TY - GEN
T1 - Putting counterintelligence in cyber counterintelligence
T2 - 13th European Conference on Cyber Warfare and Security, ECCWS 2014
AU - Duvenage, Petrus
AU - Von Solms, Sebastian
PY - 2014
Y1 - 2014
N2 - Businesses and governments alike are grappling with configuring their cyber security postures effectively in a manner to account for rapid changes in the cyber threatscape. Defensively security policies and measures (inclusive of software and hardware technologies) on their own are wholly inadequate in protecting against proliferating threats. An effective approach for securing and advancing cyber interests will have to combine more proactive defences with intelligence on, and the engagement of, adversaries. Offensive and defensive measures, in turn, should be integrated with an institution's strategy and objectives. Appropriately conceptualised, Cyber Counterintelligence (CCI) could meet these requirements and offer a practicable approach for governments, businesses and other sizable entities. There is a precondition. To be effective, CCI should be an integral part of multi-disciplinary Counterintelligence (CI) - conceptually and in practice. However, at least in as far as consulted academic literature is concerned, such conceptualisation is lacking. Disconcertingly, the theoretical discourse about CCI is gaining momentum without a categorical explication of CI. Such theory construction is flawed and, within CI, the price for bad theory is paid in costly failures. Therefore, this paper conceptualises CCI as part of CI. To this end a cursory primer on CI is provided. Building on this primer, the paper proceeds with advancing: (i) A definition of CCI. (ii) A three-tiered postulation for conceptually integrating CCI with multi-disciplinary CI, Intelligence and Strategy. (iii) A taxonomy of CCI tools, methods and means. (iv) A matrix that has the dual purpose of (a) categorising CCI tools, methods and means; and (b) plotting a CCI posture in accordance with the nature and the needs of a specific institution.
AB - Businesses and governments alike are grappling with configuring their cyber security postures effectively in a manner to account for rapid changes in the cyber threatscape. Defensively security policies and measures (inclusive of software and hardware technologies) on their own are wholly inadequate in protecting against proliferating threats. An effective approach for securing and advancing cyber interests will have to combine more proactive defences with intelligence on, and the engagement of, adversaries. Offensive and defensive measures, in turn, should be integrated with an institution's strategy and objectives. Appropriately conceptualised, Cyber Counterintelligence (CCI) could meet these requirements and offer a practicable approach for governments, businesses and other sizable entities. There is a precondition. To be effective, CCI should be an integral part of multi-disciplinary Counterintelligence (CI) - conceptually and in practice. However, at least in as far as consulted academic literature is concerned, such conceptualisation is lacking. Disconcertingly, the theoretical discourse about CCI is gaining momentum without a categorical explication of CI. Such theory construction is flawed and, within CI, the price for bad theory is paid in costly failures. Therefore, this paper conceptualises CCI as part of CI. To this end a cursory primer on CI is provided. Building on this primer, the paper proceeds with advancing: (i) A definition of CCI. (ii) A three-tiered postulation for conceptually integrating CCI with multi-disciplinary CI, Intelligence and Strategy. (iii) A taxonomy of CCI tools, methods and means. (iv) A matrix that has the dual purpose of (a) categorising CCI tools, methods and means; and (b) plotting a CCI posture in accordance with the nature and the needs of a specific institution.
KW - Counterintelligence
KW - Cyber counterintelligence
KW - Cyber security
UR - http://www.scopus.com/inward/record.url?scp=84991260049&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84991260049
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 70
EP - 79
BT - Proceedings of the 13th European Conference on Cyber Warfare and Security, ECCWS 2014
A2 - Liaropoulos, Andrew N.
A2 - Tsihrintzis, George A.
PB - Curran Associates Inc.
Y2 - 3 July 2014 through 4 July 2014
ER -