Dialectics of cyber international relations and cyber defense towards a strategic research program l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 20

Dialectics of Cyber International Relations and Cyber Defense:  Towards a Strategic Research Program PowerPoint PPT Presentation


  • 222 Views
  • Uploaded on
  • Presentation posted in: General

Explorations in Cyber International Relations (ECIR). Dialectics of Cyber International Relations and Cyber Defense:  Towards a Strategic Research Program. John C. Mallery ( [email protected] ) Computer Science & Artificial Intelligence Laboratory Massachusetts Institute of Technology.

Download Presentation

Dialectics of Cyber International Relations and Cyber Defense:  Towards a Strategic Research Program

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Dialectics of cyber international relations and cyber defense towards a strategic research program l.jpg

Explorations in

Cyber International Relations (ECIR)

Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program

John C. Mallery ([email protected])

Computer Science & Artificial Intelligence Laboratory

Massachusetts Institute of Technology

Presentation at theECIR Workshop onCyber International Relations: Emergent Realities of Conflict and Cooperation, MIT, Cambridge, October 14, 2010.

OSD Minerva Research Project at Harvard & MIT

Explorations in Cyber International Relations


Overview l.jpg

Overview

  • Activities Under ECIR

  • Strategic IR Research Program

  • Cyber Defense Strategy

  • Meta-power As IR Leverage Criteria

  • High-leverage Research Areas

  • Dialectics

  • Computational Politics

  • Selected Leverage Vignettes


Activities under ecir l.jpg

Activities Under ECIR

  • Stanley Cyber Monitoring & Analysis System

    • 5 document streams

    • Over 4k documents

  • Cross-organization Cyber Data Study

    • 5 themes: international interactions, crime, economics, defensive coordination, long-term transformations

    • Recommendations for cyber data collection

    • Over a dozen organizations

  • Cyber Defense Strategy

    • Work factor concept

    • Technology strategy

  • Today: Linking IR to Cyber Defense


Strategic research program l.jpg

Strategic Research Program

  • How can we prioritize research on cyber international relations to focus on the highest leverage problems?

    • Exhaustive enumeration is slow

    • Recycling pre-existing disciplinary concepts may lack relevance or leverage

  • Approach

    • Link to cyber defense strategy

    • Identify cyber fueled processes that drive strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare

    • Elucidate those processes


What is cyberspace l.jpg

What is cyberspace?

  • Interdependent network of information technology infrastructures (NSPD54/HSPD23)

    • Internet

    • Telecommunications networks

    • Computer systems

    • Embedded processors

    • Controllers in critical industries

  • Virtual environment of information and interactions between people (NSPD54/HSPD23)

  • US Military:

    • Electro-magnetic spectrum

    • Information operations

    • C4ISR, space

  • Supply chains for IT

    • Computers, networks, software, crypto, id mgt., etc.


Big elephant high cognitive difficulty due vast cross cuts l.jpg

Big Elephant: High Cognitive DifficultyDue Vast Cross-Cuts

  • Cyber insecurity has manifestations across the range of human activities where there is value

    • Business

    • Defense

    • Society

  • Technological basis of crisis is difficult to apprehend

    • Current COTs failures

    • 40 years of traditional computer security

    • Future: transformational computing & networking

  • Policy and legal responses are difficult

    • Cyber spans most traditional policy domains

    • Received legal concepts and categories are blurred

    • Best organizational modes unclear

  • Responses often reflectdisjointed incrementalism

    • Analytical reductions based onreceiveddisciplinary lenses (analogies)

    • Proposed solutions based on repurposed concepts

  • Creation of integrative frameworks) is essential

    • Enables cumulation across disciplines and knowledge areas


Dod cyber strategy l.jpg

DoD Cyber Strategy

  • William J. Lynn, Deputy Secretary, DoD

    • Foreign Affairs, August, 2010

    • NATO, September, 15

    • CFR, September 30

  • Vast vulnerabilities & critical reliance

    • Military/Intel

    • Critical infrastructure

    • Private sector

  • Five pillars

    • Domain of warfare

    • Active & timely defense

    • Protection of critical infrastructure

    • Collective defense with allies

    • Technological leverage


Strategic approach l.jpg

Strategic Approach

  • Transform US cyber-infrastructures to:

