Commentary: Cyber Deterrence Is Working

[InfoSec News <alerts () infosecnews org>]

http://www.defensenews.com/article/20140730/DEFFEAT05/307300017/Commentary-Cyber-Deterrence-Working

By Jason Healey
Defense News
July 30, 2014

Despite the mainstream view of cyberwar professionals and theorists, cyber 
deterrence is not only possible but has been working for decades.

Cyberwar professionals are in the midst of a decades-old debate on how 
America could deter adversaries from attacking us in cyberspace. In 2010, 
then-Deputy Defense Secretary Bill Lynn summed up the prevailing view that 
“Cold War deterrence models do not apply to cyberspace” because of low 
barriers to entry and the anonymity of Internet attacks. Cyber attacks, 
unlike intercontinental missiles, don’t have a return address.

But this view is too narrow and technical. The history of how nations have 
actually fought (or not fought) conflicts in cyberspace makes it clear 
deterrence is not only theoretically possible, but is actually keeping an 
upper threshold to cyber hostilities.

The hidden hand of deterrence is most obvious in the discussion of “a 
digital Pearl Harbor.” In 2012, then-Defense Secretary Leon Panetta 
described his worries of such a bolt-from-the-blue attack that could 
cripple the United States or its military.

Though his phrase raised eyebrows among cyber professionals, there was 
broad agreement with the basic implication: The United States is 
strategically vulnerable and potential adversaries have both the means for 
strategic attack and the will to do it.

But worrying about a digital Pearl Harbor actually dates not to 2012 but 
to testimony by Winn Schwartau to Congress in 1991. So cyber experts have 
been handwringing about a digital Pearl Harbor for more than 20 of the 70 
years since the actual Pearl Harbor.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/