An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

The Cyber Defense Review


1 ... 4 5 6 7 8 9 10 11 12 13 ... 38

AI, Super Intelligence, and the Fear of Machines In Control

May 17, 2022 —

The advent of Big Data is decades old, and the citadels built atop its resources have redefined the landscape, shifting the power balance away from governments and into the gray area between the public and private sectors. Regulatory systems have yet to keep pace. Power has come not so much from the collection, ownership, or acquisition of data, but more from the ability to direct them into strategic assets. The combinations of what you know and who knows what will become the next decade’s most valuable commodities, with those resting on fractured and ineffective decision-making systems losing the competitive battle.

However, it’s important to avoid the superstition of superintelligence, waiting for - or fearing - the day that the machines awaken and take control. The ultimate battle will not be between humans and machines. The battle will be hybrid means and those harnessing the power of true human·machine collaboration will come out on top, thereby achieving true organizational intelligence. This article addresses the foundations of organizational intelligence, and how to navigate the shifting sands and strengthen one’s financial and reputational position within global power dynamics.


Information as Power: Evolving US Military Information Operations

May 17, 2022 —

The 2016 Presidential election that brought Donald Trump to the White House was a turning point in US policies and attitudes toward Internet governance. The discovery of organized Russian influence operations combined with the unexpected election result, led to a fundamental reappraisal of the security implications of the content flowing over global social media. Once seen as a realm of civil society subject to communications or technology policy, social media exchanges are now perceived by many as an arena of geopolitical conflict. The US, many claimed, was engaged in information warfare in a way that implicated national security. This article explores the consequences of the changing perception of Internet content for US military doctrine regarding Information Operations (IO) and the US approach to Internet governance. The article seeks to answer the following two research questions (RQ):

RQ1: What changes in US military organization, policy, doctrine, and practice regarding IO took place after 2016?

RQ2: Are the post-2016 US military organizational structures, doctrines, policies, and practices eroding the distinction between liberal-democratic and authoritarian political systems regarding free expression on the Internet?


"Explicit" Bargains are Essential to Forming Desired Norms in Cyberspace

May 17, 2022 —

As the United States endeavors to establish international norms in cyberspace, it is critical to delineate which behavioral norms it supports, how it plans to establish them, and to what ends the norms are to serve. Espionage does not violate any international norm; participants have tacitly agreed to undertake espionage and counterintelligence that fall below the "scale and effects" attributed to the "use of force" and assume their associated costs in peacetime. Yet not all espionage in cyberspace below this threshold is considered acceptable. For example, the US desires to bar espionage conducted "with the intent of providing competitive advantages to companies or commercial sectors."

Existing literature largely favors tacit bargaining to develop norms in cyberspace. However, the dynamics of the 2015 U.S.–China Cyber Agreement highlight the necessity of both explicit bargains and the prospect of cooperation to avoid costly escalatory spirals. The newly established position of Deputy National Security Advisor for Cyber and Emerging Technology and the formation of Department of State’s Bureau of Cyberspace and Digital Policy offer a chance to develop a US-led multilateral whole-of-government approach for the formation of cyberspace norms. This approach is discussed here, using the the U.S.–China Cyber Agreement to illustrate how it would be preferable over simply relying on tacit bargaining.


Timing Influence Efforts with Information Processing

May 17, 2022 — Thanks to technological advancements and global connectivity, the information environment continues to evolve as new information channels emerge. However, despite evolutions in the information environment, the role and nature of information in people’s lives have not changed. Even with the advent of social media, the internet, and other technologies that have increased access to information, two principles remain the same. The first principle is that people seek information to reduce the uncertainty associated with their perception of insufficient knowledge. The second principle is that information processing is a social process. These principles are explored within the context of timing to facilitate better effects from influence efforts that are sequenced and executed to maximize influence opportunities. The timing of target populations’ information- seeking and socialization represents a window of opportunity for influence. As information is socialized and accepted, the attribution of this information becomes part of a shared reality and storied identity. MORE

The Global Engagement Center’s Response to the Coronavirus Infodemic

May 17, 2022 — COVID-19 has underscored the shortcomings of the US government’s (USG) approach to disinformation. Throughout the pandemic, adversary nations attacked both foreign perceptions of the US abroad as well as Americans’ confidence in their own institutions. The US failed to execute a robust and coherent response against these spurious narratives. This article will review the federal government’s actions with a particular focus on the Global Engagement Center (GEC), the agency nominally tasked to coordinate the federal government’s response to foreign disinformation. MORE

