By Capt. Lisa Beum (Army Cyber Institute)June 18, 2019
"During the 70-year history of NATO, no ally has actually been conventionally attacked or lost its sovereignty. This is because NATO's collective defense posture -- at least in the conventional domain -- has been and will remain to be a credible deterrent," stated Estonian President H. E. Kersti Kaljulaid during her opening remarks at the annual International Conference on Cyber Conflict in Tallinn, Estonia.
Around 600 decision-makers, opinion-leaders, law and technology experts from the governments, military, academia and industry of nearly 50 countries meet at CyCon to address current cyber security challenges in an interdisciplinary manner.
"We have a great partnership with NATO and other NATO allies and partners," said Brig. Gen. Maria Biank, director of J6 European Command. Biank stressed that cyber needs to be normalized and treated like any other operational domain; she emphasized working to integrate cyber into every day systems. "We realize a best defense is a collaborative defense, a collaborative effort."
R. Adm. William Wheeler, director, plans and policy, U.S. Cyber Command, gave a short history lesson on U.S. Cyber Command's development over the years and how they will continue to shape cyberspace through persistent engagement and defending forward.
"Advantage favors those who achieve the initiative," stated Wheeler. "[Cyber Command] matured from a response force to a persistent force." Wheeler added that "being active, defending forward and enabling partners is necessary."
The conference brought together multi-disciplinary backgrounds to address current issues in today's cyberspace and offered alternative points of view.
"Self-imposed limitations, regulations, and law...leave us far behind our adversaries on cyberspace," said Adm. Manfred Nielson, Deputy Supreme Allied Commander Transformation. Recognizing our adversaries do not follow the existing international law in cyberspace, some of the panels addressed how to mitigate cyber risk, build cyber capabilities and offered thought-provoking questions as to why adversaries may be reactive or be proactive in cyber operations.
Among the hundreds of CyCon participants, two United States Military Academy at West Point faculty members were invited to attend as a speaker and moderator for a cyber law-focused panel.
Prof. Rob Barnsby, Army Cyber Institute and assistant law professor at West Point, spoke on a CyCon panel of Law and Policy of Attributing Cyber Operations. The panel was moderated by Prof. Sean Watts, West Point Military Academy faculty, and included two other panelists from NATO allies in the Netherlands and France.
According to Barnsby, the current framework is victim-focused when it comes to cyberattack attribution, and he proposed that we should also examine the perpetrators' motivation. Barnsby presented different explanations and perspectives as to why states may not be so silent with attribution and may actually be happy with being attributed to an attack.
Barnsby suggested, "Maybe the state is seeking attention or world standing, or maybe the state is seeking to illustrate its own capabilities while demonstrating victim state vulnerabilities."
Regardless of why an adversary cyberattacks, the key messages among the speakers and panelists was the need to strengthen cyber resilience and deterrence and the importance of continuing to increase information sharing among NATO allies and partners.