    • Resist attacks and continue to function under adversity

    • Enhance confidence in computation and communications

    • Enable rapid adoption of new technological advances

    • Strength competiveness via improved agility, effectiveness, and learning

  • Vision

    • Trustworthy systems and resilient society

    • Articulation of roles and responsibilities

    • Alignment of guiding images

  • Integrative Framework

    • Effective application of resources

    • Coordinated division of labor

    • Common language

    • Dynamic refinement

  • Objectives

    • Prioritized

    • Risk adjusted

    • Time horizons

  • Implementing strategies

    • High leverage

    • Synergistic moves


Defensive complexity analysis l.jpg

Defensive Complexity Analysis

  • Response to cyber asymmetries requires high leverage solutions

    • Application to the entire attack value cycle (financial, political-military)

    • Time frames: Short-term (0-2 yrs), medium-term (2-5 yrs), long-term (5-10 yrs)

  • Security meta-metrics focus on difficulty of attacker or defender tasks

    • Work factor (WF) is the difficulty of executing tasks

    • Analogous to computational difficulty in cryptography

    • Extends beyond the technical designs to domain embeddings (cyber operations research)

  • Dimensions of work factors

    • Resources

      • Computational complexity (mathematical leverage)

      • Cost (often related to complexity)

      • Expertise and Knowledge (technical specialties, domain knowledge)

    • Planning, execution and information management

      • Cognitive difficulty (model as formulation of non-linear plans and counter plans)

      • Learning difficulty (reversing obfuscation, devising new tactics or approaches)

      • Organizational effectiveness/dysfunction (integration, learning, structure, psychology)

    • Risk

      • Uncertainty (confidence, incomplete information)

      • Culture (risk acceptance or aversion)

      • Information differential gain/loss (innovation, leakage by insider, espionage, diffusion)

  • Make technical or policy moves that cumulatively

    • Impose hard problems on attackers (prefer geometric impact)

    • Facilitate coordinated defense (eliminate multipliers)


Defensive strategy decomposition planes of action l.jpg

Defensive Strategy Decomposition:Planes of Action

  • Leadership organization

    • Policy community

    • Technology visionaries

    • Domain architects

  • Cyber technology base

    • IT capital goods industry

    • Telecommunications operators

    • Identity management & crypto sectors

    • Standards bodies and certification/accreditation authorities

  • Public sector domains

    • Military & intelligence systems

    • Government systems

    • Defense industrial base

  • Private sector domains

    • Critical infrastructure

    • Research and education infrastructure

    • Supply chain

    • Major enterprise

    • Smaller enterprise

    • Consumer

  • International cooperation

    • Allies

    • Trading partners

    • Regional or issue groups

    • Global

  • International competition

    • Mutual understandings

    • Declaratory policies

    • Norms


Solutions vs mitigations l.jpg

Solutions vs. Mitigations

  • Solution Domains (10-30 years)

    • Science, technology, engineering

    • R&D infrastructure

    • Human capital

    • IT capital goods industrial organization

    • Critical infrastructures

  • Threat mitigation domains

    • Information assurance management

    • International cyber crime law enforcement

    • Cooperative engagement (like minded)

    • International norms (agreements 10+ yrs)

    • Deterrence (cross domain responses)


Meta power bbb as leverage framework l.jpg

Meta-power (BBB) As Leverage Framework

  • Power: Set of action possibilities and payoffs for actors within an interaction framework

  • Meta-power: Action possibilities that change the distribution of power resources among actors (Deutsch: Nth order power)

  • Strategic Competition: Contention over meta-power resources

  • Leverage: Impact of cyber-fueled international processes on national strategies


High leverage research areas l.jpg

High-leverage Research Areas

  • Information Diffusion

    • Economic strategy based on knowledge activities becomes problematic

  • Globalization

    • National location of key industries (and spread effects) more difficult

  • Cyber-enabled organizational learning => higher adaptive capacities

    • Race for more effective organizations as a basis for national advantage

  • Computational support for cyber decision-making and understanding

    • Modeling, mechanism design, precedent reasoning, game theory, grammars of action

  • Cultural interpenetration

    • Global digital ecumene -> clash of civilizations or transcendence?

