The case for cyber counterintelligence

Abstract

A paradigmatic shift in thinking on cyber security in the 21st century is gaining momentum. This turn in thinking is rooted in a widening acknowledgement that conventional cyber security solutions no longer offer adequate protection in the face of threats posed by role players such as nation states, criminal syndicates, corporate spies, terrorists, hacktivists and rogue individuals. It is clear that securing cyber space depends not only on raising the bar in respect of existing measures, but also on taking proactive action focussing on threat agents. Views are, however, not so clear on what such proactive action should entail and how this should be integrated with conventional cyber security measures. Similarly, conceptual clarity is lacking on the configuration of an integrated response congruent with the challenges posed by the fast changing threatscape. The paper examines firstly the cyber threatscape and the challenges this poses. It proceeds with advancing cyber counterintelligence as a conceptual and practicable option to meeting cyber security challenges coherently and proactively. Although cyber counterintelligence is not a novel concept, it is academically under-explored as open-source literature on this subject is relatively sparse. In particular, the quest for an integrated conceptual model for cyber counterintelligence is still in its infancy. This paper does not purport to offer a refined model, but endeavours to propose a few contours useful to its construction. Compiled for a wide target audience that includes business professionals and academia, the paper is underpinned by principles and constructs derived from statutory counterintelligence theory and practice.