US Senator Calls For New Cyber Doctrine

Uploaded on 2018-12-19 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

US Sen. Mark Warner (pictured) has called for a new US cyber doctrine designed to combat modern threats from hackers and disinformation campaigns. Warner serves as vice chair of the Senate Intelligence Committe.

Government, tech companies, social media platforms and other stakeholders must collaborate on a "whole of society effort" to counter malicious campaigns from China, Russia and other countries, which have developed military strategies around shaping information in the digital space. 

"Despite a flurry of strategy documents from the White House and DOD, the federal government is still not sufficiently organised or resourced to tackle this hybrid threat," said Warner.

Warner criticised President Donald Trump to task for not using his office to mobilise a broader response, and for eliminating important government positions, like the White House and State Department cyber coordinator posts. 

Warner said the US must be at the forefront of shaping international norms that govern nation state behavior in cyberspace and set the table for acceptable use of offensive operations.

Warner called for a comprehensive and coordinated strategy to counter foreign-directed mis-information operations, particularly on social media. 

He called out Facebook, Twitter, Reddit, Google-owned YouTube and Tumblr as companies who "aren't doing nearly enough to prevent their platforms from becoming petri dishes for disinformation and propaganda." 

Warner said these companies must improve the way they detect and minimise propaganda on their platforms, alert users when they're interacting with bots and improve transparency around data collection procedures and warned that regulation could be in the offing. 

"At some point if they don't work with us, Congress will have to act on its own," said Warner. "One thing is clear: The Wild West days of social media are coming to an end."

Renee DiResta, a disinformation researcher, refers to this status quo in a November 2018 research paper as one of "continuous partial conflict" between nations that falls somewhere between a cold war and a hot one. 

DiResta argues that only social media platforms are positioned to regulate the problem in the short term, and only if they recognise their own responsibility. 

Many US government agencies are legally and politically constrained from policing disinformation without running afoul of Constitution limits, since it is often difficult to tease out from many campaigns where foreign influence ends and domestic free speech begins.

Robert Taylor, former Principal Deputy General Counsel and Acting General Counsel for the Department of Defense under the Obama administration, told FCW that the Trump administration's cyber strategy lacked a meaningful component around combatting misinformation that outlines responsibility for the private sector while balancing relevant constitutional concerns around free speech and free enterprise. 

However, he disagreed with Warner's suggestion that establishing norms in cyberspace should precede the use of offensive cyber tools, arguing that a willingness to conduct such operations is an essential component of current deterrence strategies. 

"Offensive cyber capabilities and the ability to act outside our own networks to disable offensive capabilities directed at our networks, and the willingness to deploy such capabilities when necessary, are critical to a meaningful deterrence," said Taylor.

FCW:

You Might Also Read:

White House To Step Up Cyber Counter-Offensive

UN Chief Urges Global Rules For Cyber Warfare

« Three Ways Facebook Could Clean Up Its Act
IoT Cybercrime Hotspot In Canada »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Rapid7

Rapid7

Rapid7 unites cloud risk management and threat detection to deliver results that secure your business and ensure you’re always ready for what comes next.

Komodo Consulting (KomodoSec)

Komodo Consulting (KomodoSec)

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

PizzlySoft

PizzlySoft

PizzlySoft is a global company that is seeking convergence of network and security / software and hardware. We put our value on creating the best security.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Althammer & Kill

Althammer & Kill

Althammer & Kill offers pragmatic solution concepts for data protection and digitization. We advise in the field of data protection, information security and compliance.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.