The publication of the OECD report Reducing Systemic Cybersecurity Risk has sparked a spate of misleading news stories claiming that the study demonstrates that the ‘risks of cyber war have been ‘over-hyped’.’ There is of course a delicious irony that the media is now misrepresenting and simplifying a report that supposedly identifies misrepresentation and simplification in the cyber agenda, but let’s put the record straight.

Professor Sommer and Brown’s report does indeed argue for a more nuanced approach to cyber security challenges. As this blogger pointed out in an article in November, the sensationalized media portrayal of cyber security, such as the recent mushroom-cloud embossed Economist article, is unhelpful. Reducing Systemic Cybersecurity Risk accurately describes how cyber attacks can vary radically from pedestrian ‘phishing’ scams to ‘multi-stranded stealth onslaught’ and that a more focussed response demands the establishment of a sophisticated and multi-layered common cyber vocabulary.

Any interpretation that uses this to question the Strategic Defence and Security Review’s designation of cyber security as a tier-1 threat is guilty of the same conflation of cyber warfare and cyber security in the round that the Professors criticise! That there are vulnerabilities that affect seemingly mundane activities, such as online medical health records and tax returns, is the very reason cyber is such a potentially disruptive threat. Indeed the report itself, in contrast with its presentation in the media, highlights the significance of this ‘interconnectedness’, pointing out that ‘victims of cybersecurity lapses and attacks include many civilian systems.’

Equally, the statement that ‘it is unlikely that there will ever be a true cyberwar’ should not be taken out of context. The authors are simply explaining that cyber attacks will be employed alongside, rather than instead of, conventional weapons. This should certainly not be read as an intention to reduce the significance of these new technologies – this much is clear through the report’s statement that ‘the use of cyber weaponry will shortly become ubiquitous.’

It is the very breadth of cyber security challenges that make it such a potent threat. It would be a great shame if this rigorously researched report were viewed through the same binary lens that Professors Sommer and Brown have set out to condemn.

Technorati Tags: cyber security, OECD, Professor Sommer

Tags: cyber security, OECD, Professor Sommer

This entry was posted on Tuesday, January 18th, 2011 at 10:56 am and is filed under Defence and Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.