dialectics of cyber international relations and cyber defense: towards a strategic research program...
TRANSCRIPT
![Page 1: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/1.jpg)
Dialectics of Cyber International Relations and Cyber Defense:
Towards a Strategic Research Program
John C. Mallery ([email protected])Computer Science & Artificial Intelligence Laboratory
Massachusetts Institute of Technology
Explorations in Cyber International Relations (ECIR)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT
Presentation at the ECIR Workshop on Cyber International Relations: Emergent Realities of Conflict and Cooperation, MIT, Cambridge, October 14, 2010.
![Page 2: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/2.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT2
Overview Activities Under ECIR Strategic IR Research Program Cyber Defense Strategy Meta-power As IR Leverage Criteria High-leverage Research Areas Dialectics Computational Politics Selected Leverage Vignettes
![Page 3: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/3.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT3
Activities Under ECIR Stanley Cyber Monitoring & Analysis System
5 document streams Over 4k documents
Cross-organization Cyber Data Study 5 themes: international interactions, crime,
economics, defensive coordination, long-term transformations
Recommendations for cyber data collection Over a dozen organizations
Cyber Defense Strategy Work factor concept Technology strategy
Today: Linking IR to Cyber Defense
![Page 4: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/4.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT4
Strategic Research Program
How can we prioritize research on cyber international relations to focus on the highest leverage problems? Exhaustive enumeration is slow Recycling pre-existing disciplinary concepts
may lack relevance or leverage Approach
Link to cyber defense strategy Identify cyber fueled processes that drive
strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare
Elucidate those processes
![Page 5: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/5.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT5
What is cyberspace? Interdependent network of information
technology infrastructures (NSPD54/HSPD23) Internet Telecommunications networks Computer systems Embedded processors Controllers in critical industries
Virtual environment of information and interactions between people (NSPD54/HSPD23)
US Military: Electro-magnetic spectrum Information operations C4ISR, space
Supply chains for IT Computers, networks, software, crypto, id mgt., etc.
![Page 6: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/6.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT6
Big Elephant: High Cognitive Difficulty
Due Vast Cross-Cuts
Cyber insecurity has manifestations across the range of human activities where there is value Business Defense Society
Technological basis of crisis is difficult to apprehend Current COTs failures 40 years of traditional computer security Future: transformational computing & networking
Policy and legal responses are difficult Cyber spans most traditional policy domains Received legal concepts and categories are blurred Best organizational modes unclear
Responses often reflect disjointed incrementalism Analytical reductions based on received disciplinary lenses
(analogies) Proposed solutions based on repurposed concepts
Creation of integrative frameworks) is essential Enables cumulation across disciplines and knowledge areas
![Page 7: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/7.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT7
DoD Cyber Strategy William J. Lynn, Deputy Secretary, DoD
Foreign Affairs, August, 2010 NATO, September, 15 CFR, September 30
Vast vulnerabilities & critical reliance Military/Intel Critical infrastructure Private sector
Five pillars1 Domain of warfare2 Active & timely defense3 Protection of critical infrastructure4 Collective defense with allies5 Technological leverage
![Page 8: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/8.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT8
Strategic Approach
Vision Trustworthy systems and resilient society Articulation of roles and responsibilities Alignment of guiding images
Integrative Framework Effective application of resources Coordinated division of labor Common language Dynamic refinement
Objectives Prioritized Risk adjusted Time horizons
Implementing strategies High leverage Synergistic moves
Transform US cyber-infrastructures to: Resist attacks and continue to function under adversity Enhance confidence in computation and communications Enable rapid adoption of new technological advances Strength competiveness via improved agility, effectiveness, and learning
![Page 9: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/9.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT9
Defensive Complexity Analysis
Response to cyber asymmetries requires high leverage solutions Application to the entire attack value cycle (financial, political-military) Time frames: Short-term (0-2 yrs), medium-term (2-5 yrs), long-term (5-10 yrs)
Security meta-metrics focus on difficulty of attacker or defender tasks Work factor (WF) is the difficulty of executing tasks Analogous to computational difficulty in cryptography Extends beyond the technical designs to domain embeddings (cyber operations
research) Dimensions of work factors
Resources Computational complexity (mathematical leverage) Cost (often related to complexity) Expertise and Knowledge (technical specialties, domain knowledge)
Planning, execution and information management Cognitive difficulty (model as formulation of non-linear plans and counter plans) Learning difficulty (reversing obfuscation, devising new tactics or approaches) Organizational effectiveness/dysfunction (integration, learning, structure,
psychology) Risk
Uncertainty (confidence, incomplete information) Culture (risk acceptance or aversion) Information differential gain/loss (innovation, leakage by insider, espionage,
diffusion) Make technical or policy moves that cumulatively
Impose hard problems on attackers (prefer geometric impact) Facilitate coordinated defense (eliminate multipliers)
![Page 10: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/10.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT10
Defensive Strategy Decomposition:Planes of Action
Leadership organization Policy community Technology visionaries Domain architects
Cyber technology base IT capital goods industry Telecommunications
operators Identity management &
crypto sectors Standards bodies and
certification/accreditation authorities
Public sector domains Military & intelligence
systems Government systems Defense industrial base
Private sector domains Critical infrastructure Research and education
