Strategic Cyber Security: An Evaluation of Nation-State Cyber Attack Mitigation Strategies

DEF CON 19

Presented by: Kenneth Geers
Date: Saturday August 06, 2011
Time: 17:00 - 17:50
Location: Track 4
Track: Track 4

This presentation argues that computer security has evolved from a technical discipline to a strategic concept. The world's growing dependence on a powerful but vulnerable Internet — combined with the disruptive capabilities of cyber attackers — now threatens national and international security.

Strategic challenges require strategic solutions. The author examines four nation-state approaches to cyber attack mitigation.

•Internet Protocol version 6 (IPv6) •Sun Tzu's Art of War •Cyber attack deterrence •Cyber arms control

The four threat mitigation strategies fall into several categories. IPv6 is a technical solution. Art of War is military. The third and fourth strategies are hybrid: deterrence is a mix of military and political considerations; arms control is a political/technical approach.

The Decision Making Trial and Evaluation Laboratory (DEMATEL) is used to place the key research concepts into an influence matrix. DEMATEL analysis demonstrates that IPv6 is currently the most likely of the four examined strategies to improve a nation's cyber defense posture.

There are two primary reasons why IPv6 scores well in this research. First, as a technology, IPv6 is more resistant to outside influence than the other proposed strategies, particularly deterrence and arms control, which should make it a more reliable investment. Second, IPv6 addresses the most significant advantage of cyber attackers today — anonymity.

Kenneth Geers

Kenneth Geers: PhD, CISSP, Naval Criminal Investigative Service (NCIS), is a Scientist and the U.S. Representative to the NATO Cyber Centre in Tallinn, Estonia. His new book, "Strategic Cyber Security," is a FREE download: http://ccdcoe.org/278.html.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats