Cybersecurity & Tech

What Is Agreed Competition in Cyberspace?

Michael P. Fischerkeller, Richard J. Harknett
Tuesday, February 19, 2019, 11:05 AM

The cyber-strategic environment comprises two strategic spaces—armed conflict and the competitive space short of armed conflict. Pursuing national objectives requires strategies that can succeed in the structural and dynamic realities of each of these spaces.

Published by The Lawfare Institute
in Cooperation With

The cyber-strategic environment comprises two strategic spaces—armed conflict and the competitive space short of armed conflict. Pursuing national objectives requires strategies that can succeed in the structural and dynamic realities of each of these spaces. We noted in Lawfare previously that an explicit bargaining process for arriving at norms of acceptable behavior in cyberspace is appropriate in the strategic space of armed conflict, but a tacit bargaining approach, supported by persistent engagement, is required in the competitive space short of armed conflict. Tacit bargaining can produce more stable expectations of acceptable and unacceptable behavior in this competitive space. Empirical evidence suggests that states are seeking to advance their national interests without recourse to war, thus their interactions in this cyber strategic competitive space are best approached as a form of tacit agreed competition. In this essay, we follow up on our earlier piece to flesh out the logic of agreed competition and consider how the concept applies to military operating domains other than cyberspace and more expansive strategic competition.

The Strategic Competitive Space

We have argued that a strategy of deterrence for cyberspace is an appropriate anchor in the strategic space of armed conflict but that a strategy of persistent engagement aligns with the cyber strategic competitive space short of armed conflict. Understanding the interaction dynamic that this more active strategy engenders is critical given, in particular, the concerns of some policymakers that an active U.S. cyberspace posture would result in spiraling, uncontrollable escalation.

The seminal work on conflict dynamics is Herman Kahn’s On Escalation. Kahn examined how strategic escalation, through threat or action, can provide an advantage in limited conflicts. He described the nexus between a strategy of deterrence and escalation, in which the former’s effectiveness is premised on a credible threat of the latter. The objective of this coupling is to achieve escalation dominance—the condition in which an adversary’s next move must be to accept the status quo or back down, because further escalation would be counterproductive to their interests. Coercive escalation strategies like those developed by Kahn are viable in the strategic space of armed conflict, including cyber, due to the nature (and threat) of war.

Since deterrence, a coercive strategy, is an anchor for managing the strategic space of armed conflict in cyberspace, we’re inclined to accept escalation (or the threat of escalation) as the likely approach for the use of or response to cyber operations in armed conflict. However, since deterrence does not align either empirically or logically with the structural features of the cyber strategic competitive space short of armed conflict, neither, then, would its coupled strategic approach of escalation describe how states would seek strategic advantage in that space. Current empirical studies conclude that cyber behaviors short of armed conflict are not indicative of a coercive approach to seeking gains, as evidenced by how few cases there have been of states escalating out of the cyber strategic competitive space into the space of armed conflict. There are structural disincentives to escalate out of cyber competition and into armed conflict. Due to interconnectedness, the core structural feature of cyberspace, strategic targets are accessible in, through and from cyberspace via cyber operations or campaigns short of armed conflict. The core condition that follows from interconnectedness is constant contact, which, when combined with the nature of information technology and networked computing, imposes the structural imperative of assuming for security purposes that adversaries can persistently engage in operations. The prospect arises, therefore, of achieving strategic gains—shifts in sources of national power—through the cumulative effects of well-organized cyber campaigns.

Kahn described another way adversaries could seek to gain strategic advantage in conflict—by making use of factors associated with a particular level of escalation, or, as he called it, agreed battle. Agreed battle manifests when adversaries have strategic rationales to not escalate. In agreed battle

[b]oth sides are accepting limitations, there is in effect an “agreement,” whether or not it is explicit or even well understood. Thus the term does not have any connotation of a completely shared understanding, an intention of containing indefinitely within the limitation, or even a conscious quid pro quo arrangement.

