Cyber War, Cybered Conflict, and the Maritime Domain

Those who dismiss cyber war as mere hype or as driven by potential profits dismiss much too quickly growing evidence of the importance of cyber operations—to which the Navy may be uniquely qualified to adapt

Ten Years In: Implementing Strategic Approaches to Cyberspace

This book represents a look beyond theories and analogies to examine the challenges of strategy implementation. In the essays that follow, practitioners who are building cyberspace forces at-scale join scholars who study power and force in this new domain to collectively offer a unique perspective on the evolution and future of cyber strategy and operations.https://digital-commons.usnwc.edu/usnwc-newport-papers/1044/thumbnail.jp

Three Futures for a Post-Western Cybered World

West faces a different security dilemma due to the shoddy cyberspace substrate it built and spread globally. Cyberspace created a new form of ‘cybered conflict’ with five advantages for offense previously – scale of organization, proximity, precision, deception and tools, and opaqueness in origins. It also accelerated massive wealth transfers to rising near peer and now peer adversaries, who were expected to simply fold into the western-built international system. In the process, the basic well-being of the economies of the consolidated civil society democracies have become non-kinetic fields of conflict among state and nonstate actors. The past twenty-five years of evolution of cyberspace have changes the currently likely futures of the democratic state and a rising post-western, authoritarian world. Today in the emerging cybered conflict world, there are three plausible and distinctive futures for the international system, as well as for the relative influence and well-being of the minority of states that today are civil society democracies. Two of the three offer relatively grim prospects over time, leading to a creeping enfeeblement as individually weak cyber powers in a state of modern digital subordination to a much larger, globally omnipresent, authoritarian cyber and economic hegemon. There is a possible third option: an operationalized structure for sharing cyber security and defense. This third future needs to be actively built as was the shoddy internet that has made it necessary. And it needs to be built now before the full consolidated development of the global Cyber Westphalian system

(Position paper) Where personalization, privacy, and security meet

Abstract. We have been developing dynamic user modeling techniques, while also pursuing policy research to strike a balance between an individual's privacy and society's security. We analyze user modeling through our policy lens, known as the behavior-identity knowledge (BIK) framework and offer suggestions on how to protect user privacy. Existing work by Kobsa [1] and Cranor [2] has highlighted personalization’s risks to privacy — to personalize systems requires gathering personal data, which is then used to guide the adaptation process. Much of this personalization can be captured by the single question, “What will the user do next? ” By anticipating the answer, systems can better serve users by adapting the presentation of information [3] and other user interaction aspects. We this conflict between personalization and privacy as similar to national security concerns in a post-9/11 world. Rather than asking “What will the user do next?”, however, people ask, “What will the suspect do next? ” Instead of gathering data on user preferences, new profiling and tracking technologies accumulate data on suspects and others. Indeed, even data gathered in service of user modeling might later be used to hunt for terrorists and others. Advances in scale, scope, and the accuracy of user modeling inevitably place these technologies squarely in the debate on how to balance security with freedom, and particularly the freedom of privacy. In previous work on balancing privacy and security, we have described privacy as an aggregate of two independent concepts (shown in Fig. 1): knowledge of behavior and knowledge of identity, which we call the Behavior-Identity Knowledge (BIK) model. We argue that privacy is not at risk unless an organization (or a person) knows both a person’s identity and behavior. From a policy perspective compromising between knowing one or other, society should focus its effort