Defensive Information Operations - An Interagency Process

Abstract

Abstract : The United States military has long held the mission of protecting this country against foreign attack. One of the biggest threats facing the United States in the 21st century, however, is of a far different nature than that of a conventional armed attack. A cyber attack zeroing in on critical information or on the information systems which support critical national infrastructures could be launched from any corner of the globe, by a variety of potential state and non-state actors, and could be directed against military or civilian targets. Due to the quantity, complexity, and diverse ownership of this country's information systems and critical infrastructures, no single governmental or private agency can single-handedly provide an adequate defense. As a result, the nation's information and infrastructure protection effort requires governmental interagency and private sector cooperation. The Department of Defense, as a key player in the interagency effort, must rapidly respond to information attacks in coordination with a host of government departments and agencies, including the Departments of Commerce, Justice and State. It must be prepared to defend its own information and infrastructure; to support other government agencies in their defense, enforcement, and consequence management functions; and to counterattack with information operations weapons. This paper discusses the nature and level of the cyber threat and DoD's roles in countering it in an interagency environment. The paper also looks at the legal issues DoD must consider in planning and executing its information defense mission. It examines the current arrangement for protection of the nation's infrastructure and suggests there are organizational issues impeding the speed and effectiveness of the country's defense that must be addressed.