Trump sends cyberwar strategy to Congress
President Donald Trump has sent a cyberwarfare policy to Congress that should outline how the administration will tackle some of the field’s most vexing issues – including launching hacking operations and deterring adversaries.
Trump enclosed the document, which was not made public, in a letter Thursday to the House and Senate committees that oversee the departments of Defense, Homeland Security, Justice, and State.
The fiscal 2018 National Defense Authorization Act tasked the White House with developing a “multi-prong” cybersecurity policy covering defensive and offensive operations. The policy should include measures to defend against “cyber activities that are carried out against infrastructure critical to the political integrity, economic security, and national security of the United States,” the NDAA states.
The White House policy is one of several new cybersecurity measures mandated by the NDAA, including a requirement that the Pentagon more closely communicate with Congress on sensitive, military-led cyber-operations.
The new strategy comes as a power struggle is taking place in the White House with big implications for cybersecurity policy. Following the recent appointment of national security adviser John Bolton, White House Cybersecurity Coordinator Rob Joyce announced he is stepping down while a young NSC official, Joshua Steinman, has privately disparaged Joyce and lobbied for a promotion, CyberScoop reported Thursday.
The Department of Homeland Security is readying its own strategy for making U.S. critical infrastructure more secure from hacking. The DHS document will serve as a framework for how federal, state and local agencies, as well as operators of critical infrastructure, can benefit from the department’s cybersecurity support.
Dating back to the Obama administration, lawmakers have complained regularly about a lack of a comprehensive U.S. government strategy for cyberspace.
Former National Security Agency director Keith Alexander told a House committee last week that the U.S. military still lacks clear “rules of engagement” on when to carry out hacking operations to counter an adversary.