State to gain more ability to monitor DOD cyber ops under White House agreement
The Biden administration has forged a new agreement under which the State Department will have more ability to weigh in on certain kinds of cyber operations, according to two sources familiar with the discussions between the White House and the agencies.
The sources said the negotiating parties reached consensus on a policy that gives the State Department greater ability to monitor and weigh in on “third-party notifications,” defined as whether and how the U.S. government alerts countries if it plans to enter their cyberspace to interrupt adversaries’ cyber operations.
Because the president has not yet signed the agreement the situation remains fluid, but the sources said both the Defense and State departments feel they won important pieces of the fight. The sources were unwilling to discuss additional details about the substance of the agreement.
A spokesperson for the National Security Council, which is leading the negotiation process, declined to comment.
CyberScoop reported in March that the White House had initiated an “interagency review process” meant to pare back the unprecedented authorities to launch and manage cyber operations that the Trump administration gave the DOD under National Security Presidential Memorandum-13.
NSPM-13, which became policy in 2018, allowed the delegation of “well-defined authorities to the secretary of defense to conduct time-sensitive military operations in cyberspace,” according to a 2020 speech given by Paul Ney, then the general counsel for the DOD.
In a potential third-party notification scenario, the U.S. might need to take out a Russian server that is wreaking havoc and is physically located in a separate, uninvolved and often unaware country. The State Department and the Defense Department had been at odds since NSPM-13’s advent because State wanted to have more say than the Defense Department is currently soliciting when determining whether and how often to let other countries know about cyber operations happening within their borders.
DOD officials and those sympathetic to DOD — including several lawmakers — have recently asserted that substantial changes to the authorities that NSPM-13 gave to DOD would significantly hamper operational speed and agility while also potentially compromising operational security. National Security Agency Director and U.S. Cyber Command leader Gen. Paul Nakasone warned Congress last month that “significant changes to that NSPM, it could affect what we need to do.”
Third-party notifications are particularly fraught for a Defense Department now accustomed to running cyber operations without having to consult the State Department and White House beyond the pro forma briefing provided at the outset of a given operation.
“If you embed pieces into the process that require case-by-case determinations at the NSC level, you’re basically undermining the objective of delegation.”
gary corn, former cyber command general counsel
DOD alumni say the White House review of NSPM-13 is troubling…
Read More: State to gain more ability to monitor DOD cyber ops under White House agreement