US Senator Calls For New Cyber Doctrine

US Sen. Mark Warner (pictured) has called for a new US cyber doctrine designed to combat modern threats from hackers and disinformation campaigns. Warner serves as vice chair of the Senate Intelligence Committe.

Government, tech companies, social media platforms and other stakeholders must collaborate on a "whole of society effort" to counter malicious campaigns from China, Russia and other countries, which have developed military strategies around shaping information in the digital space. 

"Despite a flurry of strategy documents from the White House and DOD, the federal government is still not sufficiently organised or resourced to tackle this hybrid threat," said Warner.

Warner criticised President Donald Trump to task for not using his office to mobilise a broader response, and for eliminating important government positions, like the White House and State Department cyber coordinator posts. 

Warner said the US must be at the forefront of shaping international norms that govern nation state behavior in cyberspace and set the table for acceptable use of offensive operations.

Warner called for a comprehensive and coordinated strategy to counter foreign-directed mis-information operations, particularly on social media. 

He called out Facebook, Twitter, Reddit, Google-owned YouTube and Tumblr as companies who "aren't doing nearly enough to prevent their platforms from becoming petri dishes for disinformation and propaganda." 

Warner said these companies must improve the way they detect and minimise propaganda on their platforms, alert users when they're interacting with bots and improve transparency around data collection procedures and warned that regulation could be in the offing. 

"At some point if they don't work with us, Congress will have to act on its own," said Warner. "One thing is clear: The Wild West days of social media are coming to an end."

Renee DiResta, a disinformation researcher, refers to this status quo in a November 2018 research paper as one of "continuous partial conflict" between nations that falls somewhere between a cold war and a hot one. 

DiResta argues that only social media platforms are positioned to regulate the problem in the short term, and only if they recognise their own responsibility. 

Many US government agencies are legally and politically constrained from policing disinformation without running afoul of Constitution limits, since it is often difficult to tease out from many campaigns where foreign influence ends and domestic free speech begins.

Robert Taylor, former Principal Deputy General Counsel and Acting General Counsel for the Department of Defense under the Obama administration, told FCW that the Trump administration's cyber strategy lacked a meaningful component around combatting misinformation that outlines responsibility for the private sector while balancing relevant constitutional concerns around free speech and free enterprise. 

However, he disagreed with Warner's suggestion that establishing norms in cyberspace should precede the use of offensive cyber tools, arguing that a willingness to conduct such operations is an essential component of current deterrence strategies. 

"Offensive cyber capabilities and the ability to act outside our own networks to disable offensive capabilities directed at our networks, and the willingness to deploy such capabilities when necessary, are critical to a meaningful deterrence," said Taylor.

FCW:

You Might Also Read:

White House To Step Up Cyber Counter-Offensive

UN Chief Urges Global Rules For Cyber Warfare

« Three Ways Facebook Could Clean Up Its Act
IoT Cybercrime Hotspot In Canada »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

OwnBackup

OwnBackup

OwnBackup proactively prevents you from losing mission-critical data and metadata with automated backups and rapid, stress-free recovery.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Nextgen Group

Nextgen Group

Nextgen Group is a pioneering technology services group with innovative and unique services across enterprise software, cloud, data management, and cybersecurity solutions.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

Institute for Applied Network Security (IANS)

Institute for Applied Network Security (IANS)

For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for decision making and articulating risk.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.