Month: September 2016

Georgian-Russian hostilities in South Ossetia have generated a substantial amount of analysis and speculation regarding the accompanying cyber conflict.5 Most of the focus has centered on identifying the parties who conducted the cyber attacks. The Georgian cyber event provides an intriguing opportunity to examine a more subtle and perhaps overlooked aspect of cyber conflict—the concept of cyber neutrality. The Georgian case raises two fundamental questions: (1) How did the combined actions of the Georgian government and US information technology (IT) companies impact American status as a cyber neutral? (2) Can the United States remain neutral (or cyber neutral) during a cyber conflict?

Read the full article here.

Technical and operational realities make it prohibitively difficult to adapt a Cold War paradigm of “deterrence stability” to the new domain of cyber warfare. Information quality problems are likely to forestall the development of a cyber equivalent of the strategic exchange models that assessed deterrence stability during the Cold War. Since cyberspace is not firmly connected to geographic space the way other domains are, modeling is extremely difficult, muddling the neat conceptual distinctions between “counterforce” (military) and “countervalue” (civilian) targets. These obstacles seriously complicate US planning for a credible cyber “assured response” and present substantial challenges to potential adversaries contemplating cyber attacks against US interests. To create a maximally effective deterrent against cyber threats, the United States should seek to maximize the challenges for possible opponents by creating a cyber “strategy of technology,” emphasizing resilience, denial, and offensive capabilities.

Read the full article here.