Operating in Cyberspace – DoD’s Policy Architecture Begins to Emerge

Guy L. Copeland, Vice President, Information Infrastructure Advisory Programs, CSC

Moves to put in place another aspect of the national cybersecurity strategy environment occurred recently with the release of the Department of Defense Strategy for Operating in Cyberspace.

The strategy, delivered by Deputy Secretary of Defense, William J. Lynn III, marks an important step in supporting our national interests in cyberspace, with the definition of five initiatives:

  • Elevate cyberspace to a domain of DoD
  • Adopt active defenses
  • Increase cooperation between Department of Homeland Security and the private sector
  • Cooperate with NATO and other partners
  • Invest in technology and training to make the Internet more secure

While wide-ranging, the strategy does not address fully or resolve clearly, all aspects of cyberspace, reflecting the reality that our national policy has remaining gaps.  For example, the strategy does not make clear what differentiates the use of cyber as an instrument of national power in a contested environment from armed conflict, or cyber war, reflecting that such considerations are still a “work in progress.”

Though many have called on the government to discuss cyber war explicitly, unanswered questions remain addressing cyber war and offensive operations. There may be strategic advantage in retaining ambiguity on this topic, however.

Addressing these questions may need to take place within the larger context of the foreign relations and national security responsibilities of other government departments and agencies. We are just beginning to see the outline of a policy architecture that should lead to a whole-of-government approach to cyber policy and operations.

In addition, the strategy does not touch yet on some of the principal challenges that continue to impede public-private information sharing.

Private sector interests must consider and address potential liabilities associated with both providing or receiving and acting on cybersecurity information. And, in the global economy, effective information sharing across governments and foreign companies or companies operating globally is critical.

Cybersecurity is a team sport.  The essence of successful collaborative partnership is trust, teamwork, and information sharing about threats and best practices to mitigate those threats.

In the end, the DoD strategy provides evidence that the public sector’s policy architecture is beginning to emerge – and that may be its most important feature.  We are beginning to define our national interests in cyberspace, to determine who will develop what aspects of policy to support those interests, what policies are needed, and how resources will be allocated in support of those policies.

While much work remains to be done, we see the DoD Strategy for Operating in Cyberspace as a step in the right direction. We look forward to helping address the many challenges that remain.

This entry was posted in Cyber Security, Cybersecurity, News and tagged , , . Bookmark the permalink.

One Response to Operating in Cyberspace – DoD’s Policy Architecture Begins to Emerge

  1. Pingback: Operating in Cyberspace – DoD’s Policy Architecture Begins to Emerge | Envision Gov IT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s