Robert Mandel offers a unique and comprehensive strategic vision for how governments, in partnership with the private sector, can deter cyberattacks from both nonstate and state actors. Cyberdeterrence must be different from conventional military or nuclear deterrence, which are mainly based on dissuading an attack by forcing the aggressor to face unacceptable costs. In the cyber realm, where attributing a specific attack to a specific actor is extremely difficult, conventional deterrence principles are not enough. Mandel argues that cyberdeterrence must alter a potential attacker’s decision calculus by not only raising costs for the attacker but also by limiting the prospects for gain. Cyberdeterrence must also involve indirect unorthodox restraints, such as exposure to negative blowback and deceptive diversionary measures, and cross-domain measures rather than just retaliation in kind.
The book includes twelve twenty-first-century cyberattack case studies to draw insights into cyberdeterrence and determine the conditions under which it works most effectively. Mandel concludes by making recommendations for implementing cyberdeterrence and integrating it into broader national security policy. Cyber policy practitioners and scholars will gain valuable and current knowledge from this excellent study.