Conflict and Cooperation in Cyberspace: The Challenge to National Security, edited by Panayotis A. Yannakogeorgos and Adam B. Lowther. Taylor and Francis Group, 2014, 332 pp..
A commonly recognized cyberspace challenge deals with net-speed changes caused by emerging security concerns, threat evolution, and continuing concept revisions. Conventional strategy development usually highlights shortfalls identified during conflict and assessed through the interwar period. Yannakogeorgos and Lowther’s collected short essays emerge from recent discussions and are an excellent attempt to accelerate some cyberspace theory publication to net speed. The editors identify key questions and framing reported from multiple recent Air Force Research Institute workshops and conferences. Although the 17 chapters are divided into “Key Considerations,” “Technology,” and “Ethics, Law, and Policy,” a more effective division emerges during review. Experienced cyber operators moving through the essays should consider more categories and possibly differentiate as topic review, advanced thought, unique ideas, and global standardization arguments.
Evaluating from basic structure to advanced thought means the first area should be topic review, establishing several baseline viewpoints beneficial to those new to cyberspace theory. These three essays—written by Kamal Jabbour and Sarah Muccio, Eric Oliver, and George Lucas, respectively—evaluate mission assurance practices, Stuxnet lessons learned, and cyber war ethics. The overall presentation is standard, and neither the ideas nor the approach serves to revitalize or potentially invigorate cyber research. The articles do provide excellent thought summaries and may be extremely useful for new readers. Cyberspace rookies can frequently find it difficult to quickly identify common trends, and these essays effectively address those gaps. In particular, the Stuxnet article summarizes many viewpoints which could take significant time to individually accumulate from multiple sources.
After the basic concepts, several articles provide advanced cyber operations viewpoints. Martin Libicki, always an outstanding cyberspace writer, argued advantages regarding probabilistic versus deterministic responses within cyberspace. The first response suggests, “if you makes us mad, we will respond” and the second, “if you cross this line, we will respond.” Libicki argues for more probabilistic deterrence responses with their inherent advantage allowing nations to ignore technical attribution concerns by not specifically stating potential redline strategies. Neil Rowe and several others provide the next advanced article evaluating operational challenges in “Monitoring Cyberarms Compliance.” They suggest difficulties arising even if an international cyberarms agreement were reached in how arm limits could be monitored by various agencies. Although many writers suggest some international agreements on cyberarms will be necessary within the near future, Rowe provides one of the first viewpoints I’ve seen on arms control implementation.
James Fielder continues advanced discussions with a detailed look at Internet roles for dissent within authoritarian states. The initial idea has been discussed previously, especially throughout many Arab Spring works, but Fielder uses a new methodology to conduct quantitative comparison of Internet usage and protest occurrences between 1999 and 2010. The numbers show unusual peaks and trends, while highlighting specific changes within the field. For example, his findings suggest a dramatic increase in protests between 20 and 30 Internet users per 100 but a tapering off after a rate of 30 users per 100 is achieved. Fielder suggests potential causation would be increased living standards based on higher Internet rates. He also links national GDP rates to potential protest numbers. Anyone conducting strategic and international analysis will likely be able to draw value from this insightful report.
Randall Dipert offers the first unique article in “The Essential Features of an Ontology for Cyberwarfare.” Dipert provides both an introduction to the field and then applies the concept to cyberwarfare. Ontology, by definition, is the branch of metaphysics dealing with the nature of being. In practical usage, ontologies construct language systems allowing analysis through large data populations. Dipert proposes a common language framework for cyber applications to allow analysis and inference through automated tools examining large models with hierarchical relationships. He examines existing military ontologies as well as biomedical practices before proposing some ideas within cyber. Although the essay stops short of proposing specific methods, it does create a fertile field for future research.
The second unique article is Jan Kallberg and Rosemary Burk’s “Cyberdefense as Environmental Protection: The Broader Potential Impact of Failed Defensive Counter Cyber Operations.” This article presents a differing viewpoint by arguing the potential environmental consequences resulting from a cyberwar within SCADA systems. Kallberg and Burk’s article may help lay the groundwork for an eventual collateral damage estimation framework for cyber targeting efforts.
Finally, almost a quarter of the book, with four articles, is dedicated to evaluating developing cyberspace norms within international relations. Norm development addresses the second half of the work’s title, the cooperation element. Many writers currently discuss building a better model within cyber by encouraging all players to subscribe to a common standard. The best within this section is Roger Hurwitz’s “A New Normal” which actually calls out specific behaviors to develop norms within different categories. All these articles remain valuable, but the writing proliferation within the topic area makes them feel more like space filler rather than a core element.
Too often, articles and research papers disappear within outlying publications rather than assist strategic thought—not this book. Overall, it was a worthwhile read, and the short chapters make it relatively easy to process during short time periods. The advanced and unique chapters are definite reading for anyone currently involved with cyber operations. The review and norms sections will assist any professional just beginning in the cyber field and may refresh experienced operators. The work could benefit from more prominent dates on several essays to more accurately place them within the literature spectrum, but the wide reference variety and secondary sources mean this text will find a prominent place on my shelf as a research text. More volumes like this should be published more frequently to help advance cyber policy development to net speed.
Lt Col Mark Peters, USAF
Master-rated Cyberspace Operator