Skip to main content
  • Sections
  • Search

Center for Strategic & International Studies

User menu

  • Subscribe
  • Sign In

Topics

  • Climate Change
  • Cybersecurity and Technology
    • Cybersecurity
    • Data Governance
    • Intellectual Property
    • Intelligence, Surveillance, and Privacy
    • Military Technology
    • Space
    • Technology and Innovation
  • Defense and Security
    • Counterterrorism and Homeland Security
    • Defense Budget
    • Defense Industry, Acquisition, and Innovation
    • Defense Strategy and Capabilities
    • Geopolitics and International Security
    • Long-Term Futures
    • Missile Defense
    • Space
    • Weapons of Mass Destruction Proliferation
  • Economics
    • Asian Economics
    • Global Economic Governance
    • Trade and International Business
  • Energy and Sustainability
    • Energy, Climate Change, and Environmental Impacts
    • Energy and Geopolitics
    • Energy Innovation
    • Energy Markets, Trends, and Outlooks
  • Global Health
    • Family Planning, Maternal and Child Health, and Immunizations
    • Multilateral Institutions
    • Health and Security
    • Infectious Disease
  • Human Rights
    • Building Sustainable and Inclusive Democracy
    • Business and Human Rights
    • Responding to Egregious Human Rights Abuses
    • Civil Society
    • Transitional Justice
    • Human Security
  • International Development
    • Food and Agriculture
    • Governance and Rule of Law
    • Humanitarian Assistance
    • Human Mobility
    • Private Sector Development
    • U.S. Development Policy

Regions

  • Africa
    • North Africa
    • Sub-Saharan Africa
  • Americas
    • Caribbean
    • North America
    • South America
  • Arctic
  • Asia
    • Afghanistan
    • Australia, New Zealand & Pacific
    • China
    • India
    • Japan
    • Korea
    • Pakistan
    • Southeast Asia
  • Europe
    • European Union
    • NATO
    • Post-Soviet Europe
    • Turkey
  • Middle East
    • The Gulf
    • Egypt and the Levant
    • North Africa
  • Russia and Eurasia
    • The South Caucasus
    • Central Asia
    • Post-Soviet Europe
    • Russia

Sections menu

  • Programs
  • Experts
  • Events
  • Analysis
    • Blogs
    • Books
    • Commentary
    • Congressional Testimony
    • Critical Questions
    • Interactive Reports
    • Journals
    • Newsletter
    • Reports
    • Transcript
  • Podcasts
  • iDeas Lab
  • Transcripts
  • Web Projects

Main menu

  • About Us
  • Support CSIS
    • Securing Our Future
Photo: Dark Illusion / Adobe Stock
Report
Share
  • LinkedIn
  • Facebook
  • Twitter
  • Email
  • Printfriendly.com

Rethinking Cybersecurity

Strategy, Mass Effect, and States

January 9, 2018

ISBN# 978-1-4422-8051-9 (pb); 978-1-4422-8052-6 (eBook)
CSIS/Rowman & Littlefield
Download the Report



Purchase a print version

Despite all the attention, cyberspace is far from secure. Why this is so reflects conceptual weaknesses as much as imperfect technologies. Two questions highlight shortcomings in the discussion of cybersecurity. The first is why, after more than two decades, we have not seen anything like a cyber Pearl Harbor, cyber 9/11, or cyber catastrophe, despite constant warnings. The second is why, despite the increasing quantity of recommendations, there has been so little improvement, even when these recommendations are implemented.

These questions share an answer: the concepts underlying cybersecurity are an aggregation of ideas conceived in a different time, based on millennial expectations about governance and international security. Similarly, the internet of the 1990s has become “cyber,” a portmanteau term that encompassed the broad range of global economic, political, and military activities transformed by the revolution created by digital technologies.
 
If our perceptions of the nature of cybersecurity are skewed, so are our defenses. This report examines the accuracy of our perceptions of cybersecurity. It attempts to embed the problem of cyber attack (not crime or espionage) in the context of larger strategic calculations and effects. It argues that policies and perceptions of cybersecurity are determined by factors external to cyberspace, such as political trends affecting relations among states, by thinking on the role of government, and by public attitudes toward risk.
 
We can begin to approach the problem of cybersecurity by defining attack. While public usage calls every malicious action in cyberspace an attack, it is more accurate to define attacks as those actions using cyber techniques or tools for violence or coercion to achieve political effect. This places espionage and crime in a separate discussion (while noting that some states use crime for political ends and rampant espionage creates a deep sense of concern among states).

Cyber attack does not threaten crippling surprise or existential risk. This means that the incentives for improvement that might motivate governments and companies are, in fact, much smaller than we assume. Nor is cyber attack random and unpredictable. It reflects national policies for coercion and crime. Grounding policy in a more objective appreciation of risk and intent is a first step toward better security.

Downloads
Download PDF file of "Rethinking Cybersecurity"
Written By
James Andrew Lewis
Senior Vice President and Director, Strategic Technologies Program
Purchase
Media Queries
Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Paige Montfort
Media Relations Coordinator, External Relations
Tel: 202.775.3173
Related
Cyber Diplomacy and Deterrence, Cybersecurity, Cybersecurity and Technology, Intelligence, Surveillance, and Privacy, Rethinking Cybersecurity Strategy, Strategic Technologies Program

Most Recent From James Andrew Lewis

In the News
LinkedIn Profiles Indicate 300 Current TikTok And ByteDance Employees Used To Work For Chinese State Media—And Some Still Do
Forbes | Emily Baker-White
August 11, 2022
In the News
Can the Chips and Science Act help the US avoid more shortages?
PopSci+ | Rob Verger
August 4, 2022
In the News
State Department Prepares New Focus on Cyber Diplomacy
Voice of America | Rob Garver
August 3, 2022
In the News
Taiwan presidential office website hit by cyberattack ahead of Pelosi visit
Politico | Maggie Miller
August 3, 2022
On Demand Event
Partnerships for Prosperity: U.S. Leadership in the Global Economy
July 25, 2022
In the News
US bolsters cyber alliance to counter rising Iran threat
The Hill | Ines Kagubare
July 24, 2022
In the News
Joe in Jerusalem: No traffic and no touching!
Politico | Alexander Ward and Quint Forgey
July 22, 2022
In the News
Exclusive: U.S. probes China's Huawei over equipment near missile silos
Reuters | Alexandra Alper
July 22, 2022
View all content by this expert
Footer menu
  • Topics
  • Regions
  • Programs
  • Experts
  • Events
  • Analysis
  • Web Projects
  • Podcasts
  • iDeas Lab
  • Transcripts
  • About Us
  • Support Us
Contact CSIS
Email CSIS
Tel: 202.887.0200
Fax: 202.775.3199
Visit CSIS Headquarters
1616 Rhode Island Avenue, NW
Washington, DC 20036
Media Queries
Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Paige Montfort
Media Relations Coordinator, External Relations
Tel: 202.775.3173

Daily Updates

Sign up to receive The Evening, a daily brief on the news, events, and people shaping the world of international affairs.

Subscribe to CSIS Newsletters

Follow CSIS
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram

All content © 2022. All rights reserved.

Legal menu
  • Credits
  • Privacy Policy
  • Reprint Permissions