Abstract Roundtable ISA 2019 on Resilience in hybrid conflicts
Title: Detecting hybrid threats: between theory and practice
Author: Prof.dr. Sebastiaan Rietjens
If a society knows what threats to expect, in terms of e.g. size, impact and origin, it becomes better able to anticipate and focus its activities to counter these threats. This makes early warning a crucial element in building resilience. While first generation early warning systems adopted a centralized structure and focused on prediction and providing analysis to inform decision making, early warning systems nowadays tend to have a localized structure and increasingly focus on understanding complex threats. Hybrid conflicts represent a good example of such complex threats. As a result of the multi-faceted nature of hybrid conflicts, understanding an enemy alone is no longer sufficient. Rather, in-depth understanding is required of e.g. cyber activities, financial constructions, as well as political influencing operations. Therefore, the objective of this paper is to contribute to the knowledge on the extent and how early warning systems are able to detect hybrid threats and, based on that, deliver an appropriate warning.
To do this, the paper first constructs a theoretical framework based on early warning literature as well as literature on hybrid threats. This framework consists of the early warning process (data collection, data analysis and warning) and the challenges that are expected in applying early warning to hybrid threats. These challenges include the warning-response gap, the western centrism, the selection of indicators as well as the reliance on quantitative methods.
Based on this, the paper provides a critical reflection on the Dutch warning system for hybrid conflicts. The Netherlands is selected as a case study due to its experiences with countering hybrid threats, including but not limited to political influencing operations during elections and referenda, disinformation campaigns such as in the aftermath of the MH17 disaster and the (attempts of) hacking of critical infrastructure. Data is collected by means of semi-structured interviews with key persons involved, within the intelligence services, the Ministries of Defence and Foreign Affairs as well as relevant think thanks.