Contents: Cyber Insecurity: Competition, Conflict, and Innovation Demand Effective Cyber Security Norms by Jan Neutze and J. Paul Nicholas || Cyber insecurity is driving competition, increasing chances for conflict, and threatening to curb technical innovation as we know it. Insecurity should not be the defining norm of cyberspace–and it does not have to be. Keeping Cool: Steps for Avoiding Conflict and Escalation in Cyberspace by Roger Hurwitz || International cyber conflicts will become more frequent and intense. In the absence of robust standards and legislation to police the realm of cyberspace, a series of policy adjustments can be undertaken at a state-level to keep tension from bubbling to the surface. Cyber Westphalia: Asserting State Prerogatives in Cyberspace by Chris Demchak and Peter Dombrowski || Confidence-building measures can serve as international rules of law governing state actors’ use of “information weapons” and thereby produce the mutual understanding needed for a peaceful information domain.
Divide and Rule: Republican Security Theory as Civil Society Cyber Strategy by Ronald Deibert || Shifting away from a Realist approach to cyber security and statecraft towards new foundations of theory would create a stronger and more coherent strategy for civil society. Recent events have provided a great opportunity for a shift in the dialogue to occur.
Puncturing the Myth of the Internet as a Commons by Mark Raymond || Rather than commons, the Internet can be best understood as a set of nested clubs. This perspective has important implications for Internet governance, including the need for a global commitment to “do no harm,” for better education and technical assistance on Internet-related issues, and for acceptance of “responsibility to troubleshoot” as one of its governing principles.
Notes on Deterrence in Cyberspace by Michael Warner and Michael Good || There is a growing consensus that studying cyber deterrence solely under the traditional paradigm of declaratory policy and punishing attackers is unlikely to produce helpful policy suggestions for cybersecurity. State-based deterrence—which largely works in the traditional land, air, sea, and space domains—does not seem effective in cyberspace, at least at the lower levels of the spectrum of conflict.
A Better Defense: Examining the United States' New Norms-Based Approach to Cyber Deterrence by Catherine Lotrionte || The United States has begun to pioneer a norms-based approach to cyber deterrence where interest-based doctrines have stalled. This transformation will become increasingly relevant to the establishment of international cooperation and transparency in cyberspace. Better understanding of norm creation theories, and how they relate to this domain is crucial.
Cyber Security's Next Agenda by Samuel Visner || The United States must address a wide range of issues if it is to gain ground in building the national cybersecurity capabilities it needs. Some of its most important priorities should be defining U.S. national cybersecurity interests, determining if the United States regards cyberspace as a “territory” to “govern,” learning to secure new and emerging information technology infrastructures, and building the national consensus necessary to achieve the progress it requires.
The Classification of Valuable Data in an Assumption of Breach Paradigm by Jeffrey Carr || As corporations begin to accept an assumption of breach paradigm, they will need to look to existing public-sector data classification systems for guidance. A model based on adversary-interest might serve the private sector best.
Decentralizing DNS: Peers, Infrastructure, and Internet Governance by Francesca Musiani || As Internet governance grows increasingly complex, the debate surrounding the current domain name system (DNS) has intensified in kind. A review of the technical, social, and political implications of adopting a decentralized DNS, or peer-to-peer (P2P) system, is in order.
Out of the Trenches: Creating Standards to Share Wisdom and Knowledge by Andrea Rigoni || Better standards need to be crafted to streamline cyber-related information sharing between the public and private sectors. Classic models of knowledge management help illuminate the path forward.
What Ever Happened to the Front Company? Resurrecting Lost American National Security Tradecraft for an Asymmetric World by John R. Mills || In a world of asymmetric, multi-domain threats and rising geopolitical adversaries, the United States must look past the dyadic force posturing options of “hard” and “soft” power, and develop more sophisticated instruments of projection.