It's not that I want to get into any cyberwarfare hype, but I think it's quite clear enough now that those who wage war (or at least have to be prepared to wage war) on our behalf are taking the threat of cyberwar seriously, and that means we should too.
Kenneth Geers represents the United States at the NATO Cooperative Cyber Defence Centre of Excellence (yes, it does use UK spelling) in Talinn, Estonia. (Now there's a country with some experience of cyberattacks...)
The Centre has published his eBook Strategic Cybersecurity. It's a lengthy document (169 pages in the PDF version) that looks at four very different approaches to nation-state approaches to self-defense in the age of the cyberattack:
- Sun Tzu's Art of War
- Cyberattack deterrence
- Cyber arms control
It asks questions like:
- What is our critical infrastructure?
- Is it dependent on information technology?
- Is it connected to the internet?
- Would its loss constitute a national security threat?
- Can we secure it or, failing that, take it offline?
I've only had time to skim it so far, but it looks like a good read (especially as it's free!). In fact, I'd say it should be recommended reading for anyone with a professional or semi-technical interest in this area. I'll probably come back to it here in Cybercrime Corner when I've had a chance to read it properly.