US Senator Calls For New Cyber Doctrine

US Sen. Mark Warner (pictured) has called for a new US cyber doctrine designed to combat modern threats from hackers and disinformation campaigns. Warner serves as vice chair of the Senate Intelligence Committe.

Government, tech companies, social media platforms and other stakeholders must collaborate on a "whole of society effort" to counter malicious campaigns from China, Russia and other countries, which have developed military strategies around shaping information in the digital space. 

"Despite a flurry of strategy documents from the White House and DOD, the federal government is still not sufficiently organised or resourced to tackle this hybrid threat," said Warner.

Warner criticised President Donald Trump to task for not using his office to mobilise a broader response, and for eliminating important government positions, like the White House and State Department cyber coordinator posts. 

Warner said the US must be at the forefront of shaping international norms that govern nation state behavior in cyberspace and set the table for acceptable use of offensive operations.

Warner called for a comprehensive and coordinated strategy to counter foreign-directed mis-information operations, particularly on social media. 

He called out Facebook, Twitter, Reddit, Google-owned YouTube and Tumblr as companies who "aren't doing nearly enough to prevent their platforms from becoming petri dishes for disinformation and propaganda." 

Warner said these companies must improve the way they detect and minimise propaganda on their platforms, alert users when they're interacting with bots and improve transparency around data collection procedures and warned that regulation could be in the offing. 

"At some point if they don't work with us, Congress will have to act on its own," said Warner. "One thing is clear: The Wild West days of social media are coming to an end."

Renee DiResta, a disinformation researcher, refers to this status quo in a November 2018 research paper as one of "continuous partial conflict" between nations that falls somewhere between a cold war and a hot one. 

DiResta argues that only social media platforms are positioned to regulate the problem in the short term, and only if they recognise their own responsibility. 

Many US government agencies are legally and politically constrained from policing disinformation without running afoul of Constitution limits, since it is often difficult to tease out from many campaigns where foreign influence ends and domestic free speech begins.

Robert Taylor, former Principal Deputy General Counsel and Acting General Counsel for the Department of Defense under the Obama administration, told FCW that the Trump administration's cyber strategy lacked a meaningful component around combatting misinformation that outlines responsibility for the private sector while balancing relevant constitutional concerns around free speech and free enterprise. 

However, he disagreed with Warner's suggestion that establishing norms in cyberspace should precede the use of offensive cyber tools, arguing that a willingness to conduct such operations is an essential component of current deterrence strategies. 

"Offensive cyber capabilities and the ability to act outside our own networks to disable offensive capabilities directed at our networks, and the willingness to deploy such capabilities when necessary, are critical to a meaningful deterrence," said Taylor.

FCW:

You Might Also Read:

White House To Step Up Cyber Counter-Offensive

UN Chief Urges Global Rules For Cyber Warfare

« Three Ways Facebook Could Clean Up Its Act
IoT Cybercrime Hotspot In Canada »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clearpath Solutions Group

Clearpath Solutions Group

Clearpath Solutions Group expertise covers virtualization and data storage technologies, networking, security and cloud computing.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

SolarWinds

SolarWinds

SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

Cyber Observer

Cyber Observer

Cyber Observer’s team specializes in providing corporate officers with comprehensive, visual, real-time performance overview, critical security control (CSC) analysis.

HorizonIQ

HorizonIQ

HorizonIQ (formerly Internap Corp / INAP) maximizes efficiency and innovation with flexible infrastructure solutions.

PureCyber

PureCyber

PureCyber (formerly Wolfberry Cyber) is an award-winning cyber security consultancy whose goal it is to make cyber security accessible, understandable, and affordable for any organisation.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

Calypso AI

Calypso AI

Calypso AI build software products that solve complex AI risks for national security and highly-regulated industries.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.