By the Senate Armed Services Committee’s estimation, the United States has held back in cyberspace.
The committee is angling to change that with the latest National Defense Authorization Act, proposing to free up the military on the front lines of cyber conflict, create a new strategic cyber entity and respond to Russian aggressions in-kind.
The bill’s authors wrote that lawmakers have long-standing concerns about the lack of an effective U.S. strategy to deter and counter cyber threats. To counter foreign state actors bent on stealing, striking, spying or disrupting in cyberspace, the bill suggests boosting resilience, increasing attribution capabilities, emphasizing defense and enhancing the country’s ability to respond to attacks.
“We’re letting episodes define strategy. It should be the other way around, where we clearly articulate our cyber deterrence strategy and rules of engagement,” said Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security.
By offering a road map for the U.S. Cyber Command, signaling when U.S. cyber forces will go on attack and directing the United States to employ all instruments of national power, “this bill gives [CYBERCOM] its marching orders going forward,” Cilluffo said.