Strategic Cybersecurity, Module 1: Cybersecurity: An Interdisciplinary Approach.
This lecture is an introduction to the course "Strategic Cybersecurity," introducing its survey nature, noting the textbooks that the course uses, and briefly explaining the logistics of the course.
Once you have completed the readings, lecture, activity, and assessment, you will be able to:
- Identify important topics and issues associated with strategic cybersecurity
- Articulate why cybersecurity has evolved from a technical discipline into one with strategic implications.
Welcome to the fascinating topic of strategic cybersecurity. In contrast to most cybersecurity classes, which generally focus on the very technical aspects of cyber intrusion, strategic cybersecurity looks at the field from, as they say in the military, 30,000 feet, meaning that we will look very broadly at the many nontechnical aspects of the field.
What you'll learn
Because of the various domains of knowledge required to understand cybersecurity at the strategic level, we will take a multidisciplinary approach to the topic. We will incorporate knowledge from a variety of disciplines, including:
- political science
- and, of course, computer science.
This course can be thought of like a survey in that I will be providing an overview of many topics relevant to the field of strategic cybersecurity, to include some of the more basic vulnerabilities of the Internet:
- cyber conflict
- cyber terrorism
- and the problems of attribution with regard to hacking attacks occurring over the Internet.
We will also cover some legal, historical, and philosophical issues related to cybersecurity, including issues of state sovereignty, the erosion of privacy, surveillance, and government regulation.
For instance, we'll discuss how the Treaty of Westphalia, a treaty signed in 1648 that marked the end of the Thirty Years War, is related to cybersecurity. Later, we will address how the legal concept of Jus Ad Bellum, a Latin term meaning “the right to wage war,” is applied to cyber conflict.
Layers of Cybersecurity
You'll learn how cyberspace is generally characterized as existing in layers. For instance, many refer to the Internet as comprised of five distinct layers:
- a geographic layer
- a physical network layer
- a logic layer
- a cyber-persona layer
- and a persona layer
And each of these layers has its own specific vulnerabilities.
I'll describe how many countries organize their offensive cyber capabilities into highly orchestrated units called APTs, or Advanced Persistent Threats. These countries will organize efforts to steal a specific type of information or disrupt a specific capability of an adversary into an APT.
You'll see how the exploding rate of information technology development is straining the ability of the justice system to keep up. The issue of privacy, for instance, is increasingly coming to the forefront of the list of problems our society is having to face as one particular technology, what's called the Internet of Things, becomes more developed.
In its most basic form, the Internet of Things can be thought of as the linking together, or networking, of various devices and applications one may use through the course of their daily life. Think of a network refrigerator that can sense when you're out of milk and may order fresh milk for you, or an automated thermostat in your home, such as Nest, that can detect your pattern of life, such as when you are generally home or away at work, and adjust the temperature in various rooms of your home accordingly.
In order to do this, the automated program would have to have sensors throughout your house to detect your movements. If you combine this technology with similar tracking technology in your car, or cell phone, for that matter, you essentially leave a digital trail which may allow others to track your movements 24 hours a day.
This, of course, has major implications for individual privacy that we will address in a later lecture.
And just a quick note about the logistics of the course: Most lectures will open with a list of student learning outcomes, or SLOs, followed by a 7- to 10-minute video presentation giving you a quick background on the lecture topic. At the end of the video, we will present a slide with both short-answer and multiple-choice questions covering the material in the module.
Generally, the short-answer questions can be addressed in 250 words or less. In the majority of modules, we will also present exercises to help you better integrate the material.
If you have been assigned to take this course as part of an official training program, your instructor may ask that you turn in your answers for grading or credit.
Supplemental Text Books
The two textbooks we will be utilizing for this course, in addition to various other readings I will be providing, are Paul Rosenzweig's 2013 Cyber Warfare, and Singer and Friedman's 2014 Cybersecurity and Cyberwar: What Everyone Needs to Know.
Paul Rosenzweig is a professor of law at the George Washington University Law School and lectures on cybersecurity law and policy. He also previously served as a deputy assistant secretary for policy in the Department of Homeland Security.
Peter Singer is a well-known expert on cyber warfare, security, and intelligence and currently serves as a strategist for the New America Foundation.
We will also be utilizing Dr. Kenneth Geers' e-book Strategic Cyber Security, which can be downloaded for free. Dr. Geers spent four years at NATO's Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, where he researched material for his book with other experts in cyber conflict and cyber law.
We hope you enjoy the course.
Now, to get us underway, let's turn to our first set of questions for this module.
1: According to Rosenzweig, which answer fails to explain why the Stuxnet virus was so transformative?
A: It showed that computer viruses or attacks could be lethal, not just disruptive.
B: It highlighted the vulnerability of critical infrastructure, e.g., the electrical grid, to cyber attacks.
C: It enhanced the ability of the Iranian government to control Iranian citizens.
D: It created a need to rethink our definitions of espionage, terrorism, and crime.
The answer is C. It enhanced the ability of the Iranian government to control Iranian citizens.
2: According to Singer and Friedman, in addition to the physical or digital realms, cyberspace can be defined as much by which realm?
The answer is C: cognitive realm.
The activity for this module asks that you download and read “Assessing Russian Activities and Intentions in Recent U.S. Elections,” available on the U.S. Senate Select Committee on Intelligence website. After reading the report, consider which of the key judgments that the report highlights used elements of strategic, rather than traditional, cybersecurity.