Cybersecurity: Changing the Model. Atlantic Council. Franklin D. Kramer and Robert J. Butler. April 24, 2019
The current model of cybersecurity is outdated. Adversaries
continue to grow more sophisticated and outpace advancements in defense
technologies, processes, and education. As nation states enter into a new
period of great power competition, the deficiencies in current cybersecurity
practice, evidenced by the growing number of successful cyber-attacks from
Russia, China, North Korea, and others, pose a greater threat.
The need to update the cybersecurity model is clear. An
enhanced public-private model – based on coordinated, advanced protection and
resilience – is necessary to protect key critical infrastructure sectors. In
addition, enhanced action from the federal government, coupled with increased
formal cooperation with international allies, are necessary to ensure
comprehensive cybersecurity resilience. [Note: contains copyrighted
[PDF format, 28 pages].
Climate Change Still Seen as the Top Global Threat, but Cyberattacks a Rising Concern. Pew Research Center. Jacob Poushter and Christine Huang. February 10, 2019
Worries about ISIS and North Korea persist, as fears about American power grow
The Intergovernmental Panel on Climate Change released a report last year expressing serious concerns about the possible impacts of climate change, both in the near and distant future. Broadly speaking, people around the world agree that climate change poses a severe risk to their countries, according to a 26-nation survey conducted in the spring of 2018. In 13 of these countries, people name climate change as the top international threat.
But global warming is just one of many concerns. Terrorism, specifically from the Islamic extremist group known as ISIS, and cyberattacks are also seen by many as major security threats. In eight of the countries surveyed, including Russia, France, Indonesia and Nigeria, ISIS is seen as the top threat. In four nations, including Japan and the United States, people see cyberattacks from other countries as their top international concern. One country, Poland, names Russia’s power and influence as its top threat, but few elsewhere say Russia is a major concern. [Note: contains copyrighted material].
[PDF format, 37 pages].
Economic Impact of Cybercrime – No Slowing Down. Center for Strategic & International Studies. James Andrew Lewis. February 21, 2018
The Center for Strategic and International Studies (CSIS), in partnership with McAfee, present Economic Impact of Cybercrime – No Slowing Down, a global report that focuses on the significant impact that cybercrime has on economies worldwide. The report concludes that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year, which is up from a 2014 study that put global losses at about $445 billion. The report attributes the growth over three years to cybercriminals quickly adopting new technologies and the ease of cybercrime growing as actors leverage black markets and digital currencies. [Note: contains copyrighted material].
[PDF format, 28 pages].
Rethinking Cybersecurity: Strategy, Mass Effect, and States. Center for Strategic & International Studies. James Andrew Lewis. January 9, 2018
Despite all the attention, cyberspace is far from secure. Why this is so reflects conceptual weaknesses as much as imperfect technologies. Two questions highlight shortcomings in the discussion of cybersecurity. The first is why, after more than two decades, we have not seen anything like a cyber Pearl Harbor, cyber 9/11, or cyber catastrophe, despite constant warnings. The second is why, despite the increasing quantity of recommendations, there has been so little improvement, even when these recommendations are implemented. [Note: contains copyrighted material].
[PDF format, 50 pages].
From Awareness to Action – A Cybersecurity Agenda for the 45th President. Center for Strategic & International Studies. Cyber Policy Task Force. January 4, 2017.
CSIS began work in late 2014 with leading experts to develop recommendations on cybersecurity for the next presidential administration. The CSIS Cyber Policy Task Force divided its work among two groups, one in Washington D.C. and the other in Silicon Valley. Each group brought a unique and powerful perspective to the problems of cybersecurity, and their efforts form the basis of our recommendations on policies, organizational improvements, and resources needed for progress in this challenging area. [Note: contains copyrighted material].
[PDF format, 34 pages, 7.76 MB].
Recruiting and Retaining Cybersecurity Ninjas. Center for Strategic & International Studies. Franklin S. Reeder and Katrina Timlin. October 19, 2016.
This report identifies the factors that make an organization the employer of choice for what the authors call “cybersecurity ninjas.” Much has been written about the shortage of cybersecurity professionals, but little work has been done on the factors that help high-performing cybersecurity organizations build and keep a critical mass of high-end specialists. This is a first attempt that the authors hope will prompt discussion and drive changes in how organizations attract and retain high-end cybersecurity talent. [Note: contains copyrighted material].
[PDF format, 32 pages, 6.76 MB].
Distinguishing Acts of War in Cyberspace: Assessment Criteria, Policy Considerations, and Response Implications. Strategic Studies Institute. Jeffrey L. Canton. October 16, 2014.
Currently, there is no internationally accepted definition of when hostile actions in cyberspace are recognized as attacks, let alone acts of war. Although many of the challenges associated with this conundrum are common with those of the traditional domains, land, sea, and air, how should senior policymakers and decisionmakers address the unique vexations related to the complex and dynamic character of conflict in the cyberspace domain? [Note: contains copyrighted material].
[HTML format with a link to the PDF file].