[Hebert Lin & Amy Zegart, eds. Bytes, Bombs, and Spies. The strategic dimensions of offensive cyber operations. The Brookings Institution. Washington, 2019. 438 p. ] REVIEW / Albert Vidal

review / Pablo Arbuniés

Just as in the second half of the 20th century the world experienced the degree program nuclear weapons between the US and the USSR for world hegemony, everything seems to indicate that the degree program that will mark the 21st century is that of cyberspace. Ever since the department The inclusion of cyberspace as the fifth domain of the country's military operations (along with land, sea, air, and space) has made clear the paramount importance of its role in global security.

However, the very nature of cyberspace makes it a completely different field from what we might call kinetic security fields. The only constant in cyberspace is change, so any study and strategic approach must be able to adapt quickly to changing conditions without losing efficiency and maintaining enormous precision. This is a real challenge for all actors operating in cyberspace, both national and private. At the national level, the incorporation of cyber operations into the U.S. national security strategy (NSS) and the development of a cyberwarfare doctrine by the department are the two main pillars on which the new degree program through cyberspace.

"Bytes, Bombs, and Spies" explores the big questions posed by this new challenge, presenting very different approaches to different situations. Probably the greatest value offered by the book is precisely the different ways of dealing with the same problem defended by the more than twenty authors who have participated in its elaboration, coordinated by Herbert Lin and Amy Zegart. These authors collaborate in the 15 essays that make up the book. They do it with the idea of turning a topic as complex as offensive cyber operations into something achievable for non-expert readers. topic, but without sacrificing the depth and detail of an academic work.

Throughout the volume, the authors not only propose what the approach of the framework theoretical. They also assess the U.S. government's policies in the field of offensive cyber operations and propose what the points should be core topic in the development of new policies and adaptation of previous ones to the changing cyber environment.

The book tries to answer the big questions asked about cyberspace. From the use of offensive cyber operations in a framework from conflict to the role of the private sector, through the escalation dynamics and the role of deterrence in cyberspace or the intelligence capabilities needed to carry out effective cyber operations.

One of the main issues is how cyber operations are included in the framework of the dynamics of a scale of conflict. Is it permissible to respond to a cyberattack with kinetic force? And with nuclear weapons? The U.S. government's current cyber-doctrine leaves both doors open, facing a response based on the effects of the attack over the means. This idea is described as incomplete by Henry Farrell and Charles L. Glaser in their chapter, in which they argue for the need to take into account more factors, such as the perception of the threat and attack by other actors, as well as public opinion and the international community.

Continuing with the theoretical approaches, the main question raised by this book is whether it is sensible to apply the same principles in the strategic study of cyberspace that were applied to nuclear weapons during the cold war to answer the questions posed above. And since this is a relatively new field in which global hegemony and stability can be at stake from the outset, how this question is answered can mean the difference between stability or absolute chaos.

This is precisely what David Aucsmith proposes in his chapter. In it, he argues that cyberspace is so different from classical strategic disciplines that its strategic dimensions must be rethought from scratch. The disintermediation of governments, incapable of encompassing all of cyberspace, opens up a niche for private companies specializing in cybersecurity, but even these will not be able to completely fill what the government does in other domains. For his part, Lucas Kello tries to fill the sovereignty gap in cyberspace with the aforementioned private participation, proposing the convergence between governments and citizens (through the private sector) in cyberspace.

In conclusion, "Bytes, Bombs, and Spies" tries to answer all the main questions posed by cyberspace, without being unattainable to an audience that is not an expert in cyberspace. topic, but maintaining rigor, precision, and depth in its analysis. .