Qualche giorno fa il Ministro della Difesa britannico Hammond ha pubblicamente dichiarato che le forze armate inglesi sono sul punto di costituire una “riserva” di cyber-warriors – denominata Joint Cyber Unit e dal costo di circa 800 milioni di dollari – che sarà in grado di (contr-)attaccare ciberneticamente eventuali nemici ed aggressori.
In particolare Hammond ha sottolineato come non sia possibile, in materia di sicurezza cibernetica, limitarsi ad una mera difesa e come, invece, sia essenziale disporre, ai fini di  deterrenza, di una reale capacità di attacco:

[…] This is the new frontier of defence. For years, we have been building a defensive capability to protect ourselves against these cyber attacks. That is no longer enough.
You deter people by having an offensive capability. We will build in Britain a cyber strike capability so we can strike back in cyber space against enemies who attack us, putting cyber alongside land, sea, air and space as a mainstream military activity. Our commanders can use cyber weapons alongside conventional weapons in future conflicts.

Prescindendo dalle perplessità e dagli interrogativi che ha suscitato tale pubblica dichiarazione sarebbe interessante riflettere su come funzioni la deterrenza nel cyber-space. Thomas Rid, ad esempio, autore di un bellissimo libro sull’argomento (qui il saggio del quale il libro costituisce l’evoluzione), in un’intervista al Guardian ha evidenziato la differente natura della deterrenza nel cyberspazio:

[…] Thomas Rid, reader in the department of war studies at King’s College London questioned Hammond’s claims.
How exactly do you deter?
In cyber space, you have to penetrate a target before you can attack it, so to deter you have to attack first.
Referring to Hammond’s claims that you deter people by having an offensive capability, Rid told the Guardian: “This is not the case in cyber security”.
He added: “Building a cyber weapon means attacking first. Building an offensive capability requires knowing the target first, in detail, including unique configurations of industrial control systems — known as SCADA. Knowing the target requires penetrating the target first, through aggressive probing for intelligence. The effect is escalation, not deterrence.“
Rid added: “Code doesn’t explode on its own — an attacker has to weaponise the target: crash a plane, stop a power plant, cause a blackout. This means that a bespoke piece of attack code has to be designed for every single automated target. That is difficult.”
Rid is author of Cyber War Will Not Take Place, in which he argues that the focus on war and winning distracts from the real challenge of cyberspace — namely, that non-violent confrontation could rival or even replace violence in surprising ways. […]

E’ proprio quando ci si approccia a temi di tale rilevanza che si può cogliere l‘indispensabilità della collaborazione tra strateghi, teorici delle relazioni internazionali e tecnici.