Cyber deterrence with imperfect attribution and unverifiable signaling

Welburn, Jonathan William; Grana, Justin; Schwindt, Karen

doi:10.1016/j.ejor.2022.07.021

Cited by 7 publications

(4 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…31 Efforts to share information among defenders may lead to gains in efficiency and efficacy, both defensive and productive, but may also present cyber-specific downside risk, and hence trade-offs, depending on the form of the sharing. 32 Within the context of the cybersecurity of industrial supply chains, information-sharing could mean sharing cyber threat intelligence between defenders in the forms of vulnerability information or threat information, sharing or signaling defensive posture and offensive capability between attackers and defenders (see Welburn, Grana, and Schwindt, 2023, and the extended discussion in Appendix B), and sharing intellectual property (e.g., designs or specifications) between firms. Of particular concern are the possibilities of revealing information that an adversary can exploit to its advantage or of expanding the attacker's attack surface by conveying additional points of entry that increase the probability of successful attacks.…”

Section: Cyber-specific Concerns About Information and Visibilitymentioning

confidence: 99%

“…34 However, even when detection and retaliation are possible, the literature suggests that deterrence strategies that either publicly name and shame or retaliate in kind may be effective, but only some of the time against some adversaries. For more on retaliation with imperfect detection and attribution, see, e.g., Edwards et al (2017) and Welburn, Grana, and Schwindt (2023). LaTourrette, 2015, andHaphuriwat, Bier, andWillis, 2011, respectively).…”

Section: Cyber-specific Concerns About Information and Visibilitymentioning

confidence: 99%

“…This research suggests that weak attribution can promote aggression, insomuch as attackers will tend to ratchet up their aggression to nearly match that of the most aggressive attacker. Welburn, Grana, and Schwindt (2023) defines a basic attribution game between an attacker and a defender, similar to that in Edwards et al (2017), in which attackers and defenders choose whether to attack or retaliate, respectively, but defenders must choose without knowing whether they have been attacked. Welburn, Grana, and Schwindt built on the game by adding signaling.…”

Section: Games In Cybersecuritymentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

2023

View full text Add to dashboard Cite

In mid-2019, the Air Force Research Laboratory (AFRL) asked RAND Project AIR FORCE (PAF) for assistance understanding how cyber-related risks compare with other risks to its defense-industrial supply chains-a scope that included supply chains for hardware, not supply chains for software per se-and exploring implications for risk assessment and mitigation and for research. Over the next 18 months, PAF sought to characterize cyber-related risks to supply chains and identify directions for addressing the distinct-unique, exceptional, and sometimesreinforcing-challenges that cyber-related risks pose to defense-industrial supply chains and, hence, to supply chain risk management (SCRM).This report discusses that PAF research effort. The effort was part of a larger undertaking that also explored national security policies at the nexus of cybersecurity and SCRM, as well as tools and frameworks for addressing cyber-related risks. The report complements a body of recent RAND work, including several studies on the cybersecurity of Department of the Air Force weapon systems and industrial control systems, cyber vulnerabilities, and global supply chain risks. It should be of interest to those seeking to secure the supply of defense industrial products from the risks of cyberattacks, primarily from the perspective of SCRM, and across research and policy communities.

show abstract

Section: Cyber-specific Concerns About Information and Visibilitymentioning

confidence: 99%

Section: Cyber-specific Concerns About Information and Visibilitymentioning

confidence: 99%

Section: Games In Cybersecuritymentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

2023

View full text Add to dashboard Cite

show abstract

“…Information and data are among the most significant things that a hacker seeks to access in order to control the system and exploit customers. The cyber security system consists of three essential elements: Cyber force [6], cyber defence [7], and cyber deterrence [8]. The primary position of cybersecurity is to put in place mechanisms to defend the computer network, protect the electronic environment, and ensure the safe transfer of information between government institutions and agencies without the presence of unauthorized persons or malware software aimed at controlling and manipulating the system [9][10][11].…”

Section: Introductionmentioning

confidence: 99%

The Purpose of Cybersecurity Governance in the Digital Transformation of Public Services and Protecting the Digital Environment

2023

MJCS

View full text Add to dashboard Cite

The process of digital transformation is considered one of the most influential matters in circulation at the present time, as it seeks to integrate computer-based technologies into the public services provided by companies or institutions. To achieve digital transformation, basics and points must be established, while relying on a set of employee skills and involving customers in developing this process. Today, all governments are seeking electronic transformation by converting all public services into digital, where changes in cybersecurity must be taken into account, which constitutes a large part of the priorities of nations and companies. The vulnerability to cyberspace, the development of technologies and devices, and the use of artificial intelligence in the growth of modern applications have led to the acceleration of the digital transformation process and the utilization of its services. To adopt straightforward programs and strategies to establish cybersecurity governance that can be trusted and practical in completing tasks without hacking and tampering with data and information. In this article, the importance of cybersecurity governance is highlighted in providing safe and effective technical means that have the ability to face all threats and challenges and preserve the data of individuals in various sectors.

show abstract