This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Cyber Operations: Uncertainty in Decision Making for Cyber Security and Overcome of Them

downloadDownload printPrint

Remember! This is just a sample.

You can get your custom paper by one of our expert writers.

Get custom essay

121 writers online

Download PDF

Fog of war discussion

Prussian military analyst Carl von Clausewitz in his published book, Vom Kriege, introduced the word “fog”. In this phrase “fog of war”, argument stated by Clausewitz says, uncertainty is the central point. Fog is the confusion that arises from absent, misleading, or contradictory intelligence, which creates an ambiguous picture or prediction of an event. For example, the purpose of training the soldiers and commanders is to prepare them to face mental challenges that may amaze and confuse them when they first come across it. The unreliability of information in war, and all actions that take place in the twilight often make things more grotesque than they really are. On the other hand, “friction “as stated by Clausewitz is the physical hindrances like fear, hardship, and problems in the information that hamper the military commander in many possible ways in the planning of a war/fight as it impedes commanders mind. Therefore, fog and friction are incomplete without one another, as to interpret and prepare a plan of action both physical hindrances, confusion along with ambiguous information is necessary as there is no accurate information available, and based on that predictions for a plan of action can be made.

In the modern world, data plays a key role in shaping politics, organizational status, academics, hospitality, technology, share markets, and many more. Without data, there is no today and tomorrow. Armies/navies/air forces can do war physically but war for data physically is not possible as data is stored in servers and is virtual, not physical. Social media, gaming, and many more use big data platforms, so they have a huge responsibility of storing and managing users’ data. Social media platforms like Instagram, Facebook, etc. they store the user data on servers but the user is unaware of whether their data is secure or not. This creates a “fog of war” situation for user whose data is available on social media platforms and this makes them vulnerable to many cyber-attacks. Handling such a huge amount of data is not reliable, as attackers can target a person by reading its social media profile (which contains users; name, address, live location sometimes, email, contact, friend list, etc.) and the victim most of the time is unaware of the attack and in some cases, it may take years to know about system attack.

For example, Facebook in recent times was hacked and many user details (i.e., user personal data) were openly disclosed that were meant to be private, this creates a fog of war situation for the user, as a user cannot do anything in this scenario as the damage is done and there is no counter-attack possible. That is where cyber security plays a key role, because security systems may not be easily hacked, and revising the security policies at regular intervals by identifying risks, detecting data corruption and configuration anomalies, responding to changes, etc. However, the main weakness that we cannot overcome is a human link, as no matter how advanced technology and security practices be, they will be always constrained by the human factor. IBM placed “human error” as a contributing factor to successful cyber-attacks in 95% of cases. At the same time, people are also the strongest line of defense as because of their expertise only a human can code the security algorithms for safety purposes so we cannot underestimate the human factor.

Information environment discussion

Humans are the main factor behind technology and so is information the important aspect for any system if information exists, it has to be in that particular environment of the system in which they process, collect, and disseminate. The environment in which humans and automated systems observe, orient, decide, and act upon information is the principal environment for decision-making. Therefore, the information environment and the process of decision-making is correlated. The information environment consists of 3 dimensions: Cognitive (Human-Centric), Physical (Tangible, Real-world), and Informational (Data-Centric). The dimensions can form a basis for sharing information internally, ensuring command and control, and disrupting enemy information flow. These three dimensions play a critical role in decision-making for cyber issues, as the data-centric aspect reflects the way individuals, information systems, and groups communicate and exchange information. It includes sharing of information also the information cannot be always true as it depends on the context and how the flow of information is. The tangible/real-world aspect are the material characteristics, both natural and manufactured, of the environment that create constraints and freedoms on people and information systems that operate in it. It also includes the stakeholders that may influence a situation accompanied by infrastructures that may include command and control that are required to perform any operations by individuals/organizations. Lastly, the human-centric aspect reflects the main factor in which an individual’s attitude, perception; belief, experience, knowledge, training, and complex situational understanding, which humans have developed, is taken into consideration to get the outcome of decision-making. It also takes into consideration the awareness of a situation that exists in part or the entire information environment at a particular point in time i.e. situational awareness. That is why these three aspects play a key role in the information environment.

The best scenario in today’s world for an information environment is a network or the internet through which people meet, interact, and establish relationships. For example, if two people meet via messages/chatting, the chat application becomes the shared environment and its boundaries are defined by the app’s user interface. You may not be physically present on the same place but in an environment where you are meeting is entirely made of information but there are some limitations based on the user interface. They are system boundaries, which, are set for every application depending on its interface and the information environment. The system boundaries demarcate a limit to the system’s internal components and processes to receive or send information outside its scope. All systems have a boundary and they operate within the environment, this environment may represent the summation of other systems and input-output resources that the system interacts with during its operation. The information environment plays a crucial role in cyber security for example, if a business system requires the input of economic resources, which operate within a market environment, which is open source. Then it may give the attacker an advantage to enter the business system or to pass malicious code via the market environment to the system and take control of the system or distort the confidentiality, integrity, and availability of the system and use the business information for unethical purpose. For this security of the business, the system needs to be intact to tackle such kinds of attacks, give an immediate alert to the CISO of the enterprise, and take action.

