Cybersecurity between Enemies and Allies

Operational success, whether state or non-state, begins with a solid strategic plan that encompasses key objectives or targets. In today’s globally connected world, cybersecurity is holding the forefront space of challenges, vulnerabilities, and growth (Barrinha 2018). Success, in a globally connected environment, requires an understanding of the environmental systems and connections to appropriately identify the gaps in security and potential points of entry from adversarial actors (Barrinha 2018). Understanding the connected nature and networked capability of potential adversaries’ drives a need to analyze social networks as they relate to the interrelated environmental systems (Tsvetovat and Kouznetsov2011). Therefore, the ability to effectively engage within an interconnected and globalized operational environment is to understand the cybersecurity policies, trends, and vulnerabilities across western and non-western states like Russia, United Kingdom, China, and Israel.

Internationally, states are viewing cyber as the fifth domain of operations, added to air, space, land, and sea.  In 2013, fifteen countries agreed with a need for international law for the elaboration of measures, norms, rules, or principles over the cyber domain.  Today, military cyber capabilities exist in more than 40 states and of those 12 have explicitly offensive cyber capabilities.  Despite the growing application of cybersecurity strategies and advancements in the development of international laws, a standard definition of cybersecurity does not exist (Greiman 2015). 

Regardless of the state’s abilities or interest in cybersecurity, the intent is to create an ability to protect domestic networks against domestic or foreign intrusion and attack (Fischer 2016).  Cyber-attacks come in many forms. Though attacks vary widely, they generally have a geopolitical, diplomatic, or economic interest, causing business and economic organizations to get involved with political structures to consider policy-setting and strategic capabilities (Jaquire et al. 2018).  The difference is that instead of defending against states physically, the defense efforts are against actions exclusively housed within the cyber arena (Duvenage et al. 2018). 

National cybersecurity strategies in general tend to possess three main components: strategies with intelligence and counterintelligence capabilities, personal security on information held in databases, and corporate security (Vancouver 2018).  As Adamsky (2017) described Israel’s cybersecurity plan, the three interrelated vectors work together to provide robustness, resilience, and defense.  The overall intent of national cybersecurity strategies is to provide a means by which the state can protect local networks from adversary threats.

The criticality and concern coming from the international community when dealing with increasing threat potential and vulnerabilities within the cyber domain is reflected by the more than 40 countries working to establish cyber policies.  The United States and the United Kingdom both view “terrorism and cyber-attacks as the two greatest threats to national security” (Greiman 2015).   As states look at the threat posed by the cyber domain, they must consider non-traditional ways in which foreign non-state actors are leveraging networks to spread their messages — to incite fear, spread support for their anti-state ideologies, or the ability to use virtual space as a meeting location to create extremist support (Cross 2013).  

In efforts to standardize, Russia, China, Tajikistan, and Uzbekistan joined forces to submit an international code for information assurance (Grieman 2015). Australia, Canada, New Zealand, United Kingdom, and the United States banded together to create a stronger shared level of intelligence, known as the “Five Eyes” Community (Walsh 2015).  However, Israel is still leading the way in the cyber policy, strategy, and successful operations (Adamsky 2017).  Though all countries possess a mix of security interests and priorities, there is not a single consensus on how to internationally address threat conditions (Crosston 2016). In an attempt to address those conditions, countries must seek innovative and creative means to establish operations and policies to protect against globalized threats (Cross 2013).

Israel has the lead in leveraging innovation and creativity to develop tangible results and an example for other countries to emulate.   In 2002, Israel established the goals and means by which it intended to secure its portion of the cyber domain.  Seeking to find a balance between commercial and private needs with a need for national security, Israel established policies to “protect vital computerized systems of selected public and private civilian organizations.”  Not wanting to fall short on future threats, Israel included concepts of “education, R&D, security, economic development, and international cooperation” into their policy design (Adamsky 2017).  In 2015, the government established a concept of operations (CONOP) to regulate cyber mechanisms and operations focusing on cyber defense, capacity building,and structure.  Using an interrelated framework of robustness, resilience, and defense, Israel can operate, sustain, and defend their local cyber domain from intrusion and attack better than most (Adamsky 2017). 

