140 likes | 324 Views
ICTs, Strategic Asymmetry and National Security. Nir Kshetri Bryan School of Business and Economics The University of North Carolina-Greensboro. Source: http://www.cartoonstock.com/directory/h/hacking.asp (Accessed: March 15, 2005) . Warfare and asymmetric technologies: Some examples .
E N D
ICTs, Strategic Asymmetry and National Security Nir Kshetri Bryan School of Business and Economics The University of North Carolina-Greensboro IBRF-2005
Source: http://www.cartoonstock.com/directory/h/hacking.asp (Accessed: March 15, 2005) IBRF-2005
Warfare and asymmetric technologies: Some examples • British Army: Adopted Maxim Machine-Gun in 1889 • Speed: 500 rounds per minute • 1893-94 Matabele war: 50 British soldiers with 4 Maxim guns fought of 5,000 Matabele warriors • U.S. Army: Cruise missiles, laser-guided bombs, satellite reconnaissance systems, high altitude reconnaissance aircraft, and unmanned aerial vehicles (Rosenberger 2005). IBRF-2005
Strategic asymmetry • Employing “some sort of differences to gain an advantage over an adversary”. • Negative asymmetry: A difference an adversary is likely to use to exploit a weakness or vulnerability. • Positive asymmetry: Capitalizing on differences to gain an advantage. • Only “desperate antagonists” depend solely on asymmetric methods. • Appropriate combination of symmetric and asymmetric methods needed. IBRF-2005
Institutions, ICTs and national security • Institutions: mechanisms that provide efficient solutions to predefined problems • A terrorist organization’s choice of media to spread its propaganda • Mafia groups’ choice of a company for online extortion • Three pillars of institutions (Scott 1995, 2001) • Regulative • Normative • Cognitive IBRF-2005
Regulative institutions and ICT-created asymmetries • P1: The lack of strong rules of law increases the degree of ICT-created positive asymmetries of cyber criminals. • P2: ICT associated business models that increase negative asymmetries of governments and citizens are less likely to gain regulative legitimacy • P3: Governments are less likely to provide regulative legitimacy to business models that allow adversaries’ to create symmetric advantages. IBRF-2005
Normative institutions and ICT-created asymmetries • Introduce "a prescriptive, evaluative, and obligatory dimension into social life" (Hoffman 1999). • Pressure from • professional associations: e.g., the Honker Union of China • non-profit organizations: e.g., American Civil Liberties Union (ACLU) • P4: The strength of normative legitimacy influences: a) the ability to use ICTs to create positive asymmetry; and b) the ability to deal with negative asymmetries. IBRF-2005
Cognitive institutions and ICT-created asymmetries • “..constitute the nature of reality and the frames through which meaning is made" (Scott 1995). • perception among Chinese policy makers: Microsoft and the U.S. government spy on Chinese computer users through secret "back doors". • P5: Perception of ICT-related security threats from an adversary results in measures to a) create positive asymmetries; b) deal with vulnerabilities of negative asymmetries. IBRF-2005
Nation/organization specific factors • Ability to create positive asymmetry and vulnerabilities of negative asymmetry • Rank effect • Degree of dependence on digital technologies • Compatibility with modern ICTs IBRF-2005
Rank effect • Rank effect: ICT deployment for national security diffuses from more advanced to less advanced nations. • Japan: plan to introduce passports with chips containing biometrics information in 2005 • Automated entry systems in the U.S.-Canada, U.S.-Mexico borders • P6: ICT deployment to create positive asymmetries and deal with negative asymmetries varies positively with the level of economic development of a nation. IBRF-2005
Degree of dependence on digital technologies • Businesses with a high dependence on digital technologies: most likely to fall victim to cyber attacks. • online casinos, banks, and e-commerce hubs • Garner (1997): • … the more proficient we become at collecting, processing, displaying and disseminating relevant, accurate information to aid decision makers, the more dependent we become on that capability and therefore the more lucrative a target • P7: An organization’s vulnerability to negative asymmetry varies positively with the degree of its digitization. IBRF-2005
Compatibility with ICTs • Anonymity features of modern ICT tools. • Encryption technologies reinforced the effect. • The “Storm Cloud” case: • U.S. officials not able to identify with certainty whether the source was a foreign government or a hacking group. • Terrorists: opportunities to get away from laws, obligations, and taboos, and express whatever they want to say • P8: The degree of ICT created positive asymmetries is positively related to the preference of anonymity functions. IBRF-2005
Managerial and policy implications • ICT/competitive strategies (e.g., outsourcing): beyond obvious considerations (e.g., core competence, human resource and service quality): Security risk • Strategies to deal with governments’ as well as cyber criminals’ measures to use ICTs to manage positive and negative asymmetries. • Integrated approaches: combine technology and policy measures IBRF-2005