MIT white logo

Global CyberPolitics

Content & Coverage

By way of creating broad boundaries for the system and capture much of the underlying initiatives—we define four overarching domains at a high level of aggregation. Each consists of highly complex features—including actors, actions, interactions, and outcomes—individually and jointly, that are near impossible to isolate from one another. The challenge is to articulate the characteristic features of four domains:

  1. Joint CyberInternational System,
  2. Governance & Institutions,
  3. Conflict & War,
  4. Cybersecurity & Sustainability

Each Domain is then differentiated into four Dimensions. These are (i) system state or properties, (ii) system problems, (iii) scientific & technological solutions & strategies, and (iv) socio-economic & Political Solutions & Strategy. This framing is much of what makes the framing of CyberIR@MIT so fundamental to our understanding of global challenges.

Below, we highlight only the system state for each domain with the purpose of capturing its key features. A detailed accounting of all dimensions can be found on cyberir.mit.edu, as well as on the report entitled CyberIR@MIT.

1. Joint CyberInternational System

Given that cyberspace and the international system have been viewed as separate domains of interaction—each based on its own design principles—a joint system must first capture the basic features of each individual system and second, define the rules for their interconnections.

The alignment strategy of connecting the “cyber” and the “real” gives us a model within which actors and actions can be positioned and evaluated. In principle, all actors and all cyber functions can be viewed within this framework. The key features of system state for this domain consist of (1) Cyber-IR (2) intersections of layers and levels, (3) actors and activities (4) global actors and entities.

Cyber-IR system

This feature of the domain consists of the layers of the Internet and the levels of analysis in international relations, as well as supply chain features and all matters related to standards. This framing shows the interconnections between foundational features of cyberspace, on the one hand, and structure and process in international relations, on the other.

Intersection of Layers & Levels

The intersection of the levels of analysis in international relations and the layers of the Internet captures the Joint CyberIR structural “space” or arena. This intersection provides a view of the “whole” and the “parts” and helps contextualize actors and entities, and interests and activities, as well as sources of change and potential impacts. It is designed to identify the empirical features located at the intersection of levels and layers.

CyberIR Actors & Activities

A wide range of actors and entities are active in the CyberIR ecosystem. Some are formal, others informal, others are informal. They range from state-based actors to the international system.  Central among these are system managers on the one hand, and innovators, on the other.

Global Actors & Entities

The global system is the fourth level of analysis in traditional international system, transcending the international system, the state, and individuals. Global actors include the anonymous, the illegitimate, the formal and informal, and other emerging entities.

2. Governance & Institutions

Governance refers to the mechanisms—principles and norms, structures and processes—through which social activities are ordered, managed, and routinized over time. These are the system supporting elements of any system. For the most part, governance systems are generally formal & institutionalized in some manner, rather than entirely informal and based on norms and mutual expectations.

The governance of political systems is generally founded in some form of authority, often centralized. Governance involves organized structures and processes, legitimacy, and authority, as well as mechanisms of enforcement. There is no global government, but there are dominant norms supported by the state system. The expansion of the private sector—for profit and not-for-profit—is accompanied by the formalization of commensurate authority, often consistent with the hierarchical model.

Characteristic features of system state for this domain focus on (1) the state (2) the international level (3) cyberspace, and (4) all matters pertaining to data and records.

State Level

State governance and capabilities span critical public sector operations and functions, embedded in specific institutional relationships, and organized around processes generally associated with specific responsibilities.

Cyberspace has required a set of added functions and responsibilities, commensurate with the expected virtual operations.

International Level

Governance at the international level span institutional activities, private sector activities, the demand for coordinated policy responses with supportive institutional capabilities, as well as a range of treaties, conventions and global accords.

By necessity, it is important to account for the international institutional developments that enable and support the expansion of cyberspace.

Governance & Cyberspace:

The construction of the Internet brought with it a distinct set of institutions—performing specific functions—that were not conventionally managed by the public sector. To simplify, governance and institutions for the cyber domain are closely connected to the design and architecture of the Internet. Much if not all of these were set in place by private sector entities.

Over time, actors and institutions for the cyber domain evolved in different ways in relation to conventional forms of governance in the “real” domain. Among the governance features relating to cyberspace and the state system are private authority & and mechanisms, interstate arrangements, cyber diplomacy, and formal regulations.

