Sometimes the most significant legislative measures get the least attention at the time of passage. That may be the case with the Cyberspace Solarium Commission mentioned in the National Defense Authorization Act that was passed on June 18 by the U.S. Senate. Tucked into the bill crafted and sponsored by Sen. Ben Sasse (R-Neb.), the commission may not garner many headlines, but it could galvanize a strategic paradigm shift.
If the idea survives the House-Senate conference process and gets signed into law — and we very much hope it does — it could lead to the creation of the institutions, doctrines, resources, and strategy that the United States needs desperately in the realm of cybersecurity. As New York Times national security correspondent David Sanger argued in a recent essay, the United States is woefully unprepared for the age of cyberconflict.
… If properly led and implemented, the Sasse proposal for a Cybersecurity Solarium Commission could make a similarly timely and consequential contribution to national security. The NDAA provision self-consciously draws inspiration from President Dwight D. Eisenhower’s iconic Project Solarium exercise in 1953.
… Today, it seems like everyone is using cyberweapons, but not enough policymakers are thinking about them.
To be sure, there is a fair degree of strategic analysis and thinking in academia, in think tanks, and in the relevant Cabinet departments and agencies. But this thinking has not accumulated into definable strategies that have buy-in from the White House or that have aligned roles and responsibilities across department and agency lines.
… Neither the Obama nor the Trump administration has gone so far down the decision path, and so this commission may prove to be an enabling and action-forcing exercise, as Congress reasserts its Article 1 constitutional responsibility to “provide for the common defense.”
The United States cannot afford to wait. It is already clear that U.S. adversaries are willing to stage attacks in the cyber domain and believe they can do so with impunity: Witness Russia’s successful deterrence of the Obama administration from retaliating in 2016.
Advanced cyber capabilities and a willingness to run risks to use them are the common features of every major national security challenge facing the United States today, whether it is Iran, North Korea, Russia, or China. As a result, cyberthreats cast a long shadow over the full range of national security and foreign-policy issues, including trade, regional conflict, terrorism, and new great power rivalries.
Americans struggled to understand the nuclear threat from the Soviet Union. In an effort to overcome bureaucratic stovepipes and to catalyze fresh thinking, Eisenhower convened the Solarium exercise to help him assess and respond to an unprecedented national security challenge. With this new provision in the Senate version of the fiscal 2019 NDAA, Sasse has given the U.S. government the opportunity to make a similar landmark assessment and response.
(Via Foreign Policy)
Peter Feaver’s and Will Inboden’s article is an eye opener for me. I totally missed this somehow when I was learning about the NDAA. Based on recent actions in the Executive Branch of the US government, this looks like reasonable and better-late-than-never action by the Legislature. That is assuming it makes it makes it in to the final NDAA language, of course.
Read the whole article for the historical parallels and context.
What do you think?