OM DU VILL HA FRED, RUSTA FÖR CYBERKRIG : sveriges cyberförsvar ur ett avskräckningsperspektiv

Banic, Filip

January 2019

In accordance with the EU Network and Information Security directive (NIS directive), the Swedish government made it mandatory for specific authorities and organizations to report IT-related incidents to the Swedish Civil Contingencies Agency (MSB). In their report from 2017, MSB stated that due to the low frequency of incoming information, the report doesn’t give an accurate picture of the actual circumstances. The same year the European Commission adopted a cybersecurity package containing multiple initiatives aimed to further better member states resilience, deterrence and handling of cyber-attacks. Due to the insufficient information in MSBs’ report, it´s difficult to determine whether the Swedish cyber defence has the ability to deter antagonistic states to conduct cyber operations or not.   The purpose of this theory-consuming single-case study was to examine the Swedish cyber defence from a deterrence perspective and thereby provide new understanding regarding Swedens’ ability to deter within the cyber domain. To do this, a conceptual framework was constructed constituting of  Phil Williams’ theory on the requirements of successful deterrence, and David J. Lonsdales’ model for cyber deterrence. Contemporary Swedish political documents, doctrines, reports and statements made up the empirical material that has been examined through qualitative text analysis.   The result of the analysis revealed that the Swedish cyber defence, from a deterrence perspective, can be described as inadequate. Despite meeting the basic requirements for deterrence to succeed, the Swedish cyber defence lacks what Lonsdale calls a comprehensive flexible cross-domain offensive capability. The absence of a cross-domain retaliatory capability in the Swedish cyber defence repertoire has a negative incidental impact on deterrence credibility. According to Williams, it’s imperative that the defender possess necessary capabilities to fulfil a threat, otherwise the deterrence won’t seem credible and therefor lack effectiveness.

Cyberförsvar

cyberavskräckning

cyberdomän

defensiv cyberförmåga

offensiv cyberförmåga

Övrig annan samhällsvetenskap

Allianstillhörighet i cyberdomänen : Tillgång eller belastning?

Swiecicki, Simon

January 2024

Alliance affiliation in the cyber domain – Asset or affliction? ABSTRACT: The aim of this study is to better understand the impact of alliance membership and the possible deterrence effect it has in the cyber domain. The problem with achieving deterrence in cyberspace is to be able to measure its efficiency when there is a constant occurrence of cyber-attacks that are perceived under the threshold of armed attack but above what constitutes a peaceful coexistence. A hegemonic status in the international system attracts interest and motive to affect from other actors’ ads to the problem when alliances are formed. Data has been extracted from multiple sources to be able to test through regression if the number of alliances have a deterrent effect, if signaling of offensive capabilities can dampen the will to attack and if the promise of al-lied retribution influences the number of cyber-attacks. The result shows that deterrence through alliances at best has a marginal effect. The strongest deterrent is being a member of an alliance that promises retaliation if attacked and that military might attract aggressors to use the cyber domain to affect their opponent. This means that membership in a defensive alliance has an insignificant deterrent effect and rising military capability can neutralize the wanted benefits of the alliance in the cyber domain.

Cyberförmåga

avskräckningsteori

extended deterrence

alliansteori

Övrig annan samhällsvetenskap