Cyber-Deterrence
LAW, POLICY AND TECHNOLOGY: CYBERTERRORISM, INFORMATION, WARFARE, DIGITAL AND INTERNET IMMOBILIZATION, IGI Global, 2010
62 Pages Posted: 1 Feb 2009 Last revised: 13 May 2010
Date Written: January 1, 2009
Abstract
To counteract the threat of potentially catastrophic cyber-attacks against critical infrastructure, policy makers are increasingly contemplating the use of deterrence strategies to supplement cyber-defense. Deterrence has traditionally focused primarily on threatening a potential attacker with a punishing response in order to deter attacks from occurring. However, because of the particular characteristics of cyberspace a general deterrence policy based on threatened retaliation may not be sufficient to deter, and, in some circumstances, may be counter-productive. Thus, this chapter examines an expanded framework for cyber-deterrence policy that includes four factors: (1) penalty (the familiar notion of increasing the cost of attack through punishment), (2) futility (the notion of frustrating attack through resilience or recovery capabilities), (3) dependency (the notion of interdependence as a moderating influence), and (4) counter-productivity (the notion that collateral backlash can check behavior).
Keywords: cyber-deterrence, cyber-war, cyber-attack, cybercrime, information warfare, critical infrastructure protection
Suggested Citation: Suggested Citation