Protecting the information society : exploring corporate decision makers' attitudes towards active cyber defence as an online deterrence option [article]

Patrick Neal, University, My, University, My
2019
Protecting the Information Society consists of using passwords, firewalls, encryption, and educating end users on the safe internet security practices. Beginning in the 1990's a second option was briefly considered by cybersecurity professionals and then promptly dismissed; active cyber deterrence. The current doctoral proposes active cyber deterrence debate can be reformulated as a social science issue, not a purely technological solution. The following theories are incorporated into this
more » ... rch: Social Contract Theory, Sense of Justice Theory, Criminological Deterrence (Revenge, Vengeance, Vigilantism), International Relations (Securitization), and Theory of Change. The literature conducted for this doctoral research revealed 7.3 million Canadians are affected by cybercrime, resulting $840 (CAD) million in direct financial losses, and $4.7 billion (CAD) in lost productivity. On a global scale, there were 430 million cybervictims with a total cost of $388 billion (USD) in direct and indirect costs. The literature also revealed ACD is fraught with legal restrictions, in Canada, and around the world. Based on the literature, a survey was conducted to identify which issues were most relevant to corporate decision makers who would be responsible for conducting ACD. The survey results indicate five statistically significant factors: insurance liability, corporate social responsibility, punishment of cyberattackers, do more to protect, and existential threats to the information society are real. Based on the literature, survey findings, and analysis a Theory of Change model is proposed which creates a dialog for ACD debates as a social contract obligation, and also a ACD decision matrix. Future research issues are considered.
doi:10.25316/ir-5507 fatcat:aaxeaizg35fhdilr3sczxznaeq