Cybersecurity and Deterrence
Ending the “Dual-Hat” Arrangement for NSA and Cyber Command?
Are big changes afoot at Cyber Command? What are the relevant legal constraints?
Latest in CYBERCOM
Are big changes afoot at Cyber Command? What are the relevant legal constraints?
For the first time, it appears, U.S. Cyber Command has conducted a disruption operation against a non-state actor outside the context of war. Here’s what you need to know.
A blockbuster article by David Sanger and Nicole Perlroth in the New York Times reports U.S. Cyber Command operations to hold at-risk at least some aspects of the electric power grid in Russia. The story raises a host of legal and policy questions.
DOD’s 2018 Cyber Strategy document is drawing attention because of its reference to “defense forward.” What does that mean? Let’s have a close look, in context with the recently-enacted NDAA and recent changes to PPD-20.
1. Hold up. Is this “DOD Cyber Strategy” the same thing as the “National Cyber Strategy”?
The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line. A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers. My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).
Friday morning, the White House announced it will elevate Cyber Command to a full unified combatant command. Within 60 days, the Secretary of Defense will recommend whether Cyber Command should also be split from the National Security Agency.
Friday morning, the White House announced in a statement that the President ordered the elevation of Cyber Command to a unified combatant command. The full statement can be found below.
The Government Accountability Office last week published a report that, among other things, weighs in on the pros and cons of the NSA/CYBERCOM “dual-hat” system (pursuant to which the director of the NSA/CSS and commander of CYBERCOM are the same person). The report deserves attention but also some criticism and context. Here’s a bit of all three.
1. What is the “dual-hat” issue?
In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.