The authors attention was drawn today to a short article on the BBC discussing how a 19yr old had won a competition by GCHQ to provide the best form of online protection against the hacking threat. http://www.bbc.co.uk/news/technology-17333601
The emergence of Cyberspace as a new battleground has been widely predicted, and many good papers and books exist on the subject. The issue that has raised questions in the authors head is not on the importance of the UK being able to protect itself from the electronic threat, but more broadly how the current generation of computer literate individuals would be able to sit within the defence community as a whole. For those readers with an interest in such things, he would strongly commend a read of the UK Govt Cyber Security strategy paper at http://www.cabinetoffice.gov.uk/resource-library/cyber-security-strategy , which attempts to set out the UK Govts position on how it will meet the cyber threat.
What is clear is that the cyber debate represents one of the most challenging future developments that could essentially be a paradigm shift in how security is provided. The move away from the reliance on the Government to provide security for the nation, and instead a realisation that national security is dependent on a hugely complex set of companies, organisations, and groups, and that the resources required to provide this defence are a truly national asset.
While there is unlikely to be a reduction in the requirement to use physical military force in future, it is increasingly clear that the cyber context will be seen as an integrated part of any major powers military and Governmental campaign. The work sits across a range of campaign areas, and Humphrey wanted to use this article to raise a couple of questions.
Is Cyber Security something that should sit within the J1-J9 framework, or has the time come to create a J10 division to handle these matters?
This author genuinely holds no view on this, but would welcome the views of others. For while we focus heavily on issues such as hard power, soft power and influence, it does feel that Cyber Security simultaneously feels as if it sits in all of these roles and none of them at the same time.
One final question, more rhetorical than anything else, but which perhaps illustrates the complexity of this debate.
During a military campaign, is it legitimate to kinetically target a building containing an internet café full of civilian students, if those individuals are engaged in hostile acts of aggression against an opposing nation’s critical national infrastructure using cyber means? Do the unarmed civilian students represent a military threat, and how do the laws of war extend to acts involving cyber offence & defence?
Humphrey suspects there is no clear answer to either question, but feels it would make a fascinating debate - where is the line drawn for cyber purposes. Is Cyberspace to be treated as a virtual battleground for targeting purposes, or do the physical facilities and people involved in the process count as legitimate targets for a military operation?