Hoffman W., Levite A.E. Private Sector Cyber Defense. Can Active Measures Help Stabilize Cyberspace?

Monograph. — Washington: Carnegie Endowment for International Peace, 2017. — 51 [+ 7] p.The cyber revolution and ever-growing transfer of human activities into the virtual world are undermining the social contract between modern states and their citizens. Most governments are becoming unable and unwilling to protect citizens and private enterprises against numerous, sophisticated cyber predators seeking to disrupt, manipulate, or destroy their digital equities. Inevitably, states are focused on protecting governmental assets and national infrastructure, leaving themselves with modest residual capacity and resolve to underwrite other cybersecurity risks. Faced with this reality, private entities are reluctantly but increasingly complementing their passive cybersecurity practices with more assertive “active cyber defense” (ACD) measures. This approach carries substantial risks, but if guided by bounding principles and industry models, it also has the potential for long-term, cumulative benefits.About the authors.The spectrum of active cyber defense.
The case for private sector active cyber defense.
Identifying a spectrum of net-beneficial ACD.
Insights from maritime security.
A principles-based approach to private sector ACD.Appendix: International code of conduct for private sector active cyber defense.
Notes.
Carnegie endowment for international peace.