What’s in a name? Have you ever heard that adage? Well, consider this. What’s in a doctrine? Even more, what’s in the name of a doctrine? For instance, what is meant by the doctrine of deterrence? That is the doctrine that seeks to protect our own interests by making the pursuit of other’s interest either untenable or un-affordable. During the Cold War era between the late 1940s and early 1990, deterrence made sense as a doctrine that guided thinking about national security approaches. During that period, several countries acquired the means to inflict such devastating damage to another actor that the cost of doing so became both untenable and un-affordable as a reasonable means to secure one’s own interest. The security option just made little sense. Therefore, nuclear options had an inherent deterrent quality in and of themselves.
What about now? Nuclear considerations are still an important factor guiding relations between international actors, but something else has been added to mix. That is the consideration of cyber. Cyberspace and all the nuances related to connected forms of data and information technologies potentially complicates how states and other major international actors are guided by underlying schools of thought about protecting their respective interests. In other words, the doctrines that guide thinking about relations in an age of digital ecosystems are likely more sophisticated than those aiming to deter or encourage consequent behaviors.
To help frame our thinking about this is an important essay from Joseph Nye about Deterrence and Dissuasion in Cyberspace. In this piece, Nye looks at the efficacy of the doctrine called deterrence, and he raises the question as to whether this doctrine sufficiently achieves what national security needs it to achieve with respect to threats from cyberspace. His point is that the notion of deterrence may not fit with the speed and attribution issues associated with confrontations presented through cyber realm. Those challenges are both instantaneous and attributable, or mostly hard to attribute without intense forensics. These factors of responsiveness and attribution present us with a bit of a conundrum. How do we discourage such actions? How do we discourage such behavior? Can we adequately reciprocate instantaneously to whomever perpetrates a consequential cyber offense? These are important questions because they are undergirded by a doctrine that should guide thinking about to deal with these problems. The real question is, then, what is that doctrine? What is the name of the underlying thought guiding our thoughts about virtually securing the nation. Is it deterrence? Or is it something else?