The Cybersecurity Canon: The Cybersecurity Dilemma

May 08, 2017
6 minutes


We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite. 

The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!

Book Review by Guest Contributor, John Davis: The Cybersecurity Dilemma (2017) by Ben Buchanan.

Executive Summary

The Cybersecurity Dilemma is a digital age look at a traditional security dilemma that occurs when nations conduct actions to ensure their security. Some of these defensive actions can be perceived by adversaries as aggressive posturing, and can lead to escalation and even conflict or war. Ben Buchanan takes his readers on an interesting journey, starting with historical examples of how the security dilemma played out with tragic consequences or “near misses.” He analyzes recent and current cyber incidents of notoriety and the implications to the stability between nations in this emerging cauldron of risk, as a result of characteristics and challenges unique to the cyberspace environment. Using public information, he brings to light some of the most intriguing and complex cyber events that have recently captured public attention, using excellent, easy to understand analysis. He also provides rigorous analysis of the potential consequences of this “subterranean” sphere of competition and conflict in cyberspace and how it could impact international stability in the physical realm. Finally, he offers some recommendations for navigating these troubled waters in ways that may help nations reduce the risks and potentially prevent misinterpretation, miscalculation and mistakes that could lead to conflict.


The Cybersecurity Dilemma is a must-read for cybersecurity professionals from the strategic policy level to those who are more technically oriented in information technology and cybersecurity. Ben Buchanan writes of a traditional security dilemma about nations conducting activities to better defend against threats, but in doing so cause the perception among their adversaries that these same activities are for aggressive or even offensive purposes. The resulting dilemma is that, in being responsibly defensive, a nation may be provoking its adversaries, causing escalation, and undermining its own security as a result of these defensive actions.

Buchanan uses well-known examples of how this dilemma has played out over history with sometimes catastrophic, or near catastrophic, consequences. The anecdotes he uses include both traditional and cyber-related events, such as the U-2 mission during the Cuban Missile Crisis, the broad U.S. cyber contingency attack plan against Iran's aggression and nuclear ambitions, the U.S. efforts to gain intelligence on Chinese hackers, the preliminary cyber intrusions that enabled Stuxnet, and the dilemma the U.S. faced in convincing the British and Germans that they need not fear each other during the run up to World War I.

When translating this dilemma to the cyberspace environment, Buchanan takes the reader on a fascinating journey that uses open source information to cover a wide range of recent and current, contentious cyber events around the world. This journey provides tremendous, accurate insight and analysis into the how and why of some key, but still nascent, national cyber-operational efforts. More importantly, he helps to uncover and explain, in plain English, some of the potential, negative consequences of these activities, as well as some practical ways to reduce the danger of miscalculation and mistakes.

Despite having some level of technical detail and, in some instances, taking a very mechanical policy analysis perspective, I found the book to be a quick and easy read for any professional in the cybersecurity community. I especially enjoyed the way Buchanan concludes the book with some rather practical, basic advice about how to navigate the risks that the cybersecurity dilemma poses for nations. This advice encompasses a multi-pronged approach that includes strengthening the baseline cybersecurity posture and defenses within a nation, building credibility and trust with potential enemies to advance security through stability and bilateral cooperation, taking unilateral action to demonstrate the pursuit of stability, and establishing a communicated and declaratory posture for dealing with intrusions of significance. I think these points would be of interest to broader audiences in general.

Finally, this book has a very timely application to several current national and international efforts regarding deterrence in cyberspace. The Defense Science Board, which supports the Department of Defense, publicly released its report about Deterrence in Cyberspace in February 2017. According to the most recently released draft of the Trump administration’s cybersecurity executive order, there will be a requirement for specified U.S. government departments and agencies to conduct work on cyberspace deterrence as well. Having recently participated in a RAND conference about deterrence in the “grey zones” of maritime, space and cyberspace in the context of the U.S.–Japan alliance, this is yet another indicator of the level of interest in the topic. Given the interest in these and other efforts to find solutions for the issue of deterrence in cyberspace, I believe this book can inform that debate and contribute valuable insight to help with the deterrence-related issues of signaling, escalation control, declaratory policy formulation, deterrence by denial, confidence building measures and international cooperation.


 Whether you’re in the public or private sector, and no matter if you’re a policymaker having to deal with emerging cyber-related issues or a technically savvy cybersecurity professional on the front lines of the ongoing battle in the digital environment, this is a book that should go to the top of your professional reading list. The Cybersecurity Dilemma is a well-written, well-researched, important contribution to the nascent, but growing, body of literature about a relatively new challenge we are all facing in increasing scope and consequence. Ben Buchanan helps us to better understand what we are dealing with, the potential outcomes, and what we can do to better manage the risks in the digital age.

Register for Ignite ’17 Security Conference
Vancouver, BC June 12–15, 2017

Ignite ’17 Security Conference is a live, four-day conference designed for today’s security professionals. Hear from innovators and experts, gain real-world skills through hands-on sessions and interactive workshops, and find out how breach prevention is changing the security industry. Visit the Ignite website for more information on tracks, workshops and marquee sessions.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.