Abstract
Moderate and measured takes on cyber security threats are swamped by the recent flood of research and policy positions in the cyber research field offering hyperbolic perspectives based on limited observations. This skewed perspective suggests constant cyber disasters that are confronting humanity constantly. The general tone of the debate argues that cyber war is already upon us and our future will only witness more cyber doom. However, these hyperbolic perspectives are being countered by empirical investigations that produce the opposite of what is to be expected. It is generally observed that limited cyber engagements throughout the geopolitical system are the dominant form of interaction. Our task here is to offer a different path forward. We first posit what can be known about cyber security interactions with data as well as what cannot. Where is the water’s edge in cyber security research? We then examine the known works in the field that utilize data and evidence to examine cyber security processes. Finally, we conclude with an offering of what types of studies need to be done in the future to move the field forward, away from the prognostication and generalizations so typical in the discourse in this constantly changing and growing field.
Highlights
Issue This article is part of the issue “Global Cybersecurity: New Directions in Theory and Methods”, edited by Tim Stevens (King’s College London, UK)
In the process of collecting data on these state-based cyber events, we found that official leaks to the media have been helpful, but more importantly for the cyber security field was the obvious impetus by cyber security firms to demonstrate their ability to identify attacks and release reports forensically accounting for the process behind the attacks
Establishing knowledge about the cyber security domain is critical because it is recognized as a Tier 1 security threat
Summary
Beginning in 2014, various news organizations began reporting on a particular cyber security firm, Norse Corporation, and their active cyber threat map (Walker, 2015). While sometimes a useful method to gather threat intelligence if presented a sleight of hand for an attractive target, honeypots as reported in popular discourse are not exactly an accurate representation of the cyber threat landscape In this case, the goal was to demonstrate the ability to track global attacks to gain interest in the company and promote its capabilities. Politicians, pundits, and practitioners have jumped on this doomsday narrative and have promoted cyber arms races, offensive advantage, and deterrence strategies to stay one step ahead of would be adversaries in order to prevent them from infiltrating networks out of fear of massive retaliation These revolutionists point to acts such as Stuxnet, Shamoon, Sony, and the Office of Personal Management (OPM) hack as the new norm of conflict between states, and that the US is losing ground with every tolerated cyber-attack on American networks. In a domain thought to be mostly secret, how do you collect data on what most of the population assumes is uncollectable and mainly classified? Why even seek to overcome this challenge, given the high degree of difficulty? In this article, we will review why the need to collect data on cyber security interactions, how the process can be conducted and is possible but happening, highlight ongoing attempts to empirically assess the cyber security complex
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.