For the 2024-2025, the College of Experts will be developing a new framework to researching offensive cyber across three pillars Concepts, Organisation, and Practice. This COP framework is the basis for our current activities and we will be engaging with the community on the framework over the next year. This is intended to be an interdisciplinary view on offensive cyber whether from disciplines in the sciences, social sciences, or humanities as well as for practitioners. Broadly, at this early stage, each component can be broadly considered as:
Concepts: This first pillar concerns the conceptualisation of offensive cyber and cyber conflict. For example, discussions on ‘persistent engagement’ and ‘cognitive effect’ need further engagement. However, other questions around the role of automated decision-making and cyber as an intelligence contest need further examination.
Organisation: This second pillar examines how cyber capabilities become organised. Examples of research include Smeets’ ‘PETIO’ framework. This may look at cyber commands, alliance building, legal oversight, and more.
Practices: This third pillar examines how offensive cyber operations work in practice, what technical capabilities are required, legal authorisations, to decision-making, assessment and measurement.
There are many domains that can be examined under all three pillars, e.g., the law and decision-making. Neither is this intended to be a comprehensive ordering of research and practice, but a way to bring together conversations that may occur in their own domains and disciplines together.
Offensive Cyber Working Group 