As cyber operations become central to national security, policymakers still lack a clear framework to distinguish, compare, and evaluate competing cyber strategies. This article offers a novel framework for understanding strategy in cyberspace by describing and comparing theories of security in the digital domain. It argues that most cyber theories of security fall under one of four strategic ideal types: resilience, selective response, persistence, and extraction. Each ideal type represents a distinct way that states prioritize scarce resources to maximize power and minimize harm to networks and assets. Scholars and practitioners have often relied on familiar analogies such as conventional war, coercion, and irregular warfare to describe the promise of cyber power. Yet policymakers and students would benefit from a theoretical framework to distinguish, compare, and evaluate cyber strategies. Following a brief review of current scholarship, the article develops this typology and uses it as the foundation of a comparative framework. It examines the four strategic ideal types across three policy-relevant dimensions: reliance on coercion, risks of escalation, and preparations for conflict. It then explores how to assess their effectiveness, how strategies interact between competitors, and how emerging technologies may reshape the attractiveness of each approach. Although theories of land, air, and maritime power are well established, strategic thought in cyberspace must mature to better guide policymakers in understanding the tradeoffs, advantages, and limitations associated with each strategy.
READ THE FULL ARTICLE HERE
doi.org/10.55682/cdr/w8pg-envn
The Cyber Defense Review
Volume 11, Issue 1