Cybersecurity Project

Cyberspace presents an entirely new domain that is set to dominate both communication and commerce in the 21st century, but it also holds vast potential to spark new forms of conflict. The world has already witnessed the impact of software being repurposed as malware and, as exemplified by Stuxnet, the possible birth of a new class of weapon. The conduct of espionage, counter-terrorism, and even war are all being profoundly affected, with implications for the health of the economy, the role of government, and relations with other states.

Ian Wallace, formerly a senior official in the U.K. Ministry of Defense who has been a key player in the development of U.K. and U.S. cyber strategies, will lead the Cybersecurity project, which will focus on the new policy issues generated by the increasing growth of cyber threats as well as organizations dedicated to conducting cyber operations. Wallace will be aided by a team that includes non-resident fellows Noah Shachtman, executive editor of news for Foreign Policy magazine who was recently named one of the top ten cybersecurity writers in the world; Ben Hammersley, a war journalist and technology writer; Ralph Langner, the cybersecurity expert credited with first “decoding” Stuxnet; and Peter W. Singer, director of the Center for 21st Century Security and Intelligence and author of the upcoming book CyberSecurity: What Everyone Should Know.

Areas of study for the project include:

Managing cyberspace. How does an international system that depends on the Internet as the basis for the modern global economy and communications deal with a diverse and complex range of threats, from state-sponsored malware to authoritarian regimes’ attempts to change the internet’s traditional structure and governance? How will these forces influence U.S. power? What is the role of the private sector, which owns most of the internet, in helping to address these issues? What is the proper role for the U.S. Government in dealing with these new sorts of security challenges, and in particular, what are the implications for the Department of Defense and the intelligence community?

Future trends. Technology evolves, yet a large amount cybersecurity research and resultant cyber policies too often assume a static world. Therefore, another of the project’s core tracks will take a look ahead, exploring key long-term issues, such as what “big data,” the expected shift to the “cloud,” and the evolution toward an “internet of things” will mean for cybersecurity threats and policy. Other lines of inquiry will focus on critical parts of the national security and corporate enterprises that have been ignored thus far in cyber discussion and policy debates (e.g., potential vulnerabilities in the maritime/shipping domain and other infrastructure critical to U.S. trade).

Broader lessons. Any discussion of 21st century defense and intelligence policies must now include cybersecurity issues. As such, the Cybersecurity project’s research will draw on lessons learned from the other initiatives within 21CSI. In turn, more and more of the policy concerns raised by other 21CSI scholars will directly or indirectly involve cybersecurity, which will further complicate how trends in the cyber realm will affect both the organization and operation of the Department of Defense and the intelligence community. Moreover, given the many underlying parallels, research in cybersecurity will be informed by the work developed in the Arms Control Initiative.

In sum, the new Center, located in the world’s most influential think tank will comprehensively and holistically tackle the most pressing concerns in 21st century security.