HYLAND
understanding of the range of cyberthreats and possible responses.
ere is clearly some effort involved in establishing an effective
crossboundary exercise program, as well as a small organizational overhead
associated with the secretariat. However, in the (highly probable) event
of a significant and unexpected breach of cyber-security, the investment
would rapidly pay off.
e International Dimension
Cyber-security by its nature is an international problem,9 as is evident in
the sequence of international conferences on the governance of cyberspace
that began in London in 2011, continued in Budapest in 2012, and
will go forward to Seoul in 2013. However, prospects for early progress
on international agreements for the control and regulation of cyber-
weapons currently look poor. In any case, it is all too likely that even in
a benign environment cyber-warfare negotiations may be characterized
by a series of limited agreements achieved over a considerable period
of time, rather than a single comprehensive solution. Given the likely
rapid evolution of second generation high-impact cyber weapons and
the proliferation of low-impact systems, it may make best sense to focus
negotiations on limiting collateral damage and humanitarian impact.
Moreover, the challenges of effective verification and sanctions currently
appear very difficult to overcome: traditional arms control regimes rely
on verification by inspection and the possibility of punitive sanctions for
transgressors. e ease with which the development of cyber-weapons
could be concealed, as well as the problem of dual use, form a huge hurdle
to a credible verification regime. In addition, the difficulties of reliable
attribution might well hamper the application of punitive sanctions.
ere is perhaps more hope for progress in implementing cooperative