infrastructure Supply chain Major enterprise Smaller enterprise Consumer
International cooperation Allies Trading partners Regional or issue groups Global
International competition Mutual understandings Declaratory policies Norms
![Page 11: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/11.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT11
Solutions vs. Mitigations
Solution Domains (10-30 years) Science, technology, engineering R&D infrastructure Human capital IT capital goods industrial organization Critical infrastructures
Threat mitigation domains Information assurance management International cyber crime law enforcement Cooperative engagement (like minded) International norms (agreements 10+ yrs) Deterrence (cross domain responses)
![Page 12: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/12.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT12
Meta-power (BBB) As Leverage Framework
Power: Set of action possibilities and payoffs for actors within an interaction framework
Meta-power: Action possibilities that change the distribution of power resources among actors (Deutsch: Nth order power)
Strategic Competition: Contention over meta-power resources
Leverage: Impact of cyber-fueled international processes on national strategies
![Page 13: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/13.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT13
High-leverage Research Areas
Information Diffusion Economic strategy based on knowledge activities becomes
problematic Globalization
National location of key industries (and spread effects) more difficult Cyber-enabled organizational learning => higher adaptive
capacities Race for more effective organizations as a basis for national
advantage Computational support for cyber decision-making and
understanding Modeling, mechanism design, precedent reasoning, game theory,
grammars of action Cultural interpenetration
Global digital ecumene -> clash of civilizations or transcendence? Empowerment of small groups
Ability of “terrorists” to organize and cause trouble
![Page 14: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/14.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT14
Dialectics Information assurance is slippery with
many potentially self-defeating moves Centralization -> aggregation of threat Standardization -> low diversity -> scale
economies of attack Conservation of threat -> attacks move to
weaker surfaces
Two definitions of dialectics: Process and complement process Action and reaction
![Page 15: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/15.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT15
Examples of Cyber Dialectics
Ready access to S&T knowledge Faster research cycle within countries Unprecedented rates of global knowledge diffusion
Empowers global business operations (e.g., IT sector) More efficient resource utilization More conflict over loci of production
Virtual concentration of dispersed groups Critical mass to articulate knowledge interests Critical mass to organize insurgencies or nihilistic actions
Informationalized militaries (e.g., GIG) Global power projection (Gulf War 1 forward) Asymmetric power projection (cyber war)
More effective bureaucracy Improved domestic operations, law enforcement, transparency Reduced autonomy of the state (via network
interpenetration, higher scrutiny)
![Page 16: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/16.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT16
Computational Theories of Politics and IR
Karl Deutsch Political cybernetics and systems dynamics Integration theory
Hayward Alker Mathematical politics (limits – degrees of freedom, structural
change) Systems dynamics (limits – structural transformation) Generative grammars (limits – descriptive) AI and text-interpretive theories of IR (learning, meaning) Dialectics of world order
Herbert Simon AI and political science (search paradigm) Computational search in organizations (“bounded rationality”)
Lloyd Etheredge Government learning (1985) (psychology and structure)
John Mallery Computational politics (1988) Application of computational models of cognition to IR
![Page 17: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/17.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT17
CyberSocial Systems Networking and computation spread
ubiquitously 1992-2010 Cyberphysical systems
Now: Computers provide cognitive prosthetics Networks link human-computer cognitive systems
Speed -> gain in systems Faster rates of interaction Global immediacy Co-evolution and interpenetration of cyber systems
and biological cognition Computational analytical frameworks needed
Individual => social network => organization
![Page 18: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/18.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT18
Digital Noosphere (Tailard Desjardins)
Collective knowledge of humanity Under active assembly on the Web today
Culture becomes digital Expectation of increasing cultural gain
Organizational adaptation requires increased rates of learning Faster interactions (digital diplomacy) More information marshaled Better knowledge: Conflict vs. homogenization
Major challenge of modernity Networked global ecumene Opportunities for broader international integration Clash of cultures: West, Islam, South Asia, East
Asia
![Page 19: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/19.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT19
Globalization (World System Analysis)
Reinforces and extends ability of transnational firms to coordinate global production Increases centripal impact on loci of production Reduces state sovereignty, but some states can
influence firms’ locational calculi (e.g., China) New Neo-mercantilism (world order threat)
Competition for future industries Lock-in of raw materials and new markets (e.g.,
Africa) “Currency wars”
Refocus on developmental economics “Conditioned development” (Cardoso) “Spread effects” (Myrdal), “staple theory” (Innis) Industrial policy helps understand emerging powers Necessary strategy for national economic renewal
![Page 20: Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program John C. Mallery (jcma@mit.edu) jcma@mit.edu Computer](https://reader036.vdocument.in/reader036/viewer/2022071806/56649d165503460f949eb77f/html5/thumbnails/20.jpg)
Explorations in Cyber International Relations OSD Minerva Research Project at Harvard & MIT20
Strategic Research Program
How can we prioritize research on cyber international relations to focus on the highest leverage problems? Exhaustive enumeration is slow Recycling pre-existing disciplinary concepts
may lack relevance or leverage Approach
Link to cyber defense strategy Identify cyber fueled processes that drive
strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare
Elucidate those processes