Carnegie Endowment for International Peace
At the latest NATO summit, allies jointly identified China as a systemic challenge to alliance security. But diverging views on China’s challenge among the partners hinder a consensus on NATO action.
While there has been a great deal of recent debate about the respective roles of offense and defense in cybersecurity, the Colonial Pipeline episode highlights that a core policy challenge remains cultivating the resilience of U.S. critical infrastructure.
After the huge Colonial Pipeline ransomware attack disrupted the supply of gasoline on the U.S. east coast, insurance companies were cast in an unflattering light. But blaming firms that offer cyber insurance won’t deter cyber attacks.
UN member states have attempted to devise rules for state behavior in cyberspace. Yet disagreements have hampered those efforts, and the root causes of cyber instability remain.
New and emerging technologies have expanded states’ toolkit for repression and social control. The EU must decide whether tackling digital repression is a core geopolitical interest at the highest political level.
Future conversation needs to move beyond the military versus intelligence contest binary construct to more meaningfully explore how states may seek to use cyberspace for multiple objectives, either in sequence or in parallel.
While the United States is right to counteract illicit technology transfer and protect work opportunities for Americans, it must do so in a way that avoids inflicting unnecessary harm on its own science and innovation base by disrupting one of its most important international STEM talent sources.
The risk of the United States and China going to war, leading to a nuclear exchange, is growing by the day. Cyber operations by either or both countries increase the risk significantly, as each side is tempted to use cyber tools to gain warning and an early edge in a crisis.
To effectively counter disinformation, the EU should place greater emphasis on human rights in its formal laws and regulations, corporate measures, and civil society action.
What are the ‘rules of the road’ for cyberspace, and who sets them? The question has risen in prominence and priority as cyber threats have grown more severe. A lack of clarity about acceptable behavior enables destabilizing cyber activity.