View the H-Diplo Discussion Logs by month
View the Prior Message in H-Diplo's October 2013 logs by: [date] [author] [thread]
View the Next Message in H-Diplo's October 2013 logs by: [date] [author] [thread]
Visit the H-Diplo home page.
These points are all good ones. I think it is important to bear in mind that the study of cybersecurity has to walk a fine line between threat inflation and premature disregard. It is clear that most popular and policymaker accounts of cyber threats are exaggerated, and as a result what little scholarship on cyber exists in academic journals has been almost universally critical (myself included). At the same time there is some there there, or you wouldn't have the sustained attention of presidents and cabinet officials the world round. Describing cyber as just another incarnation of espionage and sabotage is correct, but not satisfying. Likewise the internet can be described as just a souped up telegraph, but there's something more going on here for the conduct of business and war. On Stuxnet, I've written about this episode in Security Studies in some detail here: http://www.tandfonline.com/doi/abs/10.1080/09636412.2013.816122#.UmBGrFCsjLQ. Rid and I are largely in agreement that this is an act of sabotage or covert action, but I think it is further interesting that the one historical case we have of something approaching "cyberwar" actually violates three of the big assumptions about what cyberwar is supposed to be like (asymmetric, offense-dominant, undeterrable, etc.) On Tom Nichols skepticism about the word "cyber" I couldn't agree more. Sometimes "cyber war" means "scarier than war" and sometimes it means "not actually war." The rhetorical strategies in budgetary battles for cyber are totally familiar from prior bids from the RMA, COIN, airpower, and other camps. I think the imaginarium & defense politics of cybersecurity will thus make a rich topic for future historians. Of course the nature of war (Clausewitz and all that) never changes with technology, but the conduct surely does, and perhaps even more so for not-quite-war. It might make sense to use the prefix "cyber" for the same reason that we don't just call SIGINT, ACINT, IMINT, and HUMINT "intelligence"--the disciplines are different, require different expertise, and are more or less useful under different circumstances. (I'm happy calling it CNO rather than "cyber" if you prefer) Rid (and most other scholarship on cyber) is helpful in the necessary but negative work of clearing away myths. Erik Gartzke's forthcoming article in the next issue of IS is another valuable corrective. But we still have a way to go on the positive work of describing the security utility and dynamics of the internet. The reason I think that "cyber" is not "just" espionage and covert action is that it's espionage and covert action on a heretofore unprecedented scale. How do we think about this expanding nether region between peace and war, where CNO capabilities are democratized (even if not that potent), where private firms become huge assets or liabilities in the operational conduct of security, and where political-economic regulatory concerns thus loom as large as state strategy? Another way to say this is that espionage and covert action have always been rather marginal and niche activities in world politics, and have been studied only in sub-sub-fields of IR as a result; so what would IR look like it these activities were far more prevalent and central to the practice of politics? We can ask questions like that without succumbing to the technological determinism of the cyber-uberalles crowd. Jon Lindsay University of California, San Diego --