With the following button you will be redirected to Google Translate:

to Google Translate

No Bigger Problem Than Cyber Attribution?

How to Increase Transparency and Improve Monitoring in the Digital Realm

6th part of our digital dicussion series "Cyberwarfare - Cyberpeacebuilding: On a Search for a Cooperative Security Architecture Cyberspace"



A working cooperative security architecture does require a certain level of transparency between the involved actors. An agreed transparency scheme decreases the level of mistrust and provides a fundament for taking joint actions against irresponsible behavior. In cyberspace, independent, reliable, and non-politicized monitoring and verification are widely lacking. What we witness instead is a relatively high degree of finger-pointing and naming-and-shaming. It is often said that the so-called attribution problem is the most important obstacle to transparency in the digital domain as it lowers substantially the chance to ascribe cyber-attacks and disinformation campaigns to the responsible actors. Therefore, conventional monitoring and verification methods – such as on-site inspections, sensor installations, or areal images – that are used with regard to other military technologies and weapon categories are unlikely to operate properly in cyberspace. However, in recent years several ideas were floated and proposed how to increase transparency in the digital domain and to handle the attribution problem. The purpose of this session is to elaborate and evaluate these proposals and sketch out an outlook about the future development of the debate on cyber monitoring.



Donnerstag, 20.05.2021
16:00 Uhr
No Bigger Problem Than Cyber Attribution? How to Increase Transparency and Improve Monitoring in the Digital Realm

Erin D. DUMBACHER, Senior Program Officer, Scientific and Technical Affairs, Nuclear Threat Initiative (NTI), Washington D.C.

Serge DROZ, President of the Forum of Incident Response and Security Teams (FIRST), Senior Advisor of ICT4Peace, and Senior Security Engineer at ProtonMail, Zürich

Ivan KWIATKOWSKI, Senior Security Researcher at Global Research and Analysis Team (GReAT), Kaspersky, Paris

Jonathan William WELBURN, Operations Research at RAND and Professor at Pardee RAND Graduate School, Santa Monica

17:45 Uhr
End of Discussion


Erin D. Dumbacher
is a senior program officer focusing on technology and nuclear security at the Nuclear Threat Initiative, a non-profit, non-governmental organization dedicated to building a world safe from preventable global catastrophe. She is a former strategy and research director in the private sector and received her M.A. from the Johns Hopkins University School of Advanced International Studies. She began studying cyber and international security issues in Estonia in 2010 through a Fulbright Fellowship.
Dr. Serge Droz
is a senior IT-Security expert and seasoned incident responder. Serge works as a senior security engineer at Proton Technologies. He studied physics at ETH Zurich and the University of Alberta, Canada and holds a PhD in theoretical astrophysics. He has worked in private industry and academia in Switzerland and Canada in different security roles, at a national CERT in Switzerland for more than 20 years. Serge is the chair of the board of directors of FIRST (Forum for Incident Response and Security Teams), the premier organisation of recognised global leaders in incident response. In this role he actively participates in discussion relating to cyber security at various policy bodies, in particular related to norm building. Serge is an active speaker and a regular trainer for CSIRT (Computer Security Incident Response Team) courses around the world.
Ivan Kwiatkowski
is an OSCP and OSCE-certified penetration tester and malware analyst working as a Senior Security Researcher in the Global Research and Analysis Team (GReAT) at Kaspersky since 2018. Ivan also delivers Kaspersky’s reverse-engineering trainings in Europe. He maintains an open-source dissection tool for Windows executables and his research was presented during several cybersecurity conferences. As a digital privacy activist, he also operates an exit node of the Tor network.
Dr. Jonathan William Welburn
is a RAND researcher in the fields of operations research and computational economics, a faculty member in the Pardee RAND Graduate School, and the digital gaming lead in the Tech + Narrative Lab. Dr. Welburn has led research projects seeking policy solutions to cyber risks, cyber deterrence, cyber attribution, and systemic risks. His research has been published in several RAND reports, academic journals, and news outlets including the Wall Street Journal, NY Times, and CNN.