Search

Begin New Search Topic Cybersecurity Publication Year within 10 Years

121. Combatting Cyber Threats: CSIRTs and Fostering International Cooperation on Cybersecurity

Author:
Samantha Bradshaw
Publication Date:
12-2015
Content Type:
Working Paper
Institution:
Centre for International Governance Innovation
Abstract:
This paper examines the role of computer security incident response teams (CSIRTs) in the emerging cyber regime complex and asks what might be driving the lack of trust and information sharing within the community. ThePow commercialization of cyber security and threat vulnerabilities, the Internet’s development as a new power domain, the growth of the CSIRT community and the emergence of a cyber regime complex are examined as factors that are giving rise to and exacerbating existing problems around information sharing and trust.
Topic:
National Security, Science and Technology, International Security, and Cybersecurity
Political Geography:
Global Focus

122. Documenting Cyber Security Incidents

Author:
Marshall Kuypers and Elizabeth Pate-Cornell
Publication Date:
12-2015
Content Type:
Working Paper
Institution:
Center for International Security and Cooperation
Abstract:
Organizations often record cyber security incidents to track employee workload, satisfy auditors, fulfill reporting requirements, or to analyze cyber risk. While security incident databases are often neglected, they contain invaluable information that can be leveraged to assess the threats, vulnerabilities, and impacts of cyber attacks, providing a detailed view of cyber risk in an organization. This paper emphasizes what data is useful for a risk assessments and how data should be recorded. When a security incident occurs, it is often unclear what information should be recorded about the incident. Currently, the data that are tracked are largely driven by compliance for reporting requirements and valuable information is not recorded, or information is not recorded in a way that makes analysis easy. For example, incidents are often documented in unstructured reports that require a manual analysis to identify trends. Explicitly recording certain data in structured form makes analysis much more accurate and efficient. This paper is focused on answering the question, ‘What should we record?’
Topic:
Cybersecurity

123. North Korea and the Sony Hack: Exporting Instability Through Cyberspace

Author:
Stephen Haggard and Jon R. Lindsay
Publication Date:
05-2015
Content Type:
Policy Brief
Institution:
East-West Center
Abstract:
The North Korean cyber attack against Sony Pictures Entertainment in connection with the planned release of The Interview raised important questions about the feasibility of deterrence in cyberspace, the protection of First Amendment values, and the responsibility of the US government to safeguard private networks. It also resulted in the unprecedented attribution of responsibility for a cyber attack to a nation state by a US president, despite public controversy over the evidence. North Korea has long engaged in provocative behavior on the Korean peninsula, recently including cyber attacks, but the probability of general war with South Korea remains quite low. Strategists describe this problem as the stability-instability paradox. North Korean coercion targeting a corporation on US soil in effect extends this dynamic into global cyberspace. It is impossible to deter all forms of cyber harassment, but policymakers can manipulate the threshold of ambiguity that makes limited aggression more or less attractive.
Topic:
Science and Technology, Law, and Cybersecurity
Political Geography:
North Korea

124. Cyber Defense: An International View

Author:
Kim Hartmann and Keir Giles
Publication Date:
09-2015
Content Type:
Working Paper
Institution:
The Strategic Studies Institute of the U.S. Army War College
Abstract:
An overview of four different national approaches to cyber defense are discussed: those of Norway, Estonia, Germany and Sweden. While providing a useful guide for engagement with the relevant governmental and other organizations in each of these countries, the Paper also compares and contrasts the advantages and drawbacks of each national approach.
Topic:
National Security, Science and Technology, Governance, and Cybersecurity
Political Geography:
Norway, Germany, Estonia, and Sweden

125. Bridging the Planning Gap: Incorporating Cyberspace Into Operational Planning

Author:
Colonel Martha S. H. VanDriel
Publication Date:
05-2015
Content Type:
Working Paper
Institution:
The Strategic Studies Institute of the U.S. Army War College
Abstract:
Cyberspace operations have a far-reaching, permanent impact on military operations. At the conceptual level, the U.S. Department of Defense (DoD) now recognizes five warfighting domains: land, maritime, air, space, and cyber.1 While there are examples of how cyberspace support to military operations have advanced over the past decade, one gap has not been addressed in detail—operational planning. It is clear that in U.S. military operations, the land, maritime, air, and space domains rely heavily on cyberspace. Therefore, cyberspace operations must be viewed in the context of all domains and be included as part of the overall operational scheme of maneuver. For if a commander postures his or her command to fight an adversary in the first four domains but ignores cyberspace, not only will that commander have ceded the cyberspace domain to the adversary, but the adversary can then proceed to undermine that commander’s effectiveness in the other four domains.
Topic:
National Security, Science and Technology, War, and Cybersecurity
Political Geography:
United States of America

