2017 State of the Field of Cyber Conflict Workshop

On June 8th and 9th, the Cyber Conflict Studies Association and the Saltzman Institute of War and Peace Studies at Columbia University’s School of International and Public Affairs co-hosted the second annual Workshop on the State-of-the-Field of Cyber Conflict. The event brought together practitioners, academics and policymakers to explore the dynamics of cyber conflict: the forces, movements and behaviors of conflict and warfare over and through the Internet, connected devices, and other IT.
The SOTF Workshop is perhaps the only cyber-related event which is not dedicated necessarily to finding answers. Rather the SOTF is driven to be sure we are asking the right questions. The participants discussed cyber conflict as a field of research, agreed on primary topic areas of research, reviewed the core questions in each of those topics, created a shared understanding of existing research on those questions, and identified canonical works. The major questions include a wide range, such as: What is cyber power? How is cyber conflict most alike, and most different, from other kinds of conflict? Is it more or less escalatory than conflict in the air, land, sea or space? How can states and non-states encourage restraint?
Breakout sessions focused on these core topics:
Each breakout sessions was led by a moderator who worked with rapporteurs to provide substance and structure the discussion which followed Chatham House rules. In additional to established researchers, PhD candidates played a particularly significant role in the event as both rapporteurs and participants. New scholars are frequently the ones most in need of this material and who can produce literature reviews and research which will fuel future conferences.
The 2016 SOTF Workshop Report is available here.
Thanks to the Carnegie Corporation of New York, the William and Flora Hewlett Foundation, and Columbia’s Global Policy Initiative for their support

Join the CCSA Mailing List

The CCSA Board uses a mailing list to notify the community about coming events, interesting publications and developments in the cyber conflict research world. 

You can find the signup form at the main CCSA website here, or visit this link:


What are the Costs of Cyber Crimes and Cyber Espionage?

Is cyber crime "the greatest transfer of wealth in human history," or just a "rounding error in a fourteen trillion dollar economy?"  First of all, it is very difficult to estimate how much is lost every year as a result of cyber crimes, from a few billion to hundreds of billions of dollars.  Some companies conceal their losses, sometimes they don't even realize they are suffering losses, and it is hard to put a value on intelectual property.  The large dollar amount is not the only measurement.  We must also consider the effects cyber crime has on trade, technology, and competitivenes, such as the pace of innovation, distortion of trade, and social costs from job loss.  High end estimates see loss of jobs at over 500,000 due to cyber crime.  Losses due to malicious cyber activity can be broken down into six parts: loss of intellectual property and confidential information, cybercrime, loss of sensitive business information including manipulation of stock market, opportunity costs, additional costs of defending networks, insurance, etc., and loss of reputation to hacked companies.  In the end, the larger effect may be on everything else affected by cyber crime than a specific dollar amount.  If more is not done to combat cyber attacks, there could be many short and long term effects in the coming years.  For more information on the costs of cyber crime, click here.


Iran: How a Third Tier Cyber Power Can Still Threaten the United States

On July 29, a conference was held by the Atlantic Council's Cyber Statecraft Initiative to discuss Iran's threat as a cyber power to the United States in the Cosmos Club in Washington, DC.  The panel included Atlantic Council's Barbara Slavin, Atlantic Council and CCSA's Jason Healey, CrowdStike's Dmitri Alperovitch, and George Washington University's Frank Cillufo.  The panel began by discussing the current state of Iran with its recent elections and a cautious optimism for change with the new minister.  They then shifted to discussing Iran's current cyber capabilities, such as while still being limited to destruction of data and disruption of services, within five years, could be on the same level as the US, China, and Russia, among others with a higher intent to do damage than all the others.  A main target for Iran has been the United State's financial sector, especially the banks.  This is likely due to the economic sanctions placed over Iran by the United States.  With current attacks not being overly damaging, such as attacks on the banks usually only lasting a day or two, with little actual damage to the bank, the US continues to add more infrastructure to the Internet.  It is a matter of time before Iran attacks a target that is very vulnerable, where they can keep it down for a long period of time and cause serious damage.


A Fierce Domain Launches

 On July 18, A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, edited by CCSA's Jason Healey, successfully launched at George Washington University's Homeland Security Policy Institute.  This book is the first of its kind to provide a comprehensive history of cyber conflict, discussing a number of early attacks that served as wake up calls to the need for greater cyber security.  The book also goes on to identify important lessons for policymakers.  For more information on A Fierce Domain, click here.  For more coverage on Jason Healey and A Fierce Domain, check out these stories: Digital Doomsters and The Future of US Cyber Command.  To purchase the book from Amazon, click here.  Below are pictures from the launch event.