They found people from Western, educated, industrialized, rich and democratic (WEIRD) societies—representing up to
80% of study participants, but only 12%
of the world’s population—are not only
unrepresentative of humans as a species,
but on many measures they are outliers.
( http://bit.ly/1S11gQo).
It is easy to fall prey to the Inverse
Lake Wobegon Effect. Those of us who
work at colleges and universities only
teach undergraduate and graduate students. It is easy for us to believe those
students represent all students. If we
are really aiming at computing for
everyone, we have to realize we do not see
everyone on our campuses. We have to design explicitly for those new audiences.
John Arquilla
“Toward a Discourse
on Cyber Strategy”
http://bit.ly/1J6TPE9
January 15, 2016
While cyber security is a topic of discussion all over the world today—a discourse shifting in emphasis from firewalls to strong encryption and cloud
computing—little is heard about broader notions of cyber strategy. Efforts to
understand how future conflicts will be
affected by advanced information technologies seem to be missing—or are taking place far from the public eye.
When David Ronfeldt and I first published Cyberwar Is Coming! (http://bit.
ly/1PAL6uW) nearly a quarter-century
ago, we focused on overall military operational and organizational implications
of “cyber,” not just specific cyberspace-based concerns. It was our hope a wide-angled perspective would help shape the
strategic conversation.
Sadly, it was not to be. Forests have
been felled to provide paper for the
many books and articles about how to
protect information systems and infrastructure, but little has emerged to
inform and guide future development
of broader strategies for the cyber era.
There have been at least a few voices raised in strong support of a fresh
approach to strategic thought in our
time—interestingly, with some of the
best contributions coming from naval
strategists. Among the most trenchant
insights were those of two senior U.S.
Navy officers. Vice Admiral Arthur Ce-
browski, with his concept of “network-
centric warfare,” emphasized this peri-
od of technological change would favor
the network form of organization. Ad-
miral Bill Owens, in his Lifting the Fog of
War ( http://bit.ly/1SYvEuL), argued for
extensive information gathering and
sharing in what he called a “system of
systems.” Both were writing over 15
years ago, and their respective visions
proved to be a bit too cutting-edge to
gain much traction.
Around the same time, some astute naval officers in China were doing
much the same. Then-Captain Shen
Zhongchang, the People’s Liberation
Army Navy’s R&D director, along with a
few staff officers, appreciated the importance of networks and systems thinking—keying on the former as principal
targets in future conflicts and directing
their energies on battle doctrines. They
understood huge increases in the information content of weaponry virtually
decoupled range from accuracy, making
possible “remote warfare” and demanding dispersal rather than concentration
of forces in future wars.
Zhongchang’s team played a measurable role in shaping Chinese strategic thought. Overall, though, there has
been little open debate of ideas about
the age of cyberwar in world strategic
circles. How different this is from the
international discourse that arose over
the prospect of nuclear war. In the first
decade of the atomic age, a range of
strategic ideas shaped lively debates.
In the U.S., enthusiasm for nuclear
weapons among senior policymakers
led to ideas about waging preventive
wars against enemies before they could
acquire such capabilities. Thankfully,
scholars and others involved in security affairs rose up in protest and, in
1954, President Eisenhower publicly
renounced the idea the U.S. would ever
wage preventive nuclear war.
Other countries were ahead of the
U.S. on this point, including the then-
Soviet Union, and even France, where
Charles de Gaulle put the notion of end-
less nuclear arms racing to rest with the
formulation all that was needed was
an “arm-tearing-off” capacity for deter-
rence to work well. Mao Zedong adopt-
ed this view, too; so have most others
who have developed nuclear weapons.
Eventually, in part because of public de-
Washington came around to this view,
and arms racing turned into the nuclear
arms reductions we see today.
This is not the case with cyber. There
is a raging arms race in virtual weapon-
ry, secretly, in many countries, with con-
comitant plans for preemptive, preven-
tive, and other sorts of Pearl Harbor-like
actions. The potential for “mass disrup-
tion” (as opposed to mass destruction)
is generally the focus of these efforts.
The results could be costly if these ideas
were ever acted upon. As Scott Borg, di-
rector of the U.S. Cyber Consequences
Unit, noted: “An all-out cyber assault
can potentially do damage that can be
exceeded only by nuclear warfare.”
Yet instead of an outcry about this
looming threat and a thoughtful dis-
course about how to bring these capabili-
ties under control, efforts to develop ever-
more-sophisticated weaponry of this sort
proceed unabated. In some places, the
complacency in the face of the potential
threats is staggering. Witness the com-
ments of the current U.S. “cyber czar,” Mi-
chael Daniel: “If you know about it, [cyber
is] very easy to defend against.” In an age
where the world has repeatedly seen how
vulnerable commercial enterprises are,
and where even sensitive information
guarded by governments is breached, the
statement that cyber attack is “easy to de-
fend against” rings all too hollow.
What is needed now is a lively discourse on cyber strategy. It should
probably begin with consideration of
whether offense or defense dominates,
as parsing the peril in this way will affect
the larger debate about continuing the
cyber arms race or, instead, searching
out various ways to craft sustainable, be-havior-based international cyber arms
control agreements. The wisdom or folly of using cyber weaponry in preemptive or preventive actions—à la Stuxnet
—should also be openly debated.
In an earlier era, atomic scientists
played central roles in guiding and informing the key nuclear debates—in
the military, government, and among
the mass public. In this era, it may be
up to computer scientists and information technology experts to provide a
similar service—and now is the time.
Mark Guzdial is a professor at the Georgia Institute of
Technology. John Arquilla is a professor at the U.S. Naval
Postgraduate School.
© 2016 ACM 0001-0782/16/04 $15.00