Today, many people don’t realize that cybersecurity is becoming a big issue as people are getting connected in more ways than seen before. But, the reality is that security risks and cyberwar are prevalent and we must be aware.
This is the context of Author Martin Libiki’s recent book Cyberspace in Peace and War. The book will make readers think about cyberwar in new ways and integrate that knowledge into other elements of national power. Libicki educates those who ask what should be done about cyberespionage or those who wonder how nations should integrate cyberspace into their threat planning or cyberwar into their war planning. It will also make readers more intelligent consumers of the news, more informed users of technical advice and wiser judges of the decisions that countries make with respect to the threat from cyberspace.
“The impact of cyber insecurity on everyday folks–in contrast to its impact on organizations–rarely rises beyond the level of annoyance. As a corollary, most people have little idea how much of their information is known to criminals, in part because only a small fraction of that information is ever monetized,” explained Libiki. “We have not had a precipitating incident to raise it above that level. It is not clear whether we ever will.”
In fact, over the last 10 years, the world of cybersecurity has evolved from a handful of acute cases to an everyday chronic problem. Prevalence can be explained by the rising inventory of computing devices like phones, the growing complexity of these devices and the growing perception outside the United States that mucking with these devices can have politically useful effects.
“Perhaps we should get used to the fact that what we think is private is known to others, and many of them are malevolent [criminals, hostile countries],” he said. “We can keep things secret but we have to be parsimonious about what we keep secret and then take pains to keep it so.”
These days, cyberwar is complicated. People put “cyber” and “war” together and think they understand it but they don’t. “In my opinion, people should not know about cyberwar. They should know how to protect themselves, but that’s a different matter,” he said. “They should insist, however, that those who govern in their name take the time and effort to understand cyberspace.”
According to Libiki, the only folks who think they’ve figured that out are the Russians, but he thinks they are trading off short-term gain for long-term hostility.
So, what should be done about cyberespionage?
“Cybersecurity,” he said. “Otherwise, there should be norms that indicate that the use of cyber-espionage for national security purposes is acceptable state behavior, but that the use of cyber-espionage to foster competitive advantage, facilitate crime or doxing is not acceptable state behavior.”
Looking into the future, nations should integrate cyberspace into their threat planning or cyberwar into their war planning. And, new capabilities should be subject to a great deal of clear thinking and experimentation before being used.
Amanda G. Ciccatelli is a Freelance Journalist for Corporate Counsel and InsideCounsel, where she covers intellectual property, legal technology, patent litigation, cybersecurity, innovation, and more.