RESILIENT SECURITY 78 September/October 2019 Copublished by the IEEE Computer and Reliability Societies 1540-7993/19©2019IEEE Editors: Mohamed Kaâniche, mohamed.kaaniche@laas.fr | Richard Kuhn, d.kuhn@nist.gov Applying Resilience to Hybrid Threats Igor Linkov | U.S. Army Corps of Engineers Fabrizio Baiardi | University of Pisa Marie-Valentine Florin | International Risk Governance Center, École Polytechnique Fédérale de Lausanne Scott Greer | University of Michigan James H. Lambert | University of Virginia Miriam Pollock | U.S. Army Corps of Engineers Jean-Marc Rickli | Geneva Centre for Security Policy Lada Roslycky | Independent Defence Anti-Corruption Committee Thomas Seager | Arizona State University Heimir Thorisson | University of Virginia Benjamin D. Trump | U.S. Army Corps of Engineers D igital interconnectedness has revolutionized how we acquire information and make decisions. Information—whether news being distributed on the Internet or a status update on social media—can now percolate almost instantaneously through a network. Although such digital interconnectedness has gen- erated tens of billions of dollars of business revenue each year and vastly improved social connectivity, it also raises the potential for delib- erate misuses of digital systems to wreak havoc on at-risk or unsuspect- ing users. As systems to spread and store information among diverse networks have become more effi- cient, they have also become more vulnerable. Misuse of these systems generates increased levels of harm to larger populations and user groups than in decades past. Hybrid threats represent the crux of this problem. Defined as a component of irregular warfare or cyberwarfare, hybrid threats are char- acterized by the deliberate attempt to disrupt or obfuscate the normal flows of accurate information to the public or a set stakeholder group within a government, company, or other relevant organization. Hybrid threats can be launched by both state and nonstate actors, and they aim to exploit vulnerabilities to engender social, economic, or organizational disharmony within a target group. 12 The capacity of an organiza- tion—be it a government, company, or society in general—to recover from and adapt to the shifting land- scape of hybrid threats is known as resilience. 1 Various scholars, includ- ing Holling 2 and Gunderson, 3 have noted the benefits of applying a resilience-based approach to com- plex, interconnected, and adaptive systems. Rather than harden system components against a specific threat, such an approach prepares these sys- tems for a wide universe of possible disruptions. Likewise, Linkov et al. 4 argue that using a resilience-based framework can better position infra- structural and social systems to recover against direct and indirect disruptions alike. Where hybrid threats represent potential disruptions to interlaced and interdependent systems within national and local governments, companies, and even individual households, methodologies are needed to help identify and under- stand 1) the source of the disrup- tions; 2) the system vulnerabilities they exploit with varying degrees of success; and 3) the potential for cascading harms to infrastructure, information systems, and social har- mony and cohesion should a hybrid threat be successful. The need for such methodologies is particularly salient given the rise of cyberhack- ing, data theft, and fake news events triggered by state and nonstate actors. To address these challenges, a multifactorial, multitemporal ap- proach is needed that allows for a whole-of-system view of how dis- ruptions can percolate through- out the nested interconnections of hybrid-threat targets. A Multidomain Battlespace Popular discussions of hybrid threats and fake news events tend to focus on a single dimension-information content. The general conception holds that addressing unauthorized access to, changes to, or use of an information system and its associated Digital Object Identifier 10.1109/MSEC.2019.2922866 Date of publication: 3 September 2019