Further, Kahn said that adversaries can come to recognize

what the “agreed battle” is and is not, what the legitimate and illegitimate moves are, and what are “within the rules” and what are escalatory moves. There need not be any necessary symmetry to the “rules” nor does agreed battle require initial concurrence on what is legitimate or acceptable. Understanding each other’s views will take interactions and time.

The concept of agreed battle comprises both a structural characteristic and a substantive character. The structural characteristic is the agreed-on range of conflict, and the substantive character is the acceptable and unacceptable behaviors within that conflict space. Agreement is reached on these conditions through adversary interactions. In battle, adversaries intending to limit the type of conflict can come to tacit understandings of constraints on their actions through repeated interactions. In agreed battle, strategic advantage is sought by making use of the battle’s structural boundaries and adopting a strategic approach that seeks to gain advantage within them, as opposed to an approach of threatening escalation out of those boundaries and into the next level of conflict. The resulting strategic dynamic is competitive interaction within those boundaries, rather than spiraling escalation to new levels of conflict.

We suggest that Kahn’s concept of agreed battle can be refined and made more explicit to better understand the cyber strategic competitive space short of armed conflict. Agreed competition captures the structural constraints on the cyber strategic competitive space, and the record of cyber conflict to date reflects this. Behaviorally, cyber actors appear to have tacitly agreed on lower and upper bounds of the cyber strategic competitive space short of armed conflict—the operational space inclusive of and above operational restraint (i.e., inactivity) and exclusive of and below operations generating armed-attack equivalent effects. A strategic approach of well-organized cyber campaigns that seek cumulative change that can affect sources of national power appears to some states as a viable prospect. Thus, there is a strategic rationale to seek those outcomes without escalating into costly war. The strategic dynamic that follows from continuous cyber operations, then, is competitive interaction within agreed competition’s boundaries, not an escalation spiral out of them, and it is both structurally and strategically reinforced. In the end, there are two possible strategic games that cyber operations and campaigns enables—competition and armed conflict. The United States has been focused almost exclusively on the latter, while many states have been playing the former. Recognizing that each of these games has different rules and dynamics is essential if one is to stabilize both.

The tacit agreement over the substantive character of acceptable and unacceptable behaviors within agreed competition’s boundaries is still in a formative phase. To be clear, we are not suggesting that, for example, the United States has agreed that China’s theft of intellectual property and personally identifiable information, Russia’s interference in U.S. elections, and North Korea’s exploitation of the SWIFT banking system are acceptable behaviors. Rather, we are proposing that we are in the early stages of an agreed competition: The structural boundaries are already tacitly understood, but mutual understandings of acceptable and unacceptable behaviors are still being developed through competitive interaction. We anticipate that a more active U.S. strategy of persistent engagement will help define the substantive character of acceptable cyber competition and differentiate it from cyber armed conflict.

The Advantages of the Agreed Competition Framework

The agreed competition framework for understanding the cyber strategic competitive space short of armed conflict provides valuable insights into operational prescriptions for a strategy of persistent engagement and highlights several strategic issues that merit attention. From an operational perspective, if we repurpose and operationalize Kahn’s mechanisms of escalation (widening the area, compounding and intensifying) as mechanisms of continuous action for seeking strategic advantage short of armed conflict, then an operational objective of persistent engagement is to inhibit an adversary’s attempts at the same. Through a combination of resiliency, the notion of “defend forward” and contesting cyber operations, persistent engagement can inhibit adversary campaigns that seek to increase the number of systems affected (cyber widening), the number of actors affected or implicated as causing an effect (cyber compounding), and increases in frequency, duration, level and visibility of effects (cyber intensification).

