The Merits of CyberweaponryPeter Sommer on Reducing Systemic Cybersecurity Risk
Take, for instance, the alleged Stuxnet attack believed to have been launched last year by Israel with the backing of the United States that reportedly disabled Iranian nuclear centrifuges, causing significant delays in Iran's development of nuclear weapons.
Arguably, such a virtual attack proved more precise than a conventional barrage, Peter Sommer, visiting professor at the London School of Economics Department of Management's Information Systems and Innovation Group, says in an interview with GovInfoSecurity.com (see Cyberwar: Reality or Exaggeration?).
"There are good features in cyberweaponry in some way or another," Sommer says. "People would have assumed that cyberweapons are totally bad. Once you get over the idea that we don't have permanent world peace, and people may need to attack each other in particular circumstances, and they feel it is justified, then maybe there's a lot of good things to say about cyberweapons."
Sommer and Ian Brown of Oxford University's Internet Institute coauthored a paper entitled Reducing Systemic Cybersecurity Risk for the Organization for Economic Cooperation and Development, a forum of 34 nations that promotes democracy and the market economy.
Besides discussing the value of cyberweaponry, Sommer in the interview also addresses:
- Cybersecurity terminology, and how the lack of agreement on terminology and use of exaggerated language presents a challenge in reducing risk.
- Global shock, the cascading effect of an incident, and the risk analysis involved in addressing it.
- Pitfalls to avoid in cloud computing contracts.
Sommer also is a visiting reader in computing and technology with the Faculty of Mathematics at The Open University, a British distance learning and research university. According to his official biography, he one of the world's pioneers of digital evidence and computer forensics and has testified in criminal and civil court proceedings.
A visiting fellow in what was the Information Systems Department at the London School of Economics since 1994, he co-developed the school's IT security courses that emphasize social science, management, law and policy.
As a consultant, Sommer counsels stock exchanges, large companies and insurance providers on computer security and systems risk.