The National Academies Press

Currently Skimming:

Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm--Patrick M. Morgan
Pages 55-76

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 55... ... bASIC ELEMENTS OF DETERRENCE In international politics "deterrence" refers to efforts to avoid being deliberately attacked by using threats to inflict unacceptable harm on the attacker in response. 1 The threatened harm can be inflicted by a stout defense, frustrating the attack or making it too costly to continue, or by turning its success into a pyrrhic victory. Read the entire page →
From page 56... ... 1990. nuclear deterrence theory: the Search for Credibility. Read the entire page →
From page 57... ... No national strategy exists for deterring cyberattacks by retaliation either, with little indication available as to what sorts of retaliation are planned or under development. It is as if, having to choose deterrence by defense, retaliation or a combination of the two, the U.S. Read the entire page →
From page 58... ... Without specified real enemies with capaci ties to do major harm via cyberattacks, including harm roughly equivalent to that from military attacks or inflicted via aiding and abetting military attacks, it is much harder to draw on Cold War deterrence thinking and experience. Read the entire page →
From page 59... ... It took a while to appreciate: • what was unique about the nuclear age in warfare, and strategy; • what could and could not be done with nuclear deterrence; • what could and could not be done with deterrence based on conventional forces; and • whether and when nuclear weapons could be used. It turned out that deterrence and related coercive efforts, with or without nuclear threats, worked unevenly. Read the entire page →
From page 60... ... deterrence efforts rushed ahead with weapons, delivery vehicles, theory, strategy, policies -- in a frenzied atmosphere. Deterrence seemed the crucial recourse for national security and the result was a quickly developed strategy, theory, and deterrence posture. Read the entire page →
From page 61... ... Nothing like this applies to cybersecurity because, as noted, the relevant capabilities are integral to cybersystems. bASIC CAPAbILITIES NECESSARy FOR DETERRINg According to deterrence theory, in the abstract (and sometimes in reality) Read the entire page →
From page 62... ... It seems more important today, than it did early in the Cold War, to focus on the vulnerability of command and control of cyberattack defense and retaliatory capabilities. One Cold War concern was about how crippling attacks on national command centers and communications could affect negative control over unauthorized actions, particularly with nuclear weapons. Read the entire page →
From page 63... ... The crucial question is whether American cyberattack capabilities can inflict unacceptable harm. It is unclear how good others' defenses are and also how durable American resources will be under a sustained onslaught. Read the entire page →
From page 64... ... Cold War era deterrence analysts often worked with an image of deterrence even in a crisis as conducted in the following fashion: rising conflict intensity and military preparations that threaten a possible attack lead to deterrence steps, which stimulate serious efforts by each side to ascertain the other's goals, intentions, plans, and determination -- a learning process. However, cyberattack preparations are likely to offer much less (maybe no) Read the entire page →
From page 65... ... THE SPECIAL CONCERN AbOuT CREDIbILITy -- THE CREDIbILITy PRObLEM Of the possible reasons deterrence might fail, what received most American attention during the Cold War was the credibility problem, primarily because it is inherent in the nuclear age for nuclear-armed states, plus the impact of the Munich analogy (from the late 1930s) and the steps leading up to the Korean War. Read the entire page →
From page 66... ... Conversely, a nonnuclear retaliatory threat could be hard to make credible against even a weak nuclear power for fear of escalation. Deterrence by nonnuclear threats against nonnuclear weapons states had always been complicated and problematic, not reliably successful, and this was true of nuclear deterrence in the Cold War era. Read the entire page →
From page 67... ... A concern early in the nuclear age was that with nuclear proliferation a third party could provoke a war between the superpowers via an attack that looked like it came from one of them, or by reacting to an attack in ways that generated rapid escalation to its allies. (The basic rationale for British and French nuclear weapons was the implied threat that they could escalate to the nuclear level after a conventional Soviet attack and draw the superpowers into direct nuclear exchanges.) Read the entire page →
From page 68... ... Nothing in deterrence theory or past experience requires this. Many deterrence threats and their implementa tion ignore it. Read the entire page →
From page 69... ... Deterrence was initially pursued in the Cold War with exactly the opposite approach: the harm threatened often included maximizing collateral damage. The earliest American nuclear deterrence strategy called for preparations to rapidly escalate a war with the communist world via a massive nuclear attack, with plans to inflict many millions of casualties. Read the entire page →
From page 70... ... Deterrence stability is partially linked to the strength of the opponent's motiation to attack. Deterrence is supposed to adjust that motivation so an attack does not occur, but it can readily override credible deterrence threats. Read the entire page →
From page 71... ... A classic recourse for a weak deterrence posture is redundant capabilities for replacing what attacks damage or destroy or to provide sufficient operating capacity while recovery is undertaken. This is especially appealing for nations with large resources. Read the entire page →
From page 72... ... Deterrence postures could be rapidly outmoded, perhaps repeatedly, by the appearance of dangerous new versions of cyberattack capabilities. Deterrence postures would need to be very nimble indeed. Read the entire page →
From page 73... ... However, arms control was aimed at making deterrence stable, i.e. very effective, with deterrence considered the key to managing national and international security. Read the entire page →
From page 74... ... It will be the difference between keeping specific grievous Cold War threats and conflicts in check via independent deterrence posture and collectively lowering threats and conflicts in cyberspace matters to a much more tolerable level. Pessimism that all this can be done is certainly understandable. Read the entire page →
From page 75... ... CONCLuSION: WHAT SHOuLD A gOOD CybERDETERRENCE POSTuRE LOOk LIkE? Deterrence during the Cold War was developed for helping regulate a type of international politics that has been set aside and which we have every reason to want to never see again. Read the entire page →
From page 76... ... And the necessity to better defend, via redundant capabilities, the valuable private sector resources is critical. • Active promotion of collective arms control and related management in cyberspace. Read the entire page →

From page 55...

... bASIC ELEMENTS OF DETERRENCE In international politics "deterrence" refers to efforts to avoid being deliberately attacked by using threats to inflict unacceptable harm on the attacker in response. 1 The threatened harm can be inflicted by a stout defense, frustrating the attack or making it too costly to continue, or by turning its success into a pyrrhic victory.

Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm--Patrick M. Morgan Pages 55-76

Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm--Patrick M. Morgan
Pages 55-76