Decision-making for cyber (friction issues?)

Decision-making and cyber security go hand in hand as in any organization; employees need to take implicit or explicit decisions on cyber security on regular basis. Cyber security systems and principles are designed to safeguard websites and web applications from attackers that are seeking to disrupt, delay, alter or redirect the flow of data. These attackers vary in target, motive, levels of the organization, and technical capabilities, requiring public and private organizations to adopt ever-increasing measures to prevent cyber-attacks and improve decision-making. Managers play a central role in resource allocation, development of strategies, and identifying source hardware and software systems from third parties that can in turn affect the organization’s cyber security and then take decisions. Technical and non-technical experts can take decisions and this makes the decision-making process much more complex and perplexing.

For example, a technical expert would take decisions based on experience, concrete scenarios, and procedural thinking. Non-technical people would take decisions on shallow, intuition-driven, and concept-related knowledge. However, accurate decisions can’t be taken in cyber security, as we do not have knowledge of attackers (if its an insider/outsider) and as decision-makers are human so the perception of each person differs with another and this complicates the decision-making process. Military commanders in war face the same situation, as they have to rely on the information from their spies/espionage and based on that prepare the plan of action. This decision is difficult as each commander’s plan of action may differ but still, they need to integrate the ideas and present a single plan of action. The decision-making in this scenario is based on past- experiences, and knowledge of the enemy, and improvement every time with challenge own pre-conceptions and the ability to adapt. The “fog of war” concept plays a vital role in cyber security decisions and its issues as in military planning for war. As there is uncertainty in both scenarios, the decisions need to be quicker along with utmost accuracy.

The issues faced by cyber security are evolving day by day and it’s becoming a perplexing task to find solutions to its frictional issues. The basic friction issues that cyber security faces are; Preventive, Qualitative, and Engaging. Firstly, preventative friction is designed to stop the target audience (users) from doing something undesirable. Like, such preventing unauthorized access, preventing errors, improving data quality, and acting as a deterrent. Secondly, qualitative friction is designed to improve the quality of the users’ decision-making by doing surveys on a variety of deployed software by doing ratifications and improvements in the near future. Lastly, Engaging friction deals with improving the engagement of users i.e. making users aware of the mental and physical stress and load, which is required to solve cyberspace issues. Experts face all these issues in cyberspace, but we cannot overcome them overnight as technology is spreading in a fast pace and cyber threats/attacks are also becoming advanced and complex. Therefore, issues related to them are in “fog of war” condition, which are confusing and uncertain but at the same time based on experience and available data we need a solution that makes decision-making intricate in cyberspace.


  • Article: Kratikal Tech Pvt Ltd (End to end cyber security solutions provider).
  • The Fog of War: A Necessary Component of Modern Warfare (U.S. Naval War College).
  • Carl von Clausewitz, Vom Kriege, Book 1, Chapter 3.
  • The Fog of War: Eleven Lessons from the Life of Robert S. McNamara.
  • The Fog of Cyber Defence: Jari Rantapelkonen and Mirva Salminen (National Defence University, Department of Leadership and Pedagogy).
  • Canadian Centre for Cyber Security: An Introduction to Cyber Threat Environment.
  • Sentryo (Part of CISCO): Threat Intelligence (Cybersecurity and environmental risks).
  • Lecture notes on Information Environment: Dr. Stilianos Vidalis.
  • Article: Systems Innovation.
  • Joint Concept for Operating in Information Environment (JCOIE), U.S. DoD.
  • Website: Akamai Technologies.
  • CREST (Centre For Research And Evidence On Security Threats): Cyber Security Decisions.
  • Kenna Katalyst (Security): The risk based vulnerability management.
  • Decision-making and Biases in Cyber security capability development: Evidence from a Simulation Game Experiment (MIT Sloan School of Management).
  • Website: Human Risk, Friction.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

experts 450+ experts on 30 subjects ready to help you just now

delivery Starting from 3 hours delivery

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

Cyber Operations: Uncertainty in Decision Making for Cyber Security and Overcome of Them. (2022, August 01). GradesFixer. Retrieved August 15, 2022, from
“Cyber Operations: Uncertainty in Decision Making for Cyber Security and Overcome of Them.” GradesFixer, 01 Aug. 2022,
Cyber Operations: Uncertainty in Decision Making for Cyber Security and Overcome of Them. [online]. Available at: <> [Accessed 15 Aug. 2022].
Cyber Operations: Uncertainty in Decision Making for Cyber Security and Overcome of Them [Internet]. GradesFixer. 2022 Aug 01 [cited 2022 Aug 15]. Available from:
copy to clipboard

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.


    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts


    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.



    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!


    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Don't use plagiarized sources. Get your custom essay. Get custom paper

    Haven't found the right essay?

    Get an expert to write you the one you need!


    Professional writers and researchers


    Sources and citation are provided


    3 hour delivery