This agreed competition framework highlights three concerns regarding the stability of the constraints tacit bargaining imposes on conflict. First, the substantive character of agreed competition is still maturing and, consequently, the potential exists for some states to seek to legitimize significantly disruptive cyber actions or operations short of armed conflict. Second, differing perspectives, ambiguity or uncertainty over specific types of acceptable campaigns or operations introduce avenues for unintended or nondeliberate escalation out of agreed competition. This uncertainty will affect both malign actors with offensive intent and states exploring this competitive space with defensive objectives. Finally, extended or enduring imbalances of competitive interaction outcomes will produce shifts in relative power that may lead to instability; when a state experiences a decline in power and senses rising competitors, the incentive for deliberate escalation out of agreed competition and into armed conflict increases. Understanding the strategic competitive space as agreed competition clarifies major areas that require further study and the strategic pitfalls of advancing interests too assertively. Importantly, these are challenges for all significant actors in agreed competition, and clarifying these challenges would help ensure stability. Adversaries in this competitive space have mutual interests in avoiding escalation to violent conflict, and these interests could be the basis for explicit or tacit bargaining in support of stability.

Agreed Competition and Other Military Operating Domains

Cyberspace’s strategic competitive space short of armed conflict differs from other domains. The land, maritime and air domains all share the same core structural feature: segmentation, not interconnectedness. This segmentation derives from states exercising their sovereign rights within recognized boundaries. When states move out of the space short of armed conflict into open war, sovereignty is violated, and those domains become connected temporarily. However, in nonconflict situations, segmentation is the enduring structural feature of the land, maritime and air domains. The military operating domain of space is a bit different because space is accepted internationally as a commons, which, by agreement, means that space is not subject to national appropriation by claim of sovereignty. However, one should not infer from the absence of sovereignty-derived segmentation in space the presence of structural interconnectedness. National systems operate without connection to each other.

Segmentation does not produce a structural disincentive to escalate in these domains. It results in a condition of episodic contact, during which escalation is the incentivized strategic approach. Land, maritime, air and space capabilities reflect this: They are designed and developed to coerce and deter, and, should that fail, to prevail in conflicts through threats of or actual escalation in uses of force. These domains are not populated by persistent actions—national interests can be advanced through holding capabilities in reserve and through shaping on the basis of prospective threat (holding at risk), neither of which apply in a cyber strategic competitive space short of armed conflict that demands persistence.

Agreed Competition and Gray Zone Challenges

Philip Kapusta, writing in Special Warfare, defines gray zone challenges as “competitive interactions among and within state and non-state actors that fall between” traditional, declared war and peace, and that “are characterized by ambiguity about the nature of the conflict, opacity of the parties involved, or uncertainty about the relevant policy and legal frameworks.” This category could most certainly include cyber operations. It is important to note that this definition does not describe a strategic space; rather, it describes challenges, so a straightforward comparison with agreed competition is inappropriate. This definition or characterization could, however, suggest a description of a multidomain gray zone strategic space. Thus, to explore a structurally based apples-to-apples comparison, we examine how that space would be characterized.

To begin, it would be bounded by peace and traditional, declared war. This makes clear one difference between a gray zone strategic space and agreed competition: The tacit structural upper bound characterizing the agreed competition in cyberspace is exclusive of and below operations generating armed-attack equivalent effects, not traditional, declared war. An operational example illustrative of that difference is the 14-month invasion and occupation of the Dominican Republic in 1965-1966, a typical gray zone operation as cited by the literature. This operation involved more than 40,000 U.S. troops, significant armed attacks and, more tragically, loss of life. These actions fall within the defined range of actions in the gray zone strategic space, but not the agreed competition framework for cyber strategic competitive space short of armed conflict.

Segmentation, not constant contact, is the core structural feature of a multidomain gray zone strategic space. The gray zone literature notes that during the Cold War, when nation-states made deliberate choices to engage in gray zone activities, U.S. responses were governed by the rules of state-to-state relations—the same principles of sovereignty that structure the land, maritime, air and space domains. This suggests a condition of episodic contact, a strategic approach of escalation and a strategic dynamic of an escalation ladder. A note of caution is warranted here: Because the gray zone literature defines challenges as competitive interactions, there is potential for confusion over the strategic dynamic in this space, as that is a term we use to describe the strategic dynamic that flows from the structural feature of interconnectedness. But, as long as it is clear that these interactions are occurring in a context of gray zone challenges, or, alternatively, the dynamic of an interconnected strategic competitive space, confusion can be avoided.

