Still The International Cyber Super Power

As the world becomes increasingly interconnected, the strength of a nation's cyber power, the ability to influence and operate within the cyber domain, becomes a defining factor in its global standing. And over the last 30 years cyber capabilities have become a formidable new instrument of national power. 

As well as using such capabilities to obtain state secrets from each other, as in traditional espionage, states have also used them for a range of other, more threatening purposes. 

These include bolstering their own economic development by stealing intellectual property; threatening to disrupt the financial institutions, oil industries, nuclear plants, power grids and communications infrastructure of states they regard as adversaries. They have also attempted to interfere in democratic processes; degrading and disrupting military capabilities in wartime; and, in one case, constraining the ability of another state to develop nuclear weapons. 

So far, the US remains the most cyber capable state and it ranks number one as a world “cyber power” leader, according to a Report from Harvard University’s Belfer Center for Science and International Affairs.

Since the mid-1990s its leaders have provided clear political direction for the pursuit of national cyber power: in that time it has invested heavily in developing relevant civilian and military capabilities, gained extensive opera- tional experience and developed the world’s strongest digital-industrial base. This is highlighted by the range of US companies capable of detecting and attributing state cyber attacks and the proven sophistication of the US offensive cyber capability, military or otherwise. 

US cyber strength is also founded on a world-class cyber intelligence capability with global reach and state-of-the-art cryptographic techniques, and is amplified by highly integrated partnerships with other states that are also amongst the most cyber-capable in the world. 

Nevertheless, the ways in which the US wields its cyber power appear politically and legally constrained when compared with its main cyber adversaries, Russia, China, Iran and North Korea.  The US has sought to be a responsible offensive cyber actor, governed by international law and at pains to limit potential collateral damage. 

The US has also sought to manage its degree of dependence on cyberspace, not only for the purpose of national security, but also for economic and political reasons. This challenge is exacerbated by the complexity of its cyber governance and command-and-control structures, where the large number of agencies involved is a potential impediment to the agility of operational decision-making. 

These factors have combined to give the adversaries of the US an edge in the use of unsophisticated cyber techniques that are aimed at subversion but pitched below the legal threshold for an act of aggression that might justify an armed response. 

Doctrinal shifts such as persistent engagement and defend forward are designed to redress this imbalance. 
Nevertheless, the US performs strongly across all categories of the methodology and is alone in Tier One. 
Below the US there is a second tier of seven countries: in alphabetical order they are Australia, Canada, China, France, Israel, Russia and the UK. Each has world-leading strengths in some of the categories in the methodology. 

Compared with the other countries in the second tier, the UK and Israel are particularly strong on cyber security, core cyber intelligence, including crypto-graphic capability, and the development and use of sophisticated offensive cyber capability. 

With clear political direction, both benefit from a whole-of-society approach to cyber security with a strong and growing cyber security industrial base and innovative approaches to increasing their skilled capacity. 
They also possess a vibrant technical-innovation and start-up ecosystem. Israel’s cyber-intelligence strength appears to be heavily focused on its region, where it has no equal. 

The evidence indicates that the UK, on the other hand, has a cyber- intelligence capability with a broader, worldwide reach. The UK also has two of the 51 tech or telecoms companies that appear in the 2020 Fortune Global 500, while Israel has none. 

Both countries lag behind the US, Japan, China and others in their capacity to build future Internet infrastructure; both compensate for a comparative lack of cyber mass through close partnerships with the US, with each other and with other cyber capable nations; and both have conducted offensive cyber operations jointly with the US. 

Today, the US remains the most capable cyber state largely due to significant investments and clear political direction for the pursuit of national cyber power since the mid-1990s. Moreover, the US possesses a world class cyber intelligence capability with global reach and is amplified by integrated partnerships with other highly cyber capable states.

Belfer Center   |   IISS   |   The White House   |   Dr. Saleh AlDaajeh   |    MixMode   |    MeriTalk   | 

Lonergan & Schneider / OUP    |      C4ISRNET   |   US Defence Dept 

Image: Ideogram

You Might Also Read: 

The Impact Of Geopolitical Dynamics On The Evolving Cybersecurity Landscape


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« The British Government’s AI Action Plan 
Which Cybersecurity Trends Will Dominate 2025? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

iZOOlogic

iZOOlogic

iZOOlogic protects hundreds of the world’s leading brands, across banking, finance and government from cybercrime. We provide strong cyber defence solutions to protect client digital assets.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

Nineteen Group

Nineteen Group

Nineteen Group delivers major-scale exhibitions within the security, fire, emergency services, health and safety, facilities management and maintenance engineering sectors.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

Druva

Druva

Druva is the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10m guarantee.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

Vertex Cyber Security

Vertex Cyber Security

Vertex provide Cyber Security Services to small to large businesses including Advise, Consulting, Adding Security Partnership, Penetration Testing, ISO 27001-2 and Audits.

Secuvy

Secuvy

Secuvy leads in data security, privacy, compliance, and governance, offering a unified platform for proactive data discovery, management, protection, and enhanced data value.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.

New Relic

New Relic

After inventing application performance monitoring (APM), New Relic stands at the forefront of observability with the most advanced platform for eliminating digital interruptions.