On the Use and Strategic Implications of Cyber Ranges in Military Contexts: A Dual Typology

Andrew Dwyer, Kathrin Moog, Jantje Silomon, Mischa Hansel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

47 Downloads (Pure)

Abstract

The use of simulated environments in cybersecurity – cyber ranges (CRs) – have become a popular method and tool to support training and education, assess system vulnerabilities, as well as to test and probe computer networks. Yet, CRs can be adopted to improve and enhance adversarial skill sets, tools, and operations that are attractive for military applications. This paper develops a strategic typology on how CRs have been used and adopted in military contexts (CRiMCs), where states have turned to CRs as one method to build cyber capacity, address proportionality and responsibility of cyber operations, as well as offer training and education.

We identify CRiMCs that offer two strategic purposes: 1) reserved for sovereign use and capability development and 2) those intended to support cyber capacity building through domestic resilience and collaborative inter-state exercises. We thus ask, why do states establish sovereign cyber ranges ‘on top’ of being involved in collaborative ones? Why and how do they differ? To answer such questions, this paper delves into both the crucial technical components that support each CRiMC type and their implications by offering exemplars from five states (Lithuania, Norway, Slovenia, the Netherlands, and the USA). The paper concludes with some preliminary thoughts on future research avenues on CRiMCs and their implications for the use and governance of state cyber capabilities.
Original languageEnglish
Title of host publicationInternational Conference on Cyber Warfare and Security
PublisherAcademic Conferences and Publishing International Limited
Publication statusAccepted/In press - Mar 2023

Cite this