Skip to main content


In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation's important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity defense measures, it is natural to consider the possibility that deterrence might play a useful role in preventing cyberattacks against the United States and its vital interests. At the request of the Office of the Director of National Intelligence, the National Research Council undertook a two-phase project aimed to foster a broad, multidisciplinary examination of strategies for deterring cyberattacks on the United States and of the possible utility of these strategies for the U.S. government.

The first phase produced a letter report providing basic information needed to understand the nature of the problem and to articulate important questions that can drive research regarding ways of more effectively preventing, discouraging, and inhibiting hostile activity against important U.S. information systems and networks.

The second phase of the project entailed selecting appropriate experts to write papers on questions raised in the letter report. A number of experts, identified by the committee, were commissioned to write these papers under contract with the National Academy of Sciences. Commissioned papers were discussed at a public workshop held June 10-11, 2010, in Washington, D.C., and authors revised their papers after the workshop.

Although the authors were selected and the papers reviewed and discussed by the committee, the individually authored papers do not reflect consensus views of the committee, and the reader should view these papers as offering points of departure that can stimulate further work on the topics discussed. The papers presented in this volume are published essentially as received from the authors, with some proofreading corrections made as limited time allowed.

Suggested Citation

National Research Council. 2010. Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy. Washington, DC: The National Academies Press.

Import this citation to:

Publication Info

400 pages |  8.5 x 11 |  Paperback
ISBN: 978-0-309-16035-3
Chapters skim
Front Matter i-xii
Group 1 - Attribution and Economics 1-2
Introducing the Economics of Cybersecurity: Principles and Policy Options--Tyler Moore 3-24
Untangling Attribution--David D. Clark and Susan Landau 25-40
A Survey of Challenges in Attribution--W. Earl Boebert 41-52
Group 2 - Strategy, Policy, and Doctrine 53-54
Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm--Patrick M. Morgan 55-76
Categorizing and Understanding Offensive Cyber Capabilities and Their Use--Gregory Rattray and Jason Healey 77-98
A Framework for Thinking About Cyber Conflict and Cyber Deterrence with Possible Declaratory Policies for These Domains--Stephen J. Lukasik 99-122
Pulling Punches in Cyberspace--Martin Libicki 123-148
Group 3 - Law and Regulation 149-150
Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts--Michael N. Schmitt 151-178
Cyber Security and International Agreements--Abraham D. Sofaer, David Clark, and Whitfield Diffie 179-206
The Council of Europe Convention on Cybercrime--Michael A. Vatis 207-224
Group 4 - Psychology 225-226
Decision Making Under Uncertainty--Rose McDermott 227-242
Group 5 - Organization of Government 243-244
The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence--Paul Rosenzweig 245-270
Group 6 - Privacy and Civil Liberties 271-272
Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks--Robert Gellman 273-310
Group 7 - Contributed Papers 311-312
Targeting Third-Party Collaboration--Geoff A. Cohen 313-326
Thinking Through Active Defense in Cyberspace--Jay P. Kesan and Carol M. Hayes 327-342
Appendixes 343-344
Appendix A: Reprinted Letter Report from the Committee on Deterring Cyberattacks 345-374
Appendix B: Workshop Agenda 375-376
Appendix C: Biosketches of Authors 377-384
Appendix D: Biosketches of Committee and Staff 385-388

What is skim?

The Chapter Skim search tool presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter. You may select key terms to highlight them within pages of each chapter.

Copyright Information

The National Academies Press (NAP) has partnered with Copyright Clearance Center's Marketplace service to offer you a variety of options for reusing NAP content. Through Marketplace, you may request permission to reprint NAP content in another publication, course pack, secure website, or other media. Marketplace allows you to instantly obtain permission, pay related fees, and print a license directly from the NAP website. The complete terms and conditions of your reuse license can be found in the license agreement that will be made available to you during the online order process. To request permission through Marketplace you are required to create an account by filling out a simple online form. The following list describes license reuses offered by the NAP through Marketplace:

  • Republish text, tables, figures, or images in print
  • Post on a secure Intranet/Extranet website
  • Use in a PowerPoint Presentation
  • Distribute via CD-ROM
  • Photocopy

Click here to obtain permission for the above reuses. If you have questions or comments concerning the Marketplace service, please contact:

Marketplace Support
International +1.978.646.2600
US Toll Free +1.855.239.3415

To request permission to distribute a PDF, please contact our Customer Service Department at

loading iconLoading stats for Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy...