Developing a Proportionate Response to a Cyber Incident

[InfoSec News <alerts () infosecnews org>]

http://www.cfr.org/cybersecurity/developing-proportionate-response-cyber-incident/p36927

By Tobias Feakin
Senior Analyst and Director
International Cyber Policy Centre
Australian Strategic Policy Institute
Council on Foreign Relations Press
August 2015

As offensive cyber activity becomes more prevalent, policymakers will be 
challenged to develop proportionate responses to disruptive or destructive 
attacks. Already, there has been significant pressure to "do something" in 
light of the allegedly state-sponsored attacks on Sony Pictures 
Entertainment and the Sands Casino. But finding a timely, proportionate, 
legal, and discriminatory response is complicated by the difficulty in 
assessing the damage to national interests and the frequent use of 
proxies. Perpetrators have plausible deniability, frustrating efforts to 
assign responsibility. Past experience suggests that most policy responses 
have been ad hoc.

In determining the appropriate response to a state-sponsored cyber 
incident, policymakers will need to consider three variables: the 
intelligence community's confidence in its attribution of responsibility, 
the impact of the incident, and the levers of national power at a state's 
disposal.

While these variables will help guide responses to a disruptive or 
destructive cyberattack, policymakers will also need to take two steps 
before an incident occurs. First, policymakers will need to work with the 
private sector to determine the effect of an incident on their operations. 
Second, governments need to develop a menu of preplanned response options 
and assess the potential impact of any response on political, economic, 
intelligence, and military interests.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/