Just before John Brennan ended his term as director of the CIA in 2017, his agency issued a new set of guidelines under Executive Order (EO) 12333, the general charter that governs the intelligence community. Entitled “Central Intelligence Agency Intelligence Activities: Procedures Approved by the Attorney General Pursuant to Executive Order 12333,” the guidelines received little attention.
Latest in National Security Agency
In July 2017, Privacy International and Yale Law School’s Media Freedom & Information Access Clinic (MFIA) filed a lawsuit against the National Security Agency, the Office of the Director of National Intelligence (ODNI), the State Department, and the National Archives and Records Administration seeking access to records related to the Five Eyes alliance under the Freedom of Information Act.
The Senate intelligence committee is holding a hearing Thursday morning at 10:00 a.m. on the nomination of Lt. Gen. Paul Nakasone to be director of the National Security Agency (Prepared Testimony). Watch the hearing live:
Friday morning, the White House announced it will elevate Cyber Command to a full unified combatant command. Within 60 days, the Secretary of Defense will recommend whether Cyber Command should also be split from the National Security Agency.
The Government Accountability Office last week published a report that, among other things, weighs in on the pros and cons of the NSA/CYBERCOM “dual-hat” system (pursuant to which the director of the NSA/CSS and commander of CYBERCOM are the same person). The report deserves attention but also some criticism and context. Here’s a bit of all three.
1. What is the “dual-hat” issue?
In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.
Yesterday I was interviewed by NPR about the Shadow Brokers and their relationship to WannaCry. Overall I think it went well, especially since NPR is very comfortable with answers that start with “we don’t know” and then set out the evidence we do know. But I may have been wrong on one significant thing: I thought the Windows tools were the most damaging the Shadow Brokers have to offer.
On November 30th, the House passed H.R. 6393, the Intelligence Authorization Act for FY'17. While it remains to be seen what if anything ultimately emerges at the end of the process, I'd like to highlight some items in the current bill that I found particularly interesting:
- two involve attempts to give SSCI and HPSCI greater awareness of presidential policy directives and MOUs involving the IC;
What is the most surprising discovery a law firm partner makes when he jumps to the National Security Agency? I direct that and other questions at Glenn Gerstell, who has just finished six months in the job as General Counsel at the National Security Agency.
This morning, Admiral Michael Rogers, the Commander of U.S. Cyber Command and Director of the National Security Agency, spoke at the Atlantic Council on his strategic priorities for 2016. Rogers discussed how cybersecurity and defense fits into the U.S.'s national security strategy, how to deter cyber attacks, and what the future of cyber conflict and cyber power will look like.
You can watch the full event below: