Modern field guide to security and privacy

Can Congress help boost US digital defenses?

After US intelligence officials blamed Russia for interfering in November's vote, a new Senate subcommittee will help the Defense Department build up its digital arsenal for the next generation of cybersecurity threats.

|
Kevin Lamarque/Reuters
Senator Mike Rounds (R) of South Dakota speaks at the IAFF Legislative Conference and Presidential Forum in Washington March 9, 2015.

President Trump isn't the only person in Washington pledging to revamp the nation's approach to cybersecurity. 

The new commander-in-chief has tasked former New York Mayor Rudy Giuliani with forming a team to boost US digital defenses, and Congress wants to help the Pentagon streamline its computer attacking and defending capabilities. 

Earlier this month, Senate Armed Services committee chairman John McCain (R) of Arizona tapped Sen. Mike Rounds (R) of South Dakota to lead a new subcommittee that will oversee the Pentagon's potential efforts to shake up the cybersecurity bureaucracy and prepare for a new generation of digital threats from Moscow, China, and Iran. 

“This is an ever-changing environment that puts challenges on our Defense Department and intelligence communities,” Mr. Rounds told Passcode. “As our adversaries and competitors continue to improve, we have to offer deterrence.”

Though Mr. McCain and Rounds have not outlined a specific agenda for the subcommittee, scheduled to begin hearings later this year, President Obama signed a budget in December that promises big changes to how the Pentagon handles cybersecurity. The 2017 National Defense Authorization Act (NDAA) would elevate Cyber Command to a fully fledged combatant command and decouple the military unit from the National Security Agency.

It's not clear yet whether the Trump administration will implement those changes. Rounds told Passcode that he hasn't made up his mind about splitting the roles, but said having NSA Director Adm. Michael Rogers in both positions since 2014 "had some advantages."

On the heels of a report from the Office of the Director of National Intelligence that blamed Russian President Vladimir Putin for ordering an elaborate campaign to sway November’s election in favor of Mr. Trump, Congress could also help establish rules of the road for cyberwarfare. The NDAA also included legislative language proposed by Rounds that aims to clarify the definition of war in cyberspace and the kinds of weapons the Defense Department could use to respond to digital attack.

“The critical part for us is in the future, if we clearly define what we define to be unacceptable and we clearly back it up with not just the red line but back it up with impactful responses,” Rounds said. “If we’re going to war, we expect the president to say so. Commanders on the ground should have the ability to defend their troops. Are other domains available to respond to a cyber attack?”

Like members of Trump’s incoming cabinet, also Rounds appears to be more bullish than the president in condemning alleged Russian hacks of the Democratic National Committee and other political organizations.

"Russia clearly was responsible for getting into DNC and Secretary Clinton’s campaign infrastructure and they were able to steal information," said Rounds. "They tried to influence elections using propaganda in the past, this time they were overtly trying to create a lack of confidence."

The Russia issue will get more air time in Congress this session. The Senate Intelligence Committee, led by chairman Richard Burr (R) of North Carolina, plans an investigation of suspected Russian interference.

Congress may have also have an opportunity to guide how the Pentagon classifies cyberattacks as acts of war, and how to respond to damaging digital assaults, says Dave Weinstein, a former civilian official at Cyber Command, who currently serves as New Jersey's chief technology officer.

“Here’s what constitutes an offensive cyberoperation, here is a defensive cyberoperation, here is where a line of code constitutes a weapon," he says. "Those types of norms and that strategy guidance coming from Congress is critical, otherwise the military will write its own rules.” 

Rounds says he also sees a possible role for the subcommittee and the Defense Department in protecting critical infrastructure – a mission that was often handled by the Department of Homeland Security during the Obama administration. 

"What if it is a private company's assets that are being attacked? At what point does the Department of Defense step in – or are these companies on their own such as when Sony was hacked," he said.

The evolution of Cyber Command will likely become prove a key focus for members of Congress focused on national security, especially as the threat of cyberattacks continues to grow in the US and abroad.

"Cyber Command is being treated more and more like [Special Operations Command], not just in terms of having warfighting authority, but in terms of having resource authority," says Michael Sulmeyer, director of the Cyber Security Project at Harvard University's Belfer Center and a former Pentagon official. "I think the Congress will want to have more than passing insight into how that develops."

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Can Congress help boost US digital defenses?
Read this article in
https://www.csmonitor.com/World/Passcode/2017/0125/Can-Congress-help-boost-US-digital-defenses
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe