The Federal government needs to move away from deterrence as its guiding strategy in cyberspace, and adopt a persistent security mindset instead, a U.S. Cyber Command official said today.
Emily Goldman, a strategist at Cyber Command, argued that deterrence strategies in cyberspace work particularly well in armed conflict situations. However, they have proven to be ineffective in addressing the vast amount of nefarious activity in cyberspace that occurs below the level of armed conflict, she said.
“A failure to understand this strategic competitive space has led many states to misapply the logic and strategies of coercion and conflict to this environment. And in return they suffer strategic losses as a result,” Goldman said during a Heritage Foundation event on Oct 17.
America’s adversaries, she explained, have recognized and acted on cyber persistence methods. Hackers have evolved their strategies to become stealthier – ensuring they can lurk in an environment for as long as they need in order to accomplish their mission.
But by undertaking a cyber persistence strategy or mindset, Federal agencies can operate in cyberspace understanding the underlying technology that makes up cyberspace. When that’s the case, agencies will better know how to secure their technology, and when suspicious activity occurs, Goldman said.
U.S. military cyberspace operations already are aligned with this approach. But the next step is for “whole-of-nation adoption,” Goldman said.