Academic journal article American University Law Review

Mapping Today's Cybersecurity Landscape

Academic journal article American University Law Review

Mapping Today's Cybersecurity Landscape

Article excerpt


Cyberthreats recently overtook terrorism as the number one global threat to America, according to the 2013 global threat assessment performed by the U.S. intelligence community.1 This special issue of the American University Law Review represents the culmination of a concerted effort to bring together scholars, legal practitioners, industry representatives, and government officials to discuss and debate the pressing issues surrounding cybersecurity in today's increasingly interconnected environment. This effort began in October 2012 with a public symposium entitled America the Virtual: Security, Privacy, and Interoperability in an Interconnected World. One of the principal themes of the symposium was the growing threat that online security breaches present to business, government, and individual citizens. This Law Review issue offers reflections on the symposium, original scholarship, and commentary that we hope will further advance the debate.

A. Beyond the Fortress

Melanie Teplinsky delivered the opening remarks at the symposium in her speech entitled Beyond the Fortress.2 She explained that, for over a decade, the cornerstone of the U.S. approach to cybersecurity has been vulnerability mitigation; that is building stronger fortresses to protect against cyberthreats. While fortification may offer protection against some cyberthreat actors, Teplinsky argued that determined threat actors have the time, resources, and motivation to defeat even the most extensive fortification. Such determined actors may include nation-states, terrorists, and cybercriminals.

Teplinsky described the special challenge that nation-state cyberthreat actors pose to our economic and national security. First, nation-state sponsored cyberespionage poses a serious threat to U.S. economic security. State-sanctioned Chinese hackers are believed to have been stealing not only military secrets, but valuable corporate intellectual property for over a decade, to the detriment of America's long-term competitiveness.3 Prominent examples of alleged Chinese cyberoperations include Byzantine Hades,4 Night Dragon,5 Operation Aurora,6 and Operation Shady Rat.7 Teplinsky also addressed the national security threat posed by nation-state supported cyberattacks on critical infrastructure (CI), such as the August 2012 attack on the world's largest oil company, Saudi Aramco.8

Teplinsky concluded that U.S. cybersecurity policy needs to be based not only on vulnerability mitigation, but also on threat deterrence. She emphasized the need to utilize all elements of national power-military, economic, and diplomatic-to deter nation-state actors from engaging in cyberespionage and cyberwar. She also suggested that increased attention to the private sector's role in deterrence may be warranted because the private sector owns the vast majority of CI in the United States,9 is agile, and has more "eyes on the ground" than the government. In addition, the private sector may be able to help identify actors engaged in cyberespionage and sophisticated cyberattacks and help raise the cost of engaging in such activities.

B. The Promise and Peril of Being Interconnected, Interoperable, and Intelligent

Cybersecurity poses particularly acute challenges for critical components of the national infrastructure. The first symposium panel, entitled The Promise and Peril of Being Interconnected, Interoperable and Intelligent,10 examined cybersecurity implications for standards development within the electric power and healthcare industries. Jorge Contreras, Associate Professor at American University, Washington College of Law, moderated this panel. Professor Contreras, who teaches and writes about technical standardization, pointed out that standards are necessary for the interoperability of products by multiple vendors. Interoperability is critical in communications and national infrastructure, including the national power grid and the medical and financial establishments. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.