Publication

This paper explores how traditional deterrence frameworks might be applied to cyberspace, which is a thornier problem than one might think. For example, punishment-based deterrence is unlikely to work in the cyber realm and will most likely lead to a “credibility-stability paradox.” To help address domain-specific problems such as this, the text’s authors provide a number of recommendations, including 1) adopting a rewards-based approach to shaping an adversary’s decision calculus; 2) building international, rather than national, conflict reduction frameworks; 3) reducing the perceived value of cyber-attacks or, failing that, focusing on escalation control; and 5) investing in capabilities that strengthen a cyber network’s defense and resilience.