Integrating Offensive Cyber Capabilities: Meaning, dilemmas, and assessment

Abstract: Across the world, states are establishing military cyber commands or similar units to develop offensive cyber capabilities. One of the key dilemmas faced by these states is whether (and how) to integrate their intelligence and military capabilities to develop a meaningful offensive cyber capacity. This topic, however, has received little theoretical treatment. The purpose of this paper is therefore to address the following question: What are the benefits and risks of organizational integration of offensive cyber capabilities (OIOCC)? I argue that organizational integration may lead to three benefits: enhanced interaction efficiency of intelligence and military activities, better(and more diverse) knowledge transfer and reduced mission overlap. Yet, there are also several negative effects attached to OIOCC.  It may lead to 'cyber mission creep' and an intensification of the cyber security dilemma. It could also result in arsenal cost ineffectiveness in the long run. Although the benefits of OIOCC are seen to outweighs the risks, failing to grasp the negative effects may lead to unnecessary cycles of provocation, with potentially disastrous consequences.