A conceptual framework for cyber counterintelligence: Theory that really matters

Petrus Duvenage, Thenjiwe Sithole, Sebastian Von Solms

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Citations (Scopus)

Abstract

For those connecting the dots, major cyber breaches continue to affirm the necessity of having cyber counterintelligence (CCI) at the core of a proactive cybersecurity approach. While practitioners and executives engaging highend adversaries in the 'real world' are progressively warming up to the opportunities CCI presents, the mentioning of 'theory' is likely to evoke a cool response. Theory is typically regarded as abstract thinking that has little bearing on, or use in, 'real world' cybersecurity trenches. Theory may even be deemed to be the opposite of practice. This is of course not the case-theory is highly relevant to practice and practice ought to inform theory. In the words of Lewin (as cited by Greenwald 2012): "There is nothing so practical as a good theory." Especially for a field as complex as CCI, effective practice presupposes a sound theoretical foundation. The price for poor CCI theory will ultimately be paid through more costly failures and damaging breaches. Theoretical constructs are thus clearly not 'nice to have' academic 'toys'. These constructs, which include frameworks and models, condition our thinking and our approach to practice. In addition to its application to practice, theory should of course also be at the heart of academic disciplines and fields. Herein lies the challenge-as an emerging multidisciplinary academic field, CCI is in its infancy. Given CCI's incipient status, one of the priority agenda items ought to be a conceptual framework that (albeit tentatively) delineates and provides a coherent view of the research object-i.e. CCI. This conceptual framework can furthermore systemise existing knowledge and provide a scaffold for further research. Equally important, it can be an instrument to explain to diverse audiences what CCI is and how it works. Clearly then, a conceptual framework for CCI is theory that really matters. This paper's primary aim is to advance the outlines of such a conceptual Framework for CCI (FCCI). Our FCCI consists of eight notional blocks we deem essential to an academic credible and practically useful FCCI. In designing the FCCI, we synthesised and added to the autors' previous contributions on CCI to inter alia recent European Conferences on Cyberwarfare and Security (ECCWS). For obvious reasons, the FCCI and its building blocks cannot be explained in any detail within the confines of a single conference paper. Consequently, suffice it to provide the essential contours of, and concise rationale behind, our FCCI's design. We qualify our FCCI as a tentative postulation, hopefully constructive to the theoretical discourse and academic practice.

Original languageEnglish
Title of host publicationProceedings of the 16th European Conference on Cyber Warfare and Security, ECCWS 2017
EditorsMark Scanlon, Nhien-An Le-Khac
PublisherCurran Associates Inc.
Pages109-119
Number of pages11
ISBN (Electronic)9781911218432
Publication statusPublished - 2017
Event16th European Conference on Cyber Warfare and Security, ECCWS 2017 - Dublin, Ireland
Duration: 29 Jun 201730 Jun 2017

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS
Volume0
ISSN (Print)2048-8602
ISSN (Electronic)2048-8610

Conference

Conference16th European Conference on Cyber Warfare and Security, ECCWS 2017
Country/TerritoryIreland
CityDublin
Period29/06/1730/06/17

Keywords

  • Active defence
  • Conceptual framework
  • Cyber counterintelligence
  • Offensive cybersecurity
  • Theory

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'A conceptual framework for cyber counterintelligence: Theory that really matters'. Together they form a unique fingerprint.

Cite this