The Center for Cyber Strategy and Policy (CCSP) creates educational visualizations that illustrate complex cyber theories and strategic activities occurring in cyberspace.
The motion graphics are produced through collaboration with the University of Cincinnati's College of Design, Architecture, Art, and Planning (DAAP) co-op students and CCSP faculty and graduate students.
Educators can request CCSP cyber visualizations for use in their classrooms. To gain access to the videos, please email CCSP your name, position, institutional affiliation, an indication of intended use, and the name of the videos you require.
Cyber Persistence Theory- Chapter 1
A visualization based on the book "Cyber Persistence Theory: Redefining National Security in Cyberspace," Chapter 1 by authors: Michael P. Fischerkeller, Emily O. Goldman and Richard J. Harknett, Oxford University Press, 2022.
Data Breach: A Campaign in the Cyber Strategic Environment
Individual data breaches may appear to be separate attacks in isolation. But, if these significant data breaches are viewed together as a campaign, one can see the strategic gain.
Cyber Heist: A Campaign in the Cyber Strategic Environment
Targeted ATM cyber heists, ransomware on financial websites, and cryptocurrency could all be seen as isolated cyberattacks. However, viewed together, one can see this is a strategic campaign to raise money in order to circumnavigate international sanctions.
Cyber Persistence Part 1
In history, defense has been the primary strategy to create a country’s security. Once nuclear weapons were introduced, defense was overwhelmed. Nuclear security became a game of deterrence and avoiding war. Now, cyberspace has linked countries together and has the potential as an alternative to war for strategic gain. Cyberspace has become a fluid game of persistent engagement.
Dynamics of Cyber Persistence Part 2
Cyberspace is filled with opportunities and vulnerabilities that must be anticipated in order to set security conditions in their favor. If one can gain the cyber initiative, then one can become more secure in the short-term and hopefully in the long term. Gains are obtained when the target is unaware of the loss, or unable or unwilling to respond. The immediate gain in and through cyberspace is the reconfiguring of cyberspace technically, tactically, operationally, and strategically. Cyber campaigns show how sustaining the cyber initiative is the key to security in a world of cyber persistence.
SolarWinds: Background to a Cyber Campaign
In December 2020, FireEye was hacked, and a supply chain cyber campaign was exploited via a SolarWinds software security update to over 300,000 clients -- a regular software update penetrated hundreds of companies and many US government agencies. A prior cyber campaign points to Russia. This cyber strategic campaign was both sophisticated and precise.
Cyber Campaigns v Espionage: The SolarWinds Example
In cyberspace, scope and scale change the nature of international spying. The amount of data passed and observed exceeds any traditional espionage operations. With SolarWinds, interconnectedness allowed for data to be leaked from hundreds of systems and companies over many months. This was a two-level game with sustained knock-on effects.
Cyber Campaigns v Hacking
We need to stop thinking about episodic hacks and think in broader campaign terms that seek strategic gain over time. Primarily, states can set and maintain cyber security in their favor through strategic competition.