The cybersecurity policy of Switzerland is focused on enhancing competencies and knowledge, investing in research and the resilience of critical infrastructures, threat monitoring, supporting innovation, promoting standards, and increasing awareness – all in the framework of public-private, inter-regional, and international cooperation. The armed forces support this policy by developing threat intelligence and attribution capabilities, readiness to undertake active measures in cyberspace, and to ensure operational availability under any circumstances.
Cybersecurity in and of itself is not particularly new. Contemporary opportunities to exploit vulnerabilities, however, make this a challenging field. It is only natural that rivals exploit newly created opportunities. Conflict, in which adversarial relationships have a cyber dimension, is here to stay. Accordingly, societies must devise an appropriate organization to protect themselves from intentional threats. This article surveys Israel’s approach, outlining the origins and the evolution of the national cyber defense, prevailing threats, doctrinal challenges, and the role military services play in cyber defense.
The article reviews the UK military contribution to the national approach to cybersecurity, extending across the continuum of inter-state activity from peace, through cooperation, competition, confrontation, conflict, and war. According to the UK doctrine, the military performs active and passive defensive functions in cyberspace, offensive cyber operations, cyber intelligence, surveillance and reconnaissance, and cyber operational preparation of the environment, and the response actions are not limited to just the cyber domain.
The article presents Austria’s cybersecurity policy, set in a whole-of-government context. It is comprehensive, integrated, proactive, and based on solidarity and cooperation within and beyond the European Union. Transparent governance, the cooperation between public agencies, businesses, research institutes, and the citizens, investments in awareness, research and development are expected to protect effectively vital information and critical infrastructures. The Ministry of Defense and the Austrian Armed Forces contribute to the national policy primarily through the Joint Forces Command, the Communication and Information Systems & Cyber Defense Command, and the two intelligence services.
Current conflicts are increasingly carried out in hybrid forms, including attacks on technical networks and campaigns aimed at influencing public opinion. The Bundeswehr has responded to this development by pooling its capabilities in this field and combining them in the new Cyber and Information Domain Service. On par with the classic service branches—Army, Air Force, and Navy—this service, with its approximately 14,500 members, makes an important contribution to the whole-of-government security provision.
Cyber warfare is a critical component of nation states’ military arsenals, and a cyber arms race has emerged in the absence of international agreements (norms and confidence-building measures) to limit the use of cyber warfare. One key impediment to building consensus on cyber norms and confidence-building measures is a lack of transparency in cyber weapons development and poor attribution of attack perpetrators. Recently, there has been improvement in attribution capabilities based on better data collection and the profiling of known hackers and nation states by intelligence agencies, and this should give impetus to efforts to establish confidence-building measures and cyber norms. This article discusses the need for, and challenges associated with attribution, recent advances that will lead to better attribution, and the collective responsibility of nation states in addressing these challenges. It suggests several initiatives to reduce chances of cyber conflict, as well as to prevent cyber conflicts from escalating such as defining clear processes for attribution, creating neutral bodies for incident analysis, and limiting the scope of retaliation based on the confidence in attribution.
The growth of Internet and innovation that thrived with it was facilitated by an environment relatively free of controls. Regrettably however, with its deep integration into the societal framework, the Internet has become a potent tool for influencing geopolitical conflicts, including interference in internal affairs of other nations, undermining national security, destabilizing financial infrastructure, and attacks on critical infrastructure. While countries are harvesting the social and economic benefits of the Internet, they are frightened of the threats it poses to national security. In response to these threats, countries are starting to tighten their internet borders and developing their cyber weaponry both as a deterrent to, and leverage during conflicts. A potential downside of such state-by-state regulation is inhibition of the rapid innovation that the Internet has traditionally fostered and the curtailing of freedom of speech that has led to the social integration in the society. On the other hand, innovation and freedom cannot thrive in a chaotic environment with rampant crime and lack of rules, norms, and ethics. With this in mind, national policymakers face the challenge of striking a balance between regulation and potential chaos on the Internet while at the same time promoting freedom. In efforts to strike such a balance of national interests, borders in cyberspace have an important role to play along with international efforts to build trust in cyber space and to slow down the fragmentation of the Internet. This article discusses how the cyber conflicts are escalating, how mutual distrust is growing, and how nation states are adapting to the constantly changing cyber domain.
