Senate’s defense authorization would set cyber doctrine
The National Defense Authorization Act (NDAA) passed Monday by the Senate mandates a thorough, distinct doctrine for cyber warfare, filling a void long bemoaned by lawmakers.
Legislators, particularly Senate Armed Services Committee Chairman John McCain (R-Ariz.), have complained about the ad hoc approach to responding to, conducting and deterring cyberattacks since the Obama administration.
“The threat is growing, yet we remain stuck in a defensive crouch, forced to handle every event on a case-by-case basis, and woefully unprepared to address these threats,” McCain said in May.
{mosads}“We keep talking about a policy and a doctrine, and it never seems to happen,” Sen. Angus King (I-Maine) said.
The NDAA calls for the Department of Defense to plan responses to potential attacks against the United States and plans to increase the resiliency of cybersecurity of American defense systems.
It also establishes a policy to notify countries when it becomes aware that a third country has instigated an attack on its systems and establishes that the United States may act unilaterally if a victim country is unable or unwilling to respond.
The Trump administration is opposed to Defense establishing the doctrine outlined in the NDAA, noting in the Office of Management and Budget (OMB) evaluation of the bill that legislators establishing a policy comes at the expense of the president, who usually sets such policy.
The OMB also derided the policy of notifying countries that were subject to cyberattacks.
“This would severely constrain the President’s decision space and undermine the ability of the Armed Forces to act rapidly and decisively, in accordance with applicable law, to neutralize threats and to defend United States national interests in cyberspace,” it said.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..