We define cyber attacks as "the deliberate and perverse use of technology for the purpose of harming people, communities, institutions and governments." Although this proposed definition may be subject to disagreement, it is assumed that there is broad consensus regarding what constitutes "harm", regardless of whether or not an attack has been successful.
For an action in cyberspace to be effective, it is neither necessary for it to be an attack nor for it to be successful. Given the pervasiveness of cyberspace, the mere fear of such an attack causes us, individually and collectively, to devote a significant amount of resources, time, and energy to minimizing its potential impact. Much like counter-terrorism policy, significant measures are devoted both to preventing an attack and, when one occurs, to responding to its impact and consequences. We are asked the following questions: What is the best way to protect ourselves? Are we already putting it into practice? Are there more effective and creative mechanisms? We can assume that these are the same questions that, conversely, are raised by those who are dedicated to deliberately harming civil society (defined in general or particular terms). This is so, regardless of the paradigm we assign to cyberspace. As we have already underlined, the importance of defining and categorizing actions in cyberspace cannot be minimized. However, as important as it is and as little as it can be denied, this chapter will focus on a different aspect.
The goal is cooperation between different potential attack targets and between different law enforcement agencies, as well as between targets and law enforcement agencies. In a nutshell, we maintain that by implementing cooperation models aimed at offering institutionalized mechanisms, it is possible to avoid or, at least, minimize the damage represented by the mere threat of a cyber attack or, even more so, by a successful attack. Given the consequences of an attack and the resources needed to minimize its impact, the proposed cooperation model aims to reduce the costs, both direct and indirect, of actions in cyberspace. The model is based on a premise: preventing an attack or, in the worst case, carrying out a concerted and determined effort is preferable to bearing the costs of a successful attack.
By implementing cooperation models aimed at offering institutionalized mechanisms, it is possible to avoid or, at least, minimize the damage represented by the mere threat of a cyber attack or, even more so, a successful attack.
There are large companies that subscribe to the opposite argument: it is more profitable to absorb an attack than to invest in advanced protection models. However, there are not met managers whose companies have been successfully attacked and who adhere to this theory.