K. A. Taipale
Center for Advanced Studies in Science and Technology Policy
January 1, 2009
LAW, POLICY AND TECHNOLOGY: CYBERTERRORISM, INFORMATION, WARFARE, DIGITAL AND INTERNET IMMOBILIZATION, IGI Global, 2010
To counteract the threat of potentially catastrophic cyber-attacks against critical infrastructure, policy makers are increasingly contemplating the use of deterrence strategies to supplement cyber-defense. Deterrence has traditionally focused primarily on threatening a potential attacker with a punishing response in order to deter attacks from occurring. However, because of the particular characteristics of cyberspace a general deterrence policy based on threatened retaliation may not be sufficient to deter, and, in some circumstances, may be counter-productive. Thus, this chapter examines an expanded framework for cyber-deterrence policy that includes four factors: (1) penalty (the familiar notion of increasing the cost of attack through punishment), (2) futility (the notion of frustrating attack through resilience or recovery capabilities), (3) dependency (the notion of interdependence as a moderating influence), and (4) counter-productivity (the notion that collateral backlash can check behavior).
Number of Pages in PDF File: 62
Keywords: cyber-deterrence, cyber-war, cyber-attack, cybercrime, information warfare, critical infrastructure protection
Date posted: February 1, 2009 ; Last revised: August 5, 2014