cyber Deterrence", by N.J. Ryan, Phylosophy & Technlogy, Springer, January 2017. 

Warfighting for Cyber Deterrence: a Strategic and Moral Imperative

"Warfighting for Cyber Deterrence: a Strategic and Moral Imperative", by David J. Lonsdale, Philosophy and Technology, Springer, 21 pages

“Cyber Warfare in the 21st Century: Threats, Challenges, and Opportunities"

"Cyber Warfare in the 21st Century: Threats, Challenges, and Opportunities"

Date: Wednesday, March 1, 2017 - 10:00am
Location: 2118 Rayburn House Office Building, Washington, DC 20515

Witnesses: 
Mr. Jason "Jay" Healey , Nonresident Senior Fellow, Cyber Statecraft Initiative, Atlantic Council
Dr. Martin C. Libicki , Adjunct Management Scientist, RAND
Dr. Peter Singer, Strategist and Senior Fellow, New America Foundation


115th Congress

What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment

"What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment", by Rebecca Slayton, International Security, Winter 2016/17, Vo.41, n°3, p.72-109. 
Abstract: Most scholars and policymakers claim that cyberspace favors the offense; a minority of scholars disagree. Sweeping claims about the offense-defense balance in cyberspace are misguided because the balance can be assessed only with respect to specific organizational skills and technologies. The balance is defined in dyadic terms, that is, the value less the costs of offensive operations and the value less the costs of defensive operations. The costs of cyber operations are shaped primarily by the organizational skills needed to create and manage complex information technology efficiently. The current success of offense results primarily from poor defensive management and the relatively simpler goals of offense; it can be very costly to exert precise physical effects using cyberweapons. An empirical analysis shows that the Stuxnet cyberattacks on Iran's nuclear facilities very likely cost the offense much more than the defense. The perceived benefits of both the Stuxnet offense and defense, moreover, were likely two orders of magnitude greater than the perceived costs, making it unlikely that decisionmakers focused on costs.

Deterrence and Dissuasion in Cyberspace, by Joseph Nye

"Deterrence and Dissuasion in Cyberspace", by Joseph Nye, International Security, Winter 2016/17, Vol. 41, No. 3, Pages: 44-71
Abstract: Understanding deterrence and dissuasion in cyberspace is often difficult because our minds are captured by Cold War images of massive retaliation to a nuclear attack by nuclear means. The analogy to nuclear deterrence is misleading, however, because many aspects of cyber behavior are more like other behaviors, such as crime, that states try (imperfectly) to deter. Preventing harm in cyberspace involves four complex mechanisms: threats of punishment, denial, entanglement, and norms. Even when punishment is used, deterrent threats need not be limited to cyber responses, and they may address general behavior as well as specific acts. Cyber threats are plentiful, often ambiguous, and difficult to attribute. Problems of attribution are said to limit deterrence and dissuasion in the cyber domain, but three of the major means—denial by defense, entanglement, and normative taboos—are not strongly hindered by the attribution problem. The effectiveness of different mechanisms depends on context, and the question of whether deterrence works in cyberspace depends on “who and what.” Not all cyberattacks are of equal importance; not all can be deterred; and not all rise to the level of significant national security threats. The lesson for policymakers is to focus on the most important attacks and to understand the context in which such attacks may occur and the full range of mechanisms available to prevent them.

Kensho Cyber Security Index

Le Kensho Cyber Security Index mesure l'évolution du marché de la cybersécurité. Le dernier rapport  datant du 28 février 2017 est disponible ici. L'indice actuel tourne autour de 180 points (base 100 au 15 mai 2013),