This Article 
 Bibliographic References 
 Add to: 
Deterring Strategic Cyberattack
September/October 2011 (vol. 9 no. 5)
pp. 36-40
David Elliott, Stanford University
Protecting critical infrastructure from cyberattacks by other nations is a matter of considerable concern. Can deterrence play a role in such protection? Can lessons from nuclear deterrence—the most elaborated and successful version of deterrence—be adapted to the cyber case? Currently, little overlap exists between the two, although that might change in the aftermath of an extensive, destructive cyberattack. The most effective way to protect the cyber-dependent infrastructure is a comprehensive defense (deterrence by denial), which was impractical in the nuclear regime. However, this approach presents challenges. Existing legal norms, particularly those related to controlling collateral damage, might provide some deterrence. Another option might be a new international agreement, but that would involve several difficult issues.

1. "Comprehensive National Cybersecurity Initiative," White House, 2 Mar. 2010; .
2. US Nat'l Research Council, Technology, Policy, Law, and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities, W.A. Owens, K.W. Dam, and H.S. Lin eds., Nat'l Academies Press, 2009.
3. , "Deterring Cyberattacks: Informing Strategies and Developing Options for US Policy," Nat'l Academies Press, Oct. 2010.
4. M.C. Libicki, Cyberdeterrence and Cyberwar, RAND, 2009.
5. R.L. Kugler, Cyberpower and National Security, Potomac Books, 2009, ch. 13.
6. R.A. Clarke and R.K. Knake, Cyber War: The Next Threat to National Security and What to Do about It, HarperCollins, 2010.
7. Report of the Committee on Political and Social Problems (Franck Report), Univ. of Chicago, 11 June 1945; issues/scientificfranck-report.htm.
8. J. Markoff and T. Shanker, "Halted '03 Iraq Plan Illustrated US Fear of Cyberwar Risk," The New York Times,2 Aug. 2009.
9. S.J. Lukasik, "A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declaratory Policy for These Domains," Proc. Workshop Deterring CyberAttacks: Informing Strategies and Developing Options for US Policy, Nat'l Academies Press, 2010, pp. 99–122.
10. "Remarks by the President on Securing Our Nation's Cyber Infrastructure," White House, 29 May 2009; .
11. "Critical Foundations: Protecting America's Infrastructures: The Report of the President's Commission on Critical Infrastructure Protection," White House, 11 Oct. 1997;
12. W.K. Clark and P.L. Levin, "Securing the Information Highway," Foreign Affairs, Nov./Dec. 2009, pp. 2–10.
13. "Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure," White House, 29 May 2009; .
14. "Defending America's Cyberspace: National Plan for Information Systems Protection Version 1.0," White House, 7 Jan. 2000;
15. D. Elliott, "Weighing the Case for a Convention to Limit Cyberwarfare," Arms Control Today, Nov. 2009;

Index Terms:
cyber security, cyberattack deterrence, cyberwar, nuclear deterrence versus cyber deterrence
David Elliott, "Deterring Strategic Cyberattack," IEEE Security & Privacy, vol. 9, no. 5, pp. 36-40, Sept.-Oct. 2011, doi:10.1109/MSP.2011.24
Usage of this product signifies your acceptance of the Terms of Use.