Into the Gray Zone
2f1BbTW
2f1BbTW
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
7<br />
Active Defense Considerations<br />
for <strong>the</strong> Future<br />
THIS REPORT IS A SNAPSHOT of active defense and its broader implications as <strong>the</strong>y exist<br />
today. However, it is important to recognize that this field will be constantly evolving—including<br />
from <strong>the</strong> standpoint of technology and law. With respect to technology, key questions<br />
for <strong>the</strong> future include: how active defense will be impacted by <strong>the</strong> Internet of Things (IOT),<br />
cloud computing, increasingly distributed enterprises, and <strong>the</strong> changing capabilities and intentions<br />
of threat actors? Certainly <strong>the</strong> IOT will expand exponentially <strong>the</strong> opportunities for<br />
adversaries to attack. At <strong>the</strong> same time, from <strong>the</strong> defender’s perspective, <strong>the</strong> task of identifying<br />
potential vulnerabilities and acting to mitigate <strong>the</strong>m before and after breach will become<br />
more complex and more resource-intensive. The tradeoff is that <strong>the</strong> IOT will bring increased<br />
convenience and functionality for both business and consumers; but it will come at a price.<br />
Cloud computing also cuts two ways. On <strong>the</strong> one hand, it opens up avenues for a wider range<br />
of enterprises to obtain services for cybersecurity and o<strong>the</strong>r purposes. On <strong>the</strong> o<strong>the</strong>r hand, <strong>the</strong><br />
cloud also changes <strong>the</strong> landscape in which adversaries operate by providing a tempting target,<br />
rich in assets for attack. Whereas potential targets may currently be more dispersed, <strong>the</strong> cloud<br />
concentrates <strong>the</strong>m to a greater degree—although <strong>the</strong> owners and operators of Internet-based<br />
cloud technologies and services may be comparatively well-placed to defend <strong>the</strong> valuable constellations<br />
of data and o<strong>the</strong>r assets that are effectively entrusted to <strong>the</strong>m. Ano<strong>the</strong>r trend, in<br />
<strong>the</strong> form of increasingly distributed enterprises, also alters <strong>the</strong> cybersecurity ecosystem for<br />
network defenders and network attackers at once. Here again, <strong>the</strong> evolution in practice brings<br />
with it new challenges for <strong>the</strong> in-house security practitioner, including “more places where it<br />
[data] must be protected.” 129<br />
As technology continues to change so too will <strong>the</strong> capabilities—and accompanying intentions—<br />
of threat actors. However, <strong>the</strong> counterforces <strong>the</strong>y face will not remain static ei<strong>the</strong>r: new elements<br />
will enter <strong>the</strong> fray, and <strong>the</strong> capacities and roles of existing actors will develop as well. For<br />
example, what is <strong>the</strong> role for state and local governments when it comes to active defense? Just<br />
as <strong>the</strong>se authorities have become ever-more involved over time in matters of cybersecurity more<br />
generally, one might expect state and local officials to participate (eventually) in <strong>the</strong> domain of<br />
active defense in particular.<br />
Ano<strong>the</strong>r important question for <strong>the</strong> future is: how will international norms develop in this<br />
area? The answer depends upon individual actors (state and non-state) as well as <strong>the</strong> totality<br />
of <strong>the</strong>ir conduct. These practices and <strong>the</strong> statements made in support of—or in protest to—<br />
<strong>the</strong>m will constitute evidence of emerging global parameters of acceptable behavior. Formal<br />
international instruments such as global treaties are, admittedly, generally difficult to draft<br />
and bring into force given <strong>the</strong> wide variety of competing viewpoints that must be accommodated<br />
and reconciled. Therefore, it may prove constructive in <strong>the</strong> shorter term to work<br />
towards a more informal international understanding of what should be <strong>the</strong> core body of<br />
37