What are the origins and evolution of the institutional, policy and legal frameworks that have come to define both the defensive and offensive aspects of the U.K. and U.S. models?
Aegis: Security Policy in Depth
Aegis explores legal and policy issues at the intersection of technology and national security. Published in partnership with the Hoover Institution National Security, Technology and Law Working Group, it features long-form essays of the working group, examines major new books in the field, and carries podcasts and videos or the working group’s events in Washington and Stanford. Aegis examines the legal and policy options that better shield America, its allies, and civilians worldwide from the risks of the modern world. The Hoover Working Group on National Security, Technology, and Law brings together national and international specialists with broad interdisciplinary expertise to analyze how technology affects national security and national security law.
Among the most discussed provisions of the Tallinn Manual 2.0 is Rule 4: “Violation of sovereignty.” Rule 4 provides: “A State must not conduct cyber operations that violate the sovereignty of another State.” Considered alone, Rule 4 is banal and unobjectionable, since there are many established sovereignty-based international-law rules that cyber operations might violate.
The US policy of “defend forward” and “persistent engagement” in cyberspace raises the stakes of this attribution question as a matter of both international and domestic law.
United States Cyber Command turned ten years old in 2020. It is a unique institution—a military command that operates globally against capable adversaries and yet never fires a shot—and its design has been a work in progress.
The United States has one of the world’s strongest and most sophisticated capabilities to launch cyberattacks against adversaries. How does the US Constitution allocate power to use that capability? And what does that allocation tell us about appropriate executive-legislative branch arrangements for setting and implementing cyber strategy?
As its name implies, the 2018 US Department of Defense Defend Forward strategy is principally reactive. The strategy assumes that the United States will continue to suffer harm from competitors and malign actors through cyberspace. Accordingly, it outlines US reactions in order to preempt threats, defeat ongoing harm, and deter future harm.
If information is power, then the corruption of information is the erosion, if not the outright usurpation, of power. This is especially true in the information age, where developments in the technological structure and global interconnectedness of information and telecommunications infrastructure have enabled states to engage in malicious influence campaigns at an unprecedented scope, scale, depth, and speed.
Subscribe to Aegis: Security Policy in Depth via RSS.