What cyber can learn from counterterrorism

Shutterstock image: breached lock. 

U.S. policy on responding to malicious cyberattacks needs to draw on lessons of the counterterrorism fight since 9/11, says the outgoing assistant to the president for homeland security and counterterrorism.

Speaking at the Aspen Institute in Washington, Lisa Monaco said the U.S. has developed a whole set of tools and policy frameworks to counter the terrorism threat and those policies have become increasingly clear to adversaries.

"President Obama has been very clear about the importance of…having a legal and policy framework that is laid down and that is one that enables a repeatable process that we can discuss with our allies, with our partners, that we can use to great effect against terrorism threats," she said.

The challenge, Monaco said, is striking a balance between being transparent to that adversaries know they will face consequences for malicious acts without revealing too much about policies and actions that would enable adversaries to counter any actions.

"The same tension exists in the sense of it is important to be transparent for the legitimacy of our actions in the counterterrorism realm as I would argue in the cyber realm," she added. "So, we've got to do the same thing in the cyber realm, we've got to push to have repeatable processes, a framework."

Monaco argued that the U.S. has applied a consistent process in response to Russia's election-related hacking as well as hacks by China, Iran and North Korea.

That process was to "put all of our intelligence and information together…have the intelligence community tell us what it is we can say about that malicious cyber activity that is going to be in our national interest," she explained.

She said the U.S. has to make clear that it will impose consequences for attacks in cyberspace, but also needs to do so in a way that does not reveal the sources and methods used to determine who committed the attack.

Monaco hopes the new administration will keep in place Obama's Executive Order 13964, which originally outlined U.S. responses to significant malicious cyber incidents and was amended in December 2016 to allow for the sanctions against Russia in response to its interference in the election.

"We have the bar pretty high," on the use of sanctions, she said. "I think that's a good thing, but having that out there as a signal to not just the malicious cyber actors but other nation states as well as to where we're trying to set the bar, where we're trying to set the international norms, is important."

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


    sensor network (agsandrew/

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.