Bitskrieg: The New Challenge of Cyberwarfare

May 17, 2022 — In the 1990s, John Arquilla and David Ronfeldt co-authored an influential series of articles in which they developed the concepts of cyberwar, swarming tactics, and netwar. Drawing on historical analogies that predate the information age, he articulated how information dominance would critically enable future warfare. Today, some senior leaders herald this concept as the centerpiece to strategic success. In Bitskrieg, the professor emeritus at the U.S. Naval Postgraduate School once again draws from history to envision the evolution of conflict. He possesses rich experience to complement it, as he has had fortune to witness and influence US strategic decision-making for the last three decades. In his book, Arquilla provides strategic context for ongoing efforts to increase the use of cloud computing and strong encryption, and articulates a new approach to cyber arms control agreements. His work is insightful to practitioners and leaders throughout the cyber domain. MORE

The Cyber Defense Review: Addressing Critical Unlearned Lessons

December 22, 2021 — Welcome to a unique Special Edition of The Cyber Defense Review (CDR). For the last decade, those who have worked in the cyberspace domain will likely agree that some persistent issues and problems continue to be debated with no clear resolution. These include ideas and solutions that may have been identified but did not gain the necessary traction to achieve positive outcomes. This issue focuses on those "Unlearned Lessons" from the last decade with the intent of encouraging action. The variety of topics covered in the special edition are wide. In this issue, you will find articles on diplomacy, international relations, adversaries, alliances, emerging threats, economics, and beyond. These are not just technical issues, but also societal and governmental challenges exacerbated through the dramatic nature of cyber technology. Each article is kept intentionally short and to the point for maximum effect. MORE

Tallying Unlearned Lessons from the First Cybered Conflict Decade, 2010-2020

December 22, 2021 — The world is now ten years into the age of overt cybered conflict. The "Cyber Westphalian" world is well past infancy, and the newly conflictual world arena faces emerging great power competition across all domains. It is time to tally up the learning. These essays engage that challenge with a twist. They look at what was missed, ignored, mistaken, or simply not learned despite the indicators and experience. This issue reflects most of a conversation held at the U.S. Naval War College in November 2020 where a small group of senior cyber and security practitioners and scholars met for three half-days to share and discuss the lessons of the first decade of cybered conflict. Included among the attendees were former commanders of the various U.S. cyber commands, as well as senior scholars of international relations with considerable cyber research experience. Others averaged a decade or several in involvement with and study of cyberspace, cybered conflict, and cyber campaigns. MORE

Bringing the Law In: Unlearned Lessons for Diplomats and Others

December 22, 2021 — For over twenty years, "developments in the field of information and telecommunication in the context of international security" has been on the agenda of the United Nations (UN). In 2003, the UN General Assembly established the first formal group of governmental experts (UN GGE) to study existing and potential threats in the sphere of information security and possible cooperative measures to address them. From the beginning of this process, the role of international law has been part of the discussions about existing threats in cyberspace and what measures could be taken to minimize those threats. Indeed, at the conclusion of the first UN GGE in 2004, the Chairman explained that the group was unable to conclude a consensus report because, among other reasons, there were "differing interpretations of current international law in the area of international information security." Since the conclusion of this first UN GGE, there have been six more GGEs, with the last one wrapped up in May 2021. Each of these groups were tasked with studying the potential threats from State malicious actions in cyberspace and how international law applied to such State actions, among other topics. In 2018, to expand the representation of States involved in the study, a parallel process–the Open-Ended Working Group (OEWG) on Information and Communication Technology Developments in the Context of International Security–was established at the UN. It is fully composed of UN members. The OEWG was directed to study, among other issues, how international law applies in cyberspace. On March 12, 2021, the OEWG adopted its Final Substantive Report. MORE

Private Actors’ Roles in International Cybersecurity Agreements – Unlearned Lessons

December 22, 2021 — Vocal communities in the West demand a role in international public policy for cyberspace. In some areas of activity, such as privacy, controls on social media content, commercial issues like anti-trust or digital taxation, this private sector involvement is essential. But the unlearned lesson is that it is equally important for national security, as is the effective negotiation on security, which is still the purview of states. One reason for these demands is the erosion of the clear division between internet security and internet governance. Internet governance has been the domain of a multistakeholder community. The members of the multistakeholders community increasingly expect to play a similar role in questions of international cybersecurity. Conversely, most governments had been content to leave internet governance to civil society and corporations, but now, as governance affects their economies and safety, some want a more prominent or even guiding role in the digital world. This confluence - it could even be described as a collision - over roles and responsibilities is complicated by China and Russia’s differing visions for security, data governance, and sovereignty. The tensions between multistakeholders and government and between democracy and authoritarian views of digital governance complicate the discussions of the role of the private sector. MORE

1 ... 4 5 6 7 8 9 10 11 12 13 ... 38