New IGP White Paper: Is It Time to Institutionalize Cyber Attribution?

Public attribution of cyber incidents to nation-state actors is increasing. It is a challenging and important accountability function that is often performed by a combination of threat intelligence firms or other private actors and less frequently by states. But is it time to institutionalize cyber attribution? The cybersecurity community has...

WHOIS afraid of the dark? Truth or illusion, let’s know the difference when it comes to WHOIS

“Martha: Truth or illusion, George; you don't know the difference. George: No, but we must carry on as though we did. Martha: Amen.” Edward Albee, Who’s Afraid of Virginia Woolf?   Since February, the prominent security reporter Brian Krebs has been writing on his widely-read blog, Krebs on Security, that...

Defusing the cybersecurity dilemma game through attribution and network monitoring

States are stuck in a “cybersecurity dilemma”. They can’t reliably distinguish between other states’ offensive and defensive activities. E.g., surveillance or probing being used by a state for defense might look like offensive measures to those states being surveilled or probed. As a result, cyber powers engage in a never...

Year in Review: Normalization of demand for transnational Internet governance

Following the successful completion of the IANA transition in late 2016, those practicing Internet governance had big shoes to fill in 2017. Looking back, there was no similar watershed event defining Internet governance this year. But that doesn't mean there weren't important developments and stories. Whether looking broadly at issues...