At a glance.
- Resilience as a US Department of Defense goal.
- India restricts more Chinese-produced apps.
- US space cybersecurity policy.
US Defense official recommends resilience.
US Deputy Assistant Secretary of Defense for Cyber Policy Thomas Wingfield commented at a recent speaking engagement that the odds of a destabilizing cyberattack are increasing despite the Department’s best efforts, according to the US Department of Defense. Resilience, defined as “the ability to anticipate, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises,” is the answer. Organizations need to shift their sights from cybersecurity to cyber resilience, or, rather, build cyber resilience “on top of cybersecurity,” with the goal of mission assurance. Wingfield called for tech-savvy leaders, well-trained subordinates, and interagency cooperation, saying a “strong cyber immune system” is a team effort.
India ejects additional Chinese apps.
TechCrunch reports that New Delhi, home of the second biggest online economy, has now banned two-hundred-eighteen Beijing apps, having added forty-three to the list this week. The country referenced concerns about sovereignty and security, and information from the Indian Cyber Crime Coordination Center, in the decision. Newly banned apps include Snack Video, AliExpress, and Lalamove. No Chinese apps appear