The general notion is that much of the core understanding in cyber is in place. I would like to challenge that. There are still vast territories of the cyber domain that need to be researched, structured and understood. 

The growth of cyber might be stunning, but the actual advances are not as impressive. In the last 20 years, cyber defense, and cyber as a research discipline, have grown from almost nothing to major national concerns and the recipient of major resources. In the winter of 1996-1997 there were four references to cyber defense in the search engine of that day: AltaVista. Today, there are about 1.3 million references in Google. Knowledge of cyber has not developed at the same rapid rate as the interest, concern and resources.

The cyber realm is still struggling with basic challenges such as attribution. Traditional topics in political science and international relations — such as deterrence, sovereignty, borders, threshold for war and norms in cyberspace — are still under development and discussion. From a military standpoint, there is still a debate about what cyber deterrence would look like, what the actual terrain and maneuverability are like in cyberspace, and who is a cyber combatant.

The traditional combatant problem becomes even more complicated because the vast majority of the networks and infrastructure that could be engaged in potential cyber conflicts are civilian — and the people who run these networks are civilians. Add to that mix the future reality with cyber: fighting a conflict at machine speed and with limited human interaction.

It could take until the mid-2030s before many of the basic elements of cyber have become accepted, structured and understood, and until we have a global framework. Therefore, it is important to be invested in cyber research and make discoveries now rather than face strategic surprise. Knowledge is weaponized in cyber.

Jan Kallberg is a research f ellow at the University of Texas at Dallas.