126. Confidence Building in Cyberspace: A Comparison of Territorial and Weapons-Based Regimes

Author:
Dr. Mary Manjikian
Publication Date:
04-2015
Content Type:
Working Paper
Institution:
The Strategic Studies Institute of the U.S. Army War College
Abstract:
An analysis of weapons-based confidence-building measures shows how academics can work together to self-police their research for national security implications, socialize new members of the academic community into the importance of considering security issues, and develop and disseminate norms regarding what is and is not a moral and ethical use of these technologies. It may be possible for academics and policymakers to come together to work for a ban or build-down on cyber weapons patterned on international efforts to ban chemical and biological weapons and implement export regimes to control the export of code which may form the components of cyber weapons. If we conceptualize cyberspace as territory, we can also learn from the example of territorially-based confidence-building measures such as those implemented along the Indo-Pakistan border. This approach stresses the importance of developing notification procedures to prevent misperceptions and the escalation spiral, as well as communicating regularly to establish trust between all parties. The case studies presented here illustrate the promises and pitfalls of each approach and offer valuable warnings to policymakers seeking to implement such measures in cyberspace. They show what happens when not everyone in a regime is equally committed to a specific outcome by illustrating the difficulties of monitoring compliance in confidence-building regimes, and show the ways in which doctrines and confidence-building measures may not be perfectly aligned.
Topic:
Security, National Security, Science and Technology, War, Weapons of Mass Destruction, and Cybersecurity
Political Geography:
United States and Global Focus

127. When the generation gap collides with military structure: The case of the Norwegian cyber officers

Author:
Hanne Eggen Roislien
Publication Date:
12-2015
Content Type:
Journal Article
Journal:
Journal of Military and Strategic Studies
Institution:
Centre for Military, Security and Strategic Studies
Abstract:
As the military integrates cyber into its structures, gradually more nations are recruiting and educating personnel to serve as "cyber officers". Tech-savvy men and women from ‘Generation Y’ grew up in the post-modern era, recognized not only by its individualism and erosion of overarching, coherent maxims, but also by the fact that technology is taken for granted. Thus, in the situation of the cyber officer a particular generation gap occurs, one in which the characteristics of postmodernity, military command structures and the inter-disciplinarity of cyber pull in conflicting directions. This friction creates a peculiar situation as technology and cyber contribute to sharpen the generation gap that necessarily exists between the young generation of cyber officers, and their superiors in the military. I explore this quandary through an examination of cyber officers’ testimonies. In particular, I focus on the cyber officers’ conceptualization of “cyber” and how this resonates with that of their superiors’. The data is ethnographic, based on interviews with cyber officer students at the Norwegian Defence Cyber Academy.
Topic:
Science and Technology, Military Strategy, and Cybersecurity
Political Geography:
Europe, Norway, Northern Europe, and Scandinavia

