Deterrence after Stuxnet By John Arquilla. cacm
Thus the apparent "usability" of cyber attack and the relatively easier "accessibility" of such a capability may create a situation in which deterrence becomes problematic. When the "D" in MAD stands for "destruction," deterrence is robust. But when the grim acronym is read as "mutual assured disruption," a less stable situation will likely arise.
The relevance of thinking about deterrence in the pre-atomic age should be recognized, and considered in the international discourse on cyberwar. Indeed, it is striking to see, even in quite early works, the rejection of MAD-like scenarios of aerial bombing.
Ashmore argued in favor of developing air defenses. His voice, and some others, carried enough weight to encourage British leaders to design and build a very effective Fighter Command—a defense network in which radars and observation posts were to vector in attack aircraft to intercept enemy bombers.
The challenge now is to design an Information Age version of Britain’s Fighter Command of 75 years ago. Evidence at hand suggests most of the world’s nations are quite far from that goal.
Its also possible that we invite attack by concentrating intellectual property where it can be hit. The advantage granted to Siemens in the manufacture of motor controllers meant that they were a concentrated target for Stuxnet. Proliferation constitutes one form of cyber defense.