04/15/2019 Colloquium Series - Ronald Deibert: “A Tale of Two Cyber Conflicts: Civil Society and Commercial Threat Reporting”
From David Price on April 15th, 2019
Public and academic knowledge of cyber conflict relies heavily on data from commercial threat reporting, but this data provides a distorted view of cyber threat activity. Commercial actors are selective about the threats they focus on and what they report in public documents. This selection bias hampers not only scholarship on cybersecurity, but also has concerning consequences for democracy. Threat reporting can be conceived as a public good that is by and large provided by actors in the private sector. As collective action theory leads us to expect, accurate threat reporting is underprovided while the interests of commercial information security firms in high-end threats to high-profile victims are overrepresented. Prevalent threats to civil society organizations, which lack the resources to pay for high-end cyber defense, tend to be ignored. Commercial threat reporting thus presents a truncated sample of cyber conflict. We present and analyze an original dataset of available public reporting by the private sector as well as independent research centers. We also present three in-depth case studies tracing reporting patterns on a cyber operation targeting civil society. Our findings strongly confirm the hypothesized selection bias in reporting.