The rapid rise and expansion of information technology has forever changed the way some nations understand cybersecurity. According to Sam Visner, ICF Senior Vice President for Cybersecurity and Resilience and Professor of Cybersecurity Policy, Operations, and Technology at Georgetown University, it might be time for the U.S. to adopt a new perspective, too.
Visner recently unpacked this idea at the International Affairs Forum in Traverse City, Michigan. His talk — “The Cybersecurity Stormfront” – explored the history of cybersecurity, forces that have shaped its modern-day state, and the opposing ways in which different nations view this evolving frontier.
The Road to Modern-Day Cyberspace
The forces that shaped today’s cyber landscape, Visner explained, are deeply rooted in history. Both world wars set the stage for a new era in global communication, from the Turing Machine that cracked Germany’s notorious Enigma Machine to SIGSALY, a device that enabled secure, real-time communication between Winston Churchill and Franklin D. Roosevelt during World War II.
As wartime came to a close, the 1950s saw a steady march towards computer networks (rather than simply communication methods) that were more interoperable, affordable, and ubiquitous than their predecessors. In the 1960s and 70s, Advanced Research Projects Agency Network (ARPANET), the first common format for the transmission of digital information, gave way to the Internet.
Today, an ever-increasing number of devices, industries, and processes — including our critical infrastructure — rely on computer networks, including cloud-based platforms. The rise of big data analytics, meanwhile, has made it possible to extract meaning and harness insights from the huge volume of information we collect.
This unprecedented growth comes with huge benefits, but it’s also sparked challenging questions about the meaning of privacy and sovereignty in the digital age.
The Global Definition of Cybersecurity is Changing
Today, Visner told attendees, the U.S., has a specific idea of what constitutes cybersecurity and cyberspace.
“We in the United States and Western democracies tend to look at cyberspace as a global commons and we practice cybersecurity in the global commons. We may fight in cyberspace. We might try to achieve weapons effects in cyberspace. We may try to preserve an electoral system in cyberspace, but we don’t draw borders around cyberspace. We don’t say cyberspace is sovereign territory.”
The closest we’ve come to codifying a set of laws of war as they relate to cyberspace is the Tallinn Manual, which aims to protect cyber assets in sovereign physical space.
That approach, Visner remarked, is “a good one if we’re looking to preserve and promote the values of intellectual freedom; if we’re trying to ensure that dissonant movements have sufficient privacy to operate in cyberspace; if we’re trying to promote the concepts of liberal democracy around the world.”
This isn’t the only way to look at cyberspace, though. Other nations, like China and Russia, adopt a much different point of view; for them, Visner said, it is about preserving sovereignty.
“If one thinks that cyberspace is a government can be sovereign, maybe you can get more of it. How do you expand an empire? You seize land. If you think cyberspace is sovereign territory, maybe you want more of it. Maybe interference in another country’s elections is a way of seizing cyberspace and planting a sovereign flag.”
Even if we don’t like this critical difference in perspective, Visner suggested, we will have to recognize that it exists and we will have to contend with its implications. These implications — as well as new challenges and opportunities — will be front and center at the 2017 CyberSci Symposium on September 28, 2017. To learn more about what to expect, visit our event page.