Russia and China have similar approaches and practices.  In their efforts to collect intelligence, neither country relies solely on confidential sources or methods, nor does collection tie singularly to state-sanctioned collection requests.  More importantly, collection in Russia and China does not focus on collection against foreign agencies alone (Crosston 2016).  As part of the policy process in Russia and China, the government opts to control exposure and risk by limiting the availability of sites that threaten the influence their control over the population (Cross 2013).  While similar in their approaches, Russia and China developed individual strategies to protect their networks (Fei 2010).

China opted for a strategy with a longer-term outlook and sought to respect other nation’s objectives while fostering mutually beneficial cooperation.  China’s strategy emphasizes multilateral ties and dealing with both traditional and non-traditional threats.  China’s strategic approach consists of four prongs: the inclusion of complex, non-traditional aspects; issue-orientation over country interests; economic development to be independent of foreign technologies; and, a supposed practice of good governance and transparency.  

United Kingdom announced, in 2010, a plan to spend $1 billion US dollars over a four-year period to launch a “transformative national cybersecurity program” focused on closing the expanding gaps between current capabilities and emerging technological advancements.  The UK outlined its plan with the intention of leveraging private-public partnerships to create a single point-of-contact for cyber-crimes and security issues.  The strategy also outlined a plan to develop international cooperation with like-minded nations (Hammond 2010).  Not unlike Israel, the United Kingdom is focusing on policy development to protect privacy and reduce crime, while establishing a resilience capability.  Through private-public partnerships, the UK aims for capacity building and to implement a risk-based approach to defending against cyberattacks (Greiman 2015).

Private-public partnerships, coupled with dynamic state policies, contribute to the state’s ability for capacity building.   This is particularly important with the understanding that the private sector mainly owns and operates activities within the cyber domain for most states (Grieman 2015). While Russia and China understand this phenomenon, they opt to block sites and access as a means of controlling the internet.  The efforts of Russia are generally politically inclined, focused on the interest of making the president appear stronger. In China, the state leverages cyber abilities for economic maneuvering.  Israel selects a more comprehensive and holistic approach to managing the cyber environment.  

Tsvetovat and Kouznetsov (2011) explained the connected nature and networked capability of potential adversaries as driving social connections and purposes.  Within the cyber domain, states are able to leverage the connections and networks to shape policy, offensive operations, and international relationship development.  As Russia and China continue to work through their controlled approaches to cybersecurity, there is a need for international consensus towards cybersecurity.  In an effort to standardize an approach to cybersecurity, the international community should seek to follow in the steps of Israel (Adamsky 2017).As a soft power instrument, Israel is leveraging opportunities and threats to harness the potential of cybersecurity.  Over the last decade Russia, China, and many others have reached out to Israel. Additionally, the more success Israel has in leveraging cybersecurity to promote international ties, the greater likelihood it will lead an effort to normalize cyber across the globe (Adamsky 2017). 

As academics and practitioners continue to work toward a standard definition and understanding of cybersecurity, there is a distinct need for various states to come together in an effort to establish international norms and standards for the execution of cybersecurity.  This effort should be much the same as joint operations govern telling time or tracking targets. It is crucial that the United States continues to find ways to lead the effort to establish agreements that focus on commonalities that can benefit the reduction of cyber dangers between China, Russia, and Israel.

The effort to understand the cyber environment and its various network of connections is vital in working through concerns faced by countries emerging as a new power (i.e.,Brazil, India, Argentina, and Australia among others).  The importance of this understanding links back to Brafman and Beckstrom’s (2012) starfish and spider concepts, demonstrating the capability of groups to operate from geographically dispersed locations without a centralized leader.  Improved security within the cyber domain will assist in mitigating political, economic, and criminal activities that are counter to a state’s security strategies. Perhaps most importantly, he ability to increase cybersecurity and cooperation in the cyber domain internationally creates a possible platform to work against other threat issues such as transnational organized crime, terrorism, human trafficking, and migration from failing states. Understanding critical elements and the approach other countries use to navigate through their domestics and external threat will continue to prove to be as crucial for the United States and the interaction with other countries in the future.

Desta Bailey
Desta Bailey
Desta Bailey is a United States Army veteran with 26 years of operational experience. He completed a Bachelor of Science in Business Management from Liberty University, a Masters in Intelligence Studies from the American Military University, and currently a Strategic Intelligence doctoral student at the American Military University.