Cybersecurity

New rules for cyber warfare put the military on the offense

image of obama on phone

President Obama has signed a document clarifying the military's role in cyber skirmishes. (White House photo)

President Barack Obama has signed new cyber-warfare guidance that allows the military to go on the offensive when foiling web attacks on U.S. government and private computer networks, according to The Washington Post.

Known as the Presidential Policy Directive 20, the document was signed mid-October and sets standards to guide the operations of federal agencies in confronting cyber threats, Ellen Nakashima wrote Nov. 14. However, the document is classified and the Post report is based on unnamed sources.

According to those sources, the framework addresses both defensive and offensive action, and “attempts to settle years of debate among government agencies about who is authorized to take what sorts of actions in cyberspace and with what level of permission,” Nakashima wrote.

Cybersecurity has lately been a hot topic for the Obama administration and members of Congress, who long failed to agree on passing comprehensive legislation that would protect the nation’s networks and critical infrastructure from cyber threats.

But the new presidential directive might not be enough to fully protect from cyber adversaries.

“An executive order will help but we still need comprehensive cyber legislation,” Janet Napolitano, Homeland Security secretary, said in FCW on Sept. 28. “It’s something that Congress is going to have to come back and address.”

W. Hord Tipton, executive director at (ISC)2 and former CIO at the Interior Department, told FCW anything that can improve decision-making in the areas of cyber defense and offense has to be encouraging news for everyone.

“The U.S., by far, is the leader in traditional military power,” he said in a Nov. 14 interview. “I believe we also have very superior talents in our classified agencies that are looking into things for us, but at the same time, they have to know what the rules are. Drawing that line between the offensive abilities and actions and the defensive is also hard to do.”

However, Tipton said the new directive alone won’t be enough -- and neither would a law. 

“Frankly, legislation isn’t going to solve this problem,” he said, “We have so many things to protect, we don’t know where to start. That’s the real issue.”

About the Author

Camille Tuutti is a former FCW staff writer who covered federal oversight and the workforce.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.