ON-Lion Letter

"The global cyber threat landscape is expanding exponentially, challenging national security officials and corporate executives in the United States and around the world to adapt to more sophisticated and diverse attack methods at the rapidly bending curve of technological change," begin Michael Chertoff and Frank Cilluffo in their chapter of the John Hay Initiative's (JHI's) new book, Choosing to Lead:  American Foreign Policy for a Disordered World

Chertoff was U.S. Secretary of Homeland Security under President George W. Bush.  A former federal appellate-court judge and U.S. prosecutor, he now co-founded and is executive chairman of The Chertoff Group.  Cilluffo is an associate vice president at The George Washington University, where he directs its Center for Cyber & Homeland Security.

"Recently we have witnessed an uptick in major cyber attacks against American interests both public and private.  Although this has led the current Administration to take strides to improve our cyber security posture, much remains to be done in terms of developing cyber policies that are bold and advanced enough to reliably disarm and deter malicious actors," according to Chertoff and Cilluffo in "A Strategy of Cyber Deterrence."

"America does not enjoy the luxury of time in confronting this issue," they write.  "Instead, commitment and urgency are key factors in the race to propel American cyber capabilities ahead of those of its adversaries, and to assume a role of leadership and superiority in this new realm of defense strategy.

"The next President needs to mandate a strategy that addresses three key areas of questions," Chertoff and Ciffullo conclude.

First, "What structures are needed to further promote true international cooperation in investigating and prosecuting organized cyber fraud activity, including action against financial and other online enablers of criminality?  How does the U.S. government deal with nations that provide safe haven for criminal hackers?

Second, "In what circumstances will economic sanctions be imposed on individuals or even nations engaged in cyber espionage?  Where intellectual property is stolen, how will the U.S. government use trade rules or even civil liability rules against those who steal or benefit from the stolen property?

And third, "What is the threshold of destructive attacks beyond which the U.S. would treat them as an act of war?  Under what circumstances would the U.S. government use kinetic force against a destructive attacker?  Under what circumstances and with what degree of supervision would the government license private actors, extending 21st-century letters of marque, in essence -- to engage in active defense against a cyber attacker?"

The Lynde and Harry Bradley Foundation in Milwaukee substantially supports JHI's Choosing to Lead project.

Actions: E-mail | Permalink |