Politics and power in cyber security
Cyber space is making many governments nervous. All international ratification and norm-setting to impose a semblance of control over state behaviour in cyber space has borrowed from the outmoded paradigms of interpreting the 'physics' of cyber operations in a physical or spatial manner.
However, cyber space has caused the four broad precepts of nation-state sovereignty to completely collapse. These are: territoriality, causality, proportionality and legality.
So says Pukhraj Singh, a security operations and threat intelligence practitioner, who will speak at ITWeb Security Summit 2019, to be held at the Sandton Convention Centre, from 27 to 31 May.
Singh will discuss: "Politics and power in cyber security: How cyber operations are intimately linked with geo-strategy."
Comparing cyber warfare to a nuclear weapons context, he says there has been a gradual shift from 'declaratory' to 'escalatory' dominance.
'Declaratory' in the nuclear context is where a nation would make a statement about its nuclear capacity, and the circumstances and conditions it would or would not use these weapons.
Escalation dominance means being able to triumph in any conflict through superior nuclear capabilities, across the whole range of tactical and strategic possibilities. This is the way cyber warfare is going, according to Singh, because merely having cyber weapons is not a deterrent and there is no yardstick to measure how this type of conflict would escalate.
Additionally, since all international norm-setting initiatives have collapsed, having been replaced by constant norm-violation, it has become a free for all, he warns.
So, in a space where there is little sovereignty or control, how can nation states hope to fight the cyber threats they face?
"The politics of cyber space is the least understood but the most powerful driver of cyber security globally. It doesn't matter if you are a state or a non-state actor: you have entered the foxhole of conflict without knowing it," says Singh.
The options offered by the contemporary enterprise security architecture are extremely limited for the simple reason that vendors, too, are the foot-soldiers of this war, he adds.
He expects his talk will change delegates' frames of reference. "The audience might start assessing the nature of cyber security risk in a different manner."