Cyber is pervasive. It connects the government, the private sector and individuals to the benefits and vulnerabilities of an increasingly online world. With these rapid advancements occurring, we must be cognizant of the responsibilities of all parties to keep our nation secure.
In an article by Defense Systems, current US cyber defense is examined and compared to the importance of the private sector:
“This is where defense actions—even with sweeping changes—fall short, and rightly so. Yes, our military and intelligence agencies must develop guidelines for offensive and defensive cyber maneuvers. Yes, they need consensus and direction on serious issues like attribution, equivalency and proportionality. But the vast majority of our critical infrastructure systems, such as transportation systems and chemical, electricity and water plants, are maintained on private networks. Private networks also house billions of dollars in intellectual property, monetary funds and national security secrets. These are among the networks being explicitly targeted and penetrated, and it’s costing us dearly. But are these the systems that we want the DOD to protect, and under what conditions? Should someone attack these systems, is it the DOD’s role to retaliate? Reporting suggests some of these issues may be addressed in Presidential Directive 20, which is classified. So, the uncertainty surrounding Defense’s overall missions and responsibilities remains, as does the question of whether or not we are injecting, knowingly or inadvertently, mission creep.”
In today’s conflicts, threats do not come from just nation states. Hacktavists, cyber-terrorists, and rogue cyber-espionage groups can inflict damage from a multitude of sources. Through collaboration and proper analysis more preparation for cyber attacks can be made. The article calls for an integrated policy, similar to the nuclear doctrine, to prepare the different parties for the growing number cyber security risks.
“This is where the nuclear doctrine provides an incredibly useful model for the cyber era. As our nation did during the 1950s, we must bring executive leaders, policymakers and academia together with the scientists and practitioners that intimately understand cyber technology to collaborate and begin a debate about the complex issues at play. We should invest in a national cyber research agenda that complements this debate to test new technologies and explore our path forward. We must consider not only the military impact of the new cyber world, but also what role cyber defense will hold in shaping the future of our country’s economy, education, foreign affairs policies and critical infrastructure initiatives. Only then can our government, industry, and private citizens align under common goals to shape a safe and prosperous future.”
What are the shortfalls and benefits of this proposal? Is it possible to truly create a nation-level doctrine for the cyber era?
IT Specialist (Dispute Resolution)
United States Air Force