This paper calls for establishing an arms-control regime in the Mediterranean region. It addresses the political determinants of such a regime in terms of regional relations and arms posture, and stands of regional and extra-regional powers. Resolving the Arab-Israeli conflict, elimination of weapons of mass destruction (WMD), regulation and reduction of conventional weapons and small arms and light weapons (SALW), combatting illicit arms trade in the region and engagement of all the relevant States are imperative in determining the Mediterranean arms control structure. The main commitment of extra-regional powers should be nonviolation of the prospected Mediterranean arms-control regime, especially the WMD-free status whenever in force. For that sake, confidence-building measures should be adopted in order to build the three pillars of the regime: legal instruments, institutional structure, and monitoring and verification mechanisms. The Mediterranean arms control architecture could be easily crafted if it goes normative through creating a regional identity based on universal values, and supporting that normative transformation with a Mediterranean ‘Marshall Plan’. The Union for the Mediterranean (UfM) could be revitalized through the foundation of the Conference on Cooperation and Security in the Mediterranean (CSCM) at the governmental level to be the permanent governing organ of the UfM with a view to administrate the arms control regime in the Mediterranean.
This work is the product of a research, conducted in the course of the Master’s Program in International Security Studies and seeks to give cyber deterrence its deserved (non-technical) attention in the academia. It will focus in a first article on the concept of deterrence and its applicability in the cyber domain in general. The second part, in a later article, will scrutinize ways for Germany, as an important player in an ever more digitized international system, to approach a cyber deterrence strategy in order to bolster its national security interests.
Cyber space as the fifth domain is omnipresent and all developed states increasingly realize that international relations and typical domains of statehood change in the face of a global digitization. With the advent of game-changing technologies, traditional tools of statecraft, such as deterrence, seem disregarded as outdated in the national security strategy building process. Advanced states in particular depend heavily on an open and safe cyber domain but at the same time suffer from manifold vulnerabilities. The recent past showed that sophisticated cyber attacks have the potential to disrupt governments, economies and societies significantly and therefore pose a threat to core security interests. Deterrence, as classical tool in international relations, can help to bolster national security interests, even if the cyber domain requires some special considerations.
Therefore, the article explains basic mechanisms of deterrence in the nuclear age and in contemporary international relations, the legal framework of cyber space and possible ways to apply deterrence in the cyber domain. It aims to urge global leaders to thoroughly consider deterrence in the cyber domain as a powerful asset and to provide policymakers with options for action
Cross-domain Coercion as Russia’s Endeavor to Weaken the Eastern Flank of NATO. A Latvian Case Study
Cross-domain coercion is tangible on NATO’s Eastern flank and characterized by the use of derogative propaganda, fake news, financial assets in Latvian banking system, Russian-based organized crime and the military elements. This study on cross-domain coercion, however, concentrated also on the cohesion of Latvian population, existing gaps within the society and its susceptibility to be exploited by Russia. To acquire data for this study, the researcher conducted interviews with representatives of the Eastern flank countries, and conducted an extensive literature study. To determine the root causes of vertical division in the society, “5 WHYs” method was used. This research has proved that the presence of Russian minority and Russian-based organized crime (RBOC) minority can be a good base to create an unrest, and that Russia is able to influence the internal policy of a country when the Russian economic footprint exceeds 12% of GDP. The demographics and the cohesion (including vertical and horizontal divisions) of the society are factors determining the resistance of Latvia. The triumph of the populist parties during the October 2018 parliamentary elections reflect the trend that the nation is tired of the corrupt and ineffective government rather than it is drifting towards Russia. In a broader scope, it is expected that cross-domain coercion will increase and Russia will test the cohesion of NATO.
Deterrence and Defense at the Eastern Flank of NATO and EU: Readiness and Interoperability in the Context of Forward Presence
The paper is based on the discussions at the conference of the Atlantic Council of Bulgaria in September 2018, sponsored by the NATO Public Diplomacy Division and focusses on the NATO / EU posture in Eastern Europe for defense and deterrence. Special attention is given to the development of the Bucharest Initiative (B9) and its influence on the Western Balkans and Black Sea Region. Based on the defense posture and in the context of the developments in NATO (and EU) for improved readiness and interoperability, including with the partners, the authors propose a Program for Readiness and Interoperability (PRI), oriented to C4ISR area together with enhanced cooperation in education and training for the defined B9+ region as instruments to instrumentalize this cooperation and improve the deterrence and defense capacity on the Eastern Flank of NATO and EU, while at the same time strengthening the resilience to hybrid threats.