Although many of the conclusions in gray zone scholarship are based on an analysis of the past 100 years of U.S. conflict, the literature also notes that nations today are interconnected in unprecedented ways and the velocity of technological change portends an increase and expansion in gray zone challenges. We concur and supportively argued at the outset of this section that cyber operations could represent such challenges. The more important consequence of this change, however, is that the interconnectedness that is central to these technological advances has brought forth an entirely novel cyber strategic competitive space short of armed conflict—agreed competition—the features of which lead to equally novel operational prescriptions and strategic concerns.

Agreed Competition and the Return of Great Power Competition

According to current U.S. strategy, the main focus of U.S. national security strategy must return to the comprehensive strategic struggle between great powers that comprises political, economic and military competitions. The agreed competition framework has important implications for this anticipated return of great power competition.

Like gray zone challenges, comprehensive great power competition is most often described through references to the activities it comprises rather than structurally as a comprehensive strategic competitive space. Were it conceptualized as such (as we did with the gray zone), it would share with cyberspace’s agreed competition tacit agreement on structural lower and upper bounds and a rationale to seek strategic advantage short of armed conflict. However, it would not share with agreed competition the structural disincentive to escalate, because it would not share the core structural feature of interconnectedness from which the disincentive ultimately derives. Moreover, a comprehensive great power competitive space would comprise all military domains, multiple sectors and every instrument of national power, thereby being far more expansive than the cyber strategic competitive space characterized as agreed competition. Agreed competition should be understood as an important component of a comprehensive strategic great power competitive space with its own distinct structural features, incentives and dynamic.


Agreed competition is a unique, structurally derived and defined phenomenon of cyberspace that allows for a better understanding of the cyber strategic competitive space short of armed conflict. This helps explain the observed behavior of actors competing in the space and has implications for the strategies they are likely to employ going forward. Cyberspace presents unique challenges, and this framework does not characterize other operating domains because they do not share cyberspace’s core structural feature of interconnectedness. Similarly, agreed competition does not and should not be used to characterize gray zone challenges, nor what could reasonably be argued to comprise a multidomain gray zone competitive space. Cyber campaigns and operations could be understood less precisely as gray zone challenges, but they and competitive interactions short of armed conflict are better understood as agreed competition if one is seeking operational and strategic insights. The framework also has only limited applications to a comprehensive strategic global competitive space.

Managing cyber operations short of armed conflict so that they advance national interests, while enhancing general cybersecurity and global stability, requires that we understand the fundamental strategic environment in which they are being conducted. The concept of agreed competition allows for robust academic and policy analysis, so that this increasingly critical international security space can be studied effectively and, it is hoped, evolve into a stable arena of global politics.

Dr. Michael P. Fischerkeller is a research staff member in the Information, Technology and Systems Division at the Institute for Defense Analyses, where he has spent for over 20 years supporting the Office of the Secretary of Defense, Joint Chiefs of Staff, and Combatant and Multi-National Force commanders.
Dr. Richard J. Harknett is Professor and Head of the Department of Political Science at the University of Cincinnati, Co-director of the Ohio Cyber Range Institute, and Chair of the Center for Cyber Strategy and Policy. He served as an inaugural Fulbright Scholar in Cyber Studies at Oxford University and as the inaugural Scholar-in-Residence at US Cyber Command and the National Security Agency, where he assisted at the Command in examining strategic approaches to cyberspace. He was consulted, along with others in government and academia, in the drafting of core strategic and operational concepts associated with persistent engagement as well as cyber legislation in Congress.

Subscribe to Lawfare