Stuart Russell and Nadiya Kostyuk co-authored a February 14 piece for the Lawfare Blog: “Evaluating the U.K.’s ‘Active Cyber Defence’ program.”
Kostyuk is a doctoral candidate in the Ford School’s public policy and political science joint PhD program and a fellow at the Cyber Security Project at Harvard Kennedy School’s Belfer Center. Russell is also a visiting fellow working on the project.
The authors highlight the successes of the U.K.’s Active Cyber Defence (ACD) program, launched in November 2016, and describe how the U.S. could learn from the program. The ACD program is intended to reduce the number of cyber attacks aimed inside the U.K.
Russell and Kostyuk identify three defining features of the ACD strategy: government-centered action, intervention, and transparency. Citing several applications, the authors report that the program's approach has been largely successful in its first year.
“A similar approach would have several benefits for the United States,” they write. First, a government-centered program would be more effective than the “standard approach of simply telling people how best to protect themselves.” The ACD strategy can also “improve the government’s credibility and its relationships with the cybersecurity and technology sectors.”
Finally, the emphasis on transparency can help build public trust—an important benefit, given government involvement in cyberspace “is always met with public resistance.”