US 'approach to defending our country in cyberspace ... is broken'

I have so many thoughts on this topic that I can't/won't discuss here.

The biggest problem unfortunately in cyberspace is the interpretation and even the application of the law. Regardless of the fact that private ISPs create the transport infrastructure of the Internet, I still say it is public domain, fully susceptible to observation and a certain amount of regulation by the appropriate government agency. But the law also affects who responds to what and how. The military has limits, the intelligence community has limits, and law enforcement has limits, all within a domain that in many ways, has no easily discernible logical boundaries. We need a way to look at this differently, and/or treat it differently. If we don't find a way to bridge the legal gap between the government's role to protect this nation and private ownership of a national infrastructure, I'm afraid the government will eventually be compelled to take complete ownership after a cyber version of a Pearl Harbor or 9/11.

Gen Alexander is correct, but he also noted many of the new capabilities coming our way. Cyber Protection Teams are still in their infancy and trying to get their hands around the scope of the problem. While they are maturing, I fully believe this will eventually this will lead to improved ways of chipping away at the enemy's capabilities. We've come a long way in the 23+ years I've served in cyber operations. I recall a time when much less sophisticated hackers could cause significant harm to DoD networks then they can now.

Finally, the answer for cyber defense might come from adding laws which enable the best from each of the agencies and the private sector to form a separate agency, which is not defined simply as military, intelligence, or law enforcement. One that does not fit the nomenclature specified by the Constitution when it comes to defending the US infrastructure. This isn't to say there shouldn't be limits, but they need to be different than those which define the world outside cyberspace. Who knows?

MSgt John Flaherty
Who is the owner, first responder in the cyberspace arena - Wow, we can argue that for months and no action will be taken. That is the critical issue, who defines the actions to be taken and what right looks like.
My head hurts even trying to get in to frame up the questions with all the Commands involved and the minimum clearances required to have the right conversations.