Date of Conferral





Public Policy and Administration


Glenn Starks


A successful large-scale cyberterrorism attack has never been conducted against the United States, yet cyberterrorism is a real and evolving threat. The United States assumes a largely defensive posture toward the thousands of daily cyberattacks conducted against the country, allowing cyberterrorists to probe and execute cyberattacks with broad impunity. The United States would most likely respond to a successful large-scale cyberterrorism attack within a framework of regulations concerning physical acts of terrorism since no policy exists on how to respond to major cyberterrorism attacks. The purpose of this qualitative study was to explore the perceptions of U.S. terrorism and cybersecurity experts to understand how the country might better prevent, cope with, and respond to a large-scale cyberterrorism attack. Punctuated equilibrium theory provided a lens to understand the relationship between policy information flow and politically driven change to guide this study. Data were generated through one-on-one semistructured telephone interviews from nine cybersecurity and terrorism experts. These data were then coded and analyzed to interpret patterns and generate themes. Results indicated that the United States should not consider specific large-scale cyberterrorism attack response options since terrorists likely do not yet possess the capabilities to carry out a cyberattack. However, the country could do much more to prevent destructive cyberattacks, to include eventual cyberterrorism attacks, through deterrence. The implications for positive social change include improving the collective national cyber defense, from small private companies to large government organizations. This study can also raise U.S. policymaker cyberterrorism awareness through more extensive education and improved synthesis of cyber related information to support accurate determinations.