Provision of Statistics & Records:

In addition to the traditional forms of data collection and representation—as well as the attendant institutional and other mechanisms for the observation, collection, and measurement of information—the governance pertaining to the Cyber-IR domain harbors a wide range of added data-related processes, structures, and records.

These include data regarding Internet traffic, routing and peering information, exchange points, attributes of ISP and IPS, and under networks—to note the most obvious.

3. Conflict & War

It goes without saying that conflict and war are ubiquitous features of the human condition—at all levels of analysis and in all contexts, everywhere. The construction of cyberspace and near-worldwide access to the Internet creates new uncertainties that are not readily accounted for by traditional understandings of conflict and war.

Here we focus less on the conventional modes of conflict—understood as a form of interaction among states—and more on the recent manifestations of cyber hostilities and intersections with traditional forms thereof. The domain of conflict and war is characterized by four notable features that jointly represent the “system state” These consist of: (1) arenas or “spaces” of conflict, (2) threat modes (3) actors and targets, and (4) conflict dynamics.

Conflict Systems

Three distinct conflict systems are identified by their properties. These are human systems, the natural system and cyberspace. To these must be added the intersection between and among them.

Threats Modes

Whatever the underlying source of discord, all conflicts are manifested in some threat or threat-mode. While threats in the conventional human conflict systems forms are well documented those related or pertaining to the cyber domain—in terms of tool, weapon, strategy, damage potential, and the like—are rapidly evolving and often elusive in character and impact. The same holds for underlying motivations. Weapons and “weaponization now extend within and across the conflict systems.

Traditionally, conflicting entities are generally states with known identity and military capabilities However conventional this characterization might be, it does not address today’s realities nor its generative possibilities. Both actors and targets can be states as well as non-state entities, known and unknown, with or without sovereign status, using known and unknown tools directed towards known and unknown targets. All of this creates added complexity that has yet to be understood.

Threat Actors & Targets

In the domain of conflict and war, threat actors are characterized first by focus and type, that is, layers of the Internet, levels of analysis in international relations, and their intersection. Other key features follow, such as identity (of known), intents, capabilities and instruments.

Among the major motivations are matters of national security, as well as prospects for, or protections of political or economic gain – to note the most obvious.

Conflict Dynamics

Conflict dynamics are increasingly complex, with antagonizing hostilities manifested in a wide range of venues, virtual as well as kinetic. Among the various conflict modes are deter and deflect, antagonize and escalate, and attack in physical or virtual venue. Overt cyber-IR warfare also various, ranging from cyber-centric to kinetic, or both, as well as warfare within and across conflict systems.

Invariably the impacts of conflict dynamics bear on cyber, social, and environmental systems of a mix thereof. Reconciliation and rebuilding are generally accompanied by new institutions based on new forms of authority and legitimacy.

4. Cybersecurity & Sustainability

We recognize that all systems prefer to remain sustainable. In the most general sense, sustainability is defined as:

“… the process of meeting the needs of present and future generations without undermining the resilience of the life supporting properties of nature and the integrity and security of social systems” (Choucri et al., 2007, p. 12).

This means that we must consider sustainability in terms of ecosystems of human interactions—the social system, the natural environment, and the cyber domain. In those terms, cybersecurity is a fundamental feature of sustainability. Here we draw attention to notable features of these interconnections, with cybersecurity as the “entry point” (a) ecosystems, actors, and activities, (b) threats and vulnerabilities, and (c) risk management and support systems.

Cyber & Social Ecosystems

Some of the recurrent themes include forms of cyber-attacks and damages, threat tools and strategies, known and unknown forms of exploitations and damages, impacts on social systems, and damages to life supporting properties—to note the obvious.

The critical threshold is the point at which the loads on the system are greater than the capacity of the system to manage such loads—including threats and vulnerabilities.

 Activities & Operations

Given the complexity and uncertainty associated with of both cybersecurity and sustainability, the key functions and operations pertain directly to the Joint CyberIR system, such as security access, supporting sustainability, reducing prospects for risk, as well as managing loads and capabilities.

Support Systems

Among the essential supports are the monitoring of vulnerabilities in the social, natural, and cyber environments as well as the management of capabilities. To be effective, such supports are required for all systems.

Risk & Managment

A whole range of actions are now recognized as essential for the management of risk—including social, political, technological, legal, and other(s). Risk assessments, privacy protection, system safety architecture, information security, computer network defense, and so forth are among the most salient.

References: