Restrictive Deterrence in Cyberspace: Findings from a Series of Online Field Experiments
Speaker(s): Maimon, D. (Georgia State University)
Date: 1 February 2022
Speaker Session Summary
SMA hosted a speaker session with Dr. David Maimon (Department of Criminal Justice and Criminology, Georgia State University) as part of its SMA General Speaker Series.
Cyber-attacks have increasingly become a more prevalent national security threat since 2000; however, deterrence literature rarely mentions cyberspace. This lack of focus represents an important gap in deterrence research. Dr. Maimon commented that his team from Georgia Southern University noticed the lack of research into cyber deterrence after conducting a literature review across four main academic fields: a) criminology, b) law, c), information systems, and d) political science. Through their research, they identified two main types of deterrence which are: a) absolute deterrence and b) restrictive deterrence. Restrictive deterrence—or influencing criminals to scale down their actions—was considered by the research team as the best option to pursue, because it is the most realistic outcome. Absolute deterrence—or completely shutting down an action—was not considered a realistic goal.
Dr. Maimon commented that the frequency of hacks, their scope, and the time a hacker infiltrates a computer system can be reduced by conducting three restrictive deterrence actions. These actions are: a) spreading gossip about the ability for authorities to arrest hackers, b) sending hackers a warning message once they had infiltrated a computer, and c) messaging the hackers directly after they gained access to a computer. Dr. Maimon commented that the effects of these restrictive deterrence measures were evident for several weeks. Also, these actions are not only applicable to cyber deterrence from hackers but can be used for any cyber-criminal activity. This is because criminals are rational actors who weigh the costs and benefits of their actions. Dr. Maimon commented that the next stage in their research is identifying what key features of restrictive deterrence are actually forcing criminals to restrict the scope of their actions.
Dr. David Maimon is an Associate Professor in the Department of Criminal Justice and Criminology at Georgia State University (GSU) and the director of the Evidence-Based Cybersecurity research group (seeebcs.gsu.edu). He received his Ph.D. in Sociology from the Ohio State University in 2009. Prior to joining GSU, Dr. Maimon held academic position in the Department of Criminology and Criminal Justice in the University of Maryland, and the Department of Sociology in the University of Miami. In2015 he was awarded the “Young Scholar Award” from the“ White-Collar Crime Research Consortium of the National White-Collar Crime Center” for his cybercrime research. Throughouthis career he has raised more than $6 million to conduct Evidence-Based Cybersecurity research. Since joining GSU, Dr. Maimon has established the Evidence-Based Cybersecurity Research Group, where he and his researchers seek to produce and review multi- and inter disciplinary empirical evidence about the effectiveness of cybersecurity tools and policies. The group and its unique approach to cybersecurity education and research have been acknowledged on popular media platforms(https://edtechmagazine.com/higher/article/2020/09/training-next-generation-cyber-professionals).Moreover, the group's close relationships with cybersecurity professionals in several industries and law enforcement agencies have led to the adoption of the Evidence-Based Cybersecurity approach by several organizations.
Site-wide Search
Search all site content, including all NSI and SMA publications, SMA Speaker series, NSI Team member bios, services, portfolio projects, company info, and more.
