US Senator Calls For New Cyber Doctrine

US Sen. Mark Warner (pictured) has called for a new US cyber doctrine designed to combat modern threats from hackers and disinformation campaigns. Warner serves as vice chair of the Senate Intelligence Committe.

Government, tech companies, social media platforms and other stakeholders must collaborate on a "whole of society effort" to counter malicious campaigns from China, Russia and other countries, which have developed military strategies around shaping information in the digital space. 

"Despite a flurry of strategy documents from the White House and DOD, the federal government is still not sufficiently organised or resourced to tackle this hybrid threat," said Warner.

Warner criticised President Donald Trump to task for not using his office to mobilise a broader response, and for eliminating important government positions, like the White House and State Department cyber coordinator posts. 

Warner said the US must be at the forefront of shaping international norms that govern nation state behavior in cyberspace and set the table for acceptable use of offensive operations.

Warner called for a comprehensive and coordinated strategy to counter foreign-directed mis-information operations, particularly on social media. 

He called out Facebook, Twitter, Reddit, Google-owned YouTube and Tumblr as companies who "aren't doing nearly enough to prevent their platforms from becoming petri dishes for disinformation and propaganda." 

Warner said these companies must improve the way they detect and minimise propaganda on their platforms, alert users when they're interacting with bots and improve transparency around data collection procedures and warned that regulation could be in the offing. 

"At some point if they don't work with us, Congress will have to act on its own," said Warner. "One thing is clear: The Wild West days of social media are coming to an end."

Renee DiResta, a disinformation researcher, refers to this status quo in a November 2018 research paper as one of "continuous partial conflict" between nations that falls somewhere between a cold war and a hot one. 

DiResta argues that only social media platforms are positioned to regulate the problem in the short term, and only if they recognise their own responsibility. 

Many US government agencies are legally and politically constrained from policing disinformation without running afoul of Constitution limits, since it is often difficult to tease out from many campaigns where foreign influence ends and domestic free speech begins.

Robert Taylor, former Principal Deputy General Counsel and Acting General Counsel for the Department of Defense under the Obama administration, told FCW that the Trump administration's cyber strategy lacked a meaningful component around combatting misinformation that outlines responsibility for the private sector while balancing relevant constitutional concerns around free speech and free enterprise. 

However, he disagreed with Warner's suggestion that establishing norms in cyberspace should precede the use of offensive cyber tools, arguing that a willingness to conduct such operations is an essential component of current deterrence strategies. 

"Offensive cyber capabilities and the ability to act outside our own networks to disable offensive capabilities directed at our networks, and the willingness to deploy such capabilities when necessary, are critical to a meaningful deterrence," said Taylor.

FCW:

You Might Also Read:

White House To Step Up Cyber Counter-Offensive

UN Chief Urges Global Rules For Cyber Warfare

« Three Ways Facebook Could Clean Up Its Act
IoT Cybercrime Hotspot In Canada »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

TatvaSoft

TatvaSoft

TatvaSoft is a custom software development company delivering business IT solutions and related services to customers across the globe.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.