  • Empowerment of small groups

    • Ability of “terrorists” to organize and cause trouble


Dialectics l.jpg

Dialectics

  • Information assurance is slippery with many potentially self-defeating moves

    • Centralization -> aggregation of threat

    • Standardization -> low diversity -> scale economies of attack

    • Conservation of threat -> attacks move to weaker surfaces

  • Two definitions of dialectics:

    • Process and complement process

    • Action and reaction


Examples of cyber dialectics l.jpg

Examples of Cyber Dialectics

  • Ready access to S&T knowledge

    • Faster research cycle within countries

    • Unprecedented rates of global knowledge diffusion

  • Empowers global business operations (e.g., IT sector)

    • More efficient resource utilization

    • More conflict over loci of production

  • Virtual concentration of dispersed groups

    • Critical mass to articulate knowledge interests

    • Critical mass to organize insurgencies or nihilistic actions

  • Informationalized militaries (e.g., GIG)

    • Global power projection (Gulf War 1 forward)

    • Asymmetric power projection (cyber war)

  • More effective bureaucracy

    • Improved domestic operations, law enforcement, transparency

    • Reduced autonomy of the state (via network interpenetration, higher scrutiny)


Computational theories of politics and ir l.jpg

Computational Theories of Politics and IR

  • Karl Deutsch

    • Political cybernetics and systems dynamics

    • Integration theory

  • Hayward Alker

    • Mathematical politics (limits – degrees of freedom, structural change)

    • Systems dynamics (limits – structural transformation)

    • Generative grammars (limits – descriptive)

    • AI and text-interpretive theories of IR (learning, meaning)

    • Dialectics of world order

  • Herbert Simon

    • AI and political science (search paradigm)

    • Computational search in organizations (“bounded rationality”)

  • Lloyd Etheredge

    • Government learning (1985) (psychology and structure)

  • John Mallery

    • Computational politics (1988)

    • Application of computational models of cognition to IR


Cyber social systems l.jpg

CyberSocial Systems

  • Networking and computation spread ubiquitously 1992-2010

    • Cyberphysical systems

  • Now:

    • Computers provide cognitive prosthetics

    • Networks link human-computer cognitive systems

  • Speed -> gain in systems

    • Faster rates of interaction

    • Global immediacy

    • Co-evolution and interpenetration of cyber systems and biological cognition

  • Computational analytical frameworks needed

    • Individual => social network => organization


Digital noosphere tailard desjardins l.jpg

Digital Noosphere(Tailard Desjardins)

  • Collective knowledge of humanity

    • Under active assembly on the Web today

  • Culture becomes digital

    • Expectation of increasing cultural gain

  • Organizational adaptation requires increased rates of learning

    • Faster interactions (digital diplomacy)

    • More informationmarshaled

    • Better knowledge: Conflict vs. homogenization

  • Major challenge of modernity

    • Networked global ecumene

    • Opportunities for broader international integration

    • Clash of cultures: West, Islam, South Asia, East Asia


Globalization world system analysis l.jpg

Globalization (World System Analysis)

  • Reinforces and extends ability of transnational firms to coordinateglobalproduction

    • Increases centripal impact on loci of production

    • Reduces state sovereignty, but some states can influence firms’ locationalcalculi (e.g., China)

  • New Neo-mercantilism (world order threat)

    • Competition for future industries

    • Lock-in of raw materials and new markets (e.g., Africa)

    • “Currency wars”

  • Refocus on developmental economics

    • “Conditioned development” (Cardoso)

    • “Spread effects” (Myrdal), “staple theory” (Innis)

    • Industrial policy helps understand emerging powers

    • Necessary strategy for national economic renewal


Strategic research program20 l.jpg

Strategic Research Program

  • How can we prioritize research on cyber international relations to focus on the highest leverage problems?

    • Exhaustive enumeration is slow

    • Recycling pre-existing disciplinary concepts may lack relevance or leverage

  • Approach

    • Link to cyber defense strategy

    • Identify cyber fueled processes that drive strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare

    • Elucidate those processes


  • Login