Heading Off State-Sponsored Hacker Attacks

Posted: July 23rd, 2017

By Michael Sulmeyer

Michael Sulmeyer is the Belfer Center's Cyber Security Project Director at the Harvard Kennedy School. He is also a Contributing Editor for Lawfare. Before Harvard, he served as the Director for Plans and Operations for Cyber Policy in the Office of the Secretary of Defense. There, he worked closely with the Joint Staff and Cyber Command on a variety of efforts to counter malicious cyber activity against U.S. and DoD interests. For this work, he received the Secretary Medal for Exceptional Public Service. Previously, he worked on arms control and the maintenance of strategic stability between the United States, Russia, and China.

Time and time again companies, organizations, and government agencies have proven that they can’t completely secure their computer networks from hackers – particularly nation-states with the resources to pursue access persistently. Instead of focusing solely on network defense, the United States can adopt a deterrence strategy that dissuades foreign governments from targeting U.S. systems in cyberspace. The Cipher Brief’s Levi Maxey spoke with Michael Sulmeyer, the Director of the Belfer Center’s Cyber Security Project at Harvard University, about what a deterrence strategy might look like, and what it can and cannot do to prevent malicious cyber activity from targeting U.S. institutions.

The Cipher Brief: What are some of the similarities and differences between nuclear deterrence and cyber deterrence?

“The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Subscriber+