Cyber Deterrence or: How We Learned to Stop Worrying and Love the Signal

November 2019 No Comments

“Cyber Deterrence or: How We Learned to Stop Worrying and Love the Signal”

Speaker: Welburn, J. (RAND)

Date: 7 November 2019

Speaker Session Preview

SMA hosted a speaker session presented by Dr. Jonathan Welburn (RAND) as a part of its SMA General Speaker Series. Dr. Welburn began by discussing the current state of cyber space and cyber conflict. He then stated that the need for cyber deterrence has drawn key attention from US strategists. Dr. Welburn also highlighted the similarities and differences between classical and cyber deterrence, in addition to two key problems relevant to cyber deterrence: the attribution problem (attribution is often ambiguous after an attack has occurred) and the signaling problem (unlike conventional weapons, one cannot test cyber weapons or publicly display them, so it is often unclear as to what an actor’s cyber capabilities are). He then stated that within cyber deterrence, there is a specific defender strategy space, which reveals opportunities for deterrence through denial (e.g., deception, interdiction, patching) and punishment (e.g., public attribution, retaliation). He highlighted some of the current literature written on retaliation, which his team chose to focus on when designing its cyber deterrence game. Dr. Welburn then explained how his team designed this game, which involved two players: the attacker, who had the option to attack or not attack, and the defender, who had the options to signal or not signal and to retaliate or not retaliate. The attacker lacked perfect knowledge on the defender’s capability to punish by retaliation, which represented the signaling problem, while the defender lacked perfect knowledge of the attack’s occurrence and origin, which represented the attribution problem. After reviewing the attacker’s and defender’s incentives and how the game operated, Dr. Welburn presented his team’s key findings: 1) defenders should be deceptive of their true capabilities, 2) defenders should signal deceptively, 3) high attribution improves deterrence, and 4) increasing the cost of correct retaliation relative to incorrect retaliation improves deterrence. To conclude, Dr. Welburn stated that his team believes that cyber deterrence is possible, and deterrence by denial is ideal from a US cyber deterrence policy standpoint. However, he suggested that the DOD can improve its deterrence through an adversary-specific retaliation strategy, which would utilize both deception and signaling.