128. North Korea: The Myth of Maxed-Out Sanctions

Author:
Joshua Stanton
Publication Date:
01-2015
Content Type:
Journal Article
Journal:
Fletcher Security Review
Institution:
The Fletcher School, Tufts University
Abstract:
On December 19, 2014, President Obama publicly blamed North Korea for the cyberattack against Sony Pictures and for the subsequent cyberterrorism against the American people, and promised to "respond proportionally." Almost immediately thereafter, one could hear a familiar narrative repeated, typified by New York Times correspondent David Sanger, who wrote that "North Korea is under so many sanctions already that adding more seems futile." One could have heard similar arguments in 2006, after North Korea's first nuclear test, and in 2013, after its third nuclear test. A variation of this argument is that “Washington … can do little ... without the cooperation of China.” ​ For years, journalists have quoted “experts” who insisted that U.S. sanctions options against North Korea were exhausted and had failed as an instrument of policy. As a matter of both fact and law, however, that is false; it even suggests that these experts have not read and understood the sanctions authorities. Why does this view persist, then? Some scholars may accept and propagate it because they oppose sanctions as a matter of policy. Others have simply ceased to question a myth that has entered the received wisdom. A true understanding of the potential effectiveness of sanctions first requires an understanding of what these sanctions are, what they are not, and how they work. This article will first summarize the sanctions authorities – U.N. Security Council resolutions, and the U.S. sanctions that should be an important part of the effective enforcement of the measures that the U.N. Security Council has adopted. It will also explain the role of the Treasury Department in regulating the international financial system, and the power this gives the United States to isolate the North Korean government from that system. It will explain which U.S. and U.N. sanctions against North Korea have succeeded and failed, and why. Finally, it will explain what current U.S. national sanctions do, and what they do not do. Only after one understands how little the current sanctions do – and how much they could do – can one begin to understand how to strengthen them into an effective part of a coherent foreign policy... ​
Topic:
Science and Technology, United Nations, Sanctions, Cybersecurity, and Economy
Political Geography:
Asia, North Korea, North America, and United States of America

129. Full Issue: Emerging Domains of Security

Author:
Meg Guliford, Thomas McCarthy, Alison Russell, Michael M. Tsai, Po-Chang Huang, Feng-tai Hwang, Ian Easton, Matthew Testerman, Nikolas Ott, Anthony Gilgis, Todd Diamond, Michael Wackenreuter, Sebastian Bruns, Andrew Mark Spencer, Wendy A. Wayman, and Charles Cleveland
Publication Date:
09-2015
Content Type:
Journal Article
Journal:
Fletcher Security Review
Institution:
The Fletcher School, Tufts University
Abstract:
The theme of this special edition is “Emerging Domains of Security.” Coupled with previously unpublished work developed under a prior “Winning Without War” theme, the articles therein honor Professor Martel’s diverse, yet forward-leaning, research interests. This edition maintains the journal’s four traditional sections of policy, history, interviews, and current affairs. Our authors include established academics and practitioners as well as two Fletcher students, Nikolas Ott and Michael Wackenreuter. Each of the articles analyzes critical issues in the study and practice of international security, and our authors make salient arguments about an array of security-related issues. The articles are borne out of countless hours of work by FSR’s dedicated editorial staff. I deeply appreciate the time and effort they devoted to the publication of this volume. They are full-time graduate students who masterfully balanced a host of responsibilities.
Topic:
Security, Defense Policy, Intelligence, International Cooperation, International Law, History, Military Affairs, Counter-terrorism, Cybersecurity, Navy, Conflict, Space, Interview, Army, Baath Party, and Norms
Political Geography:
China, Iraq, Europe, Middle East, Taiwan, Germany, Asia-Pacific, Global Focus, and United States of America

130. Roadmap for a Code of Conduct for Cyberspace

Author:
Thomas McCarthy and Alison Russell
Publication Date:
09-2015
Content Type:
Journal Article
Journal:
Fletcher Security Review
Institution:
The Fletcher School, Tufts University
Abstract:
Professor Martel, author of Grand Strategy in Theory and Practice: The Need for an Effective American Foreign Policy, offers three guiding principles for U.S. grand strategy: rebuilding domestic foundations of power; exercising American leadership to restrain sources of disorder that directly threaten U.S. vital interests; and forging both alliances and partnerships to confront the most pressing threats to global stability.[2] The last of Martel’s three principles foreshadows the three cyber security activities at the heart of the newly released U.S. Department of Defense Cyber Strategy. The three activities around which the new U.S. DoD cyber strategy revolves are: Information sharing and interagency coordination; building bridges to the private sector; and building alliances, coalitions, and partnerships abroad.[3] These three coordinating and collaborating activities are the key to building relationships between actors influencing the development of the cyber domain, and are necessary to identify and counter threats. To advance global cyber security, the Cyber Strategy suggests the U.S. must “build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability.”[4] As part of this effort, the United States seeks to build security relationships to respond to shifts in the international environment, including sources of disorder. These relationships are built upon trust and cooperation of many actors with varied interests and objectives in cyberspace. Given the wide variety of actors and interests within the cyber domain, establishing relationships of trust based on a shared understanding of acceptable conduct, expected behavior, and governing principles represents a daunting challenge...
Topic:
Security, Foreign Policy, Cybersecurity, and Grand Strategy
Political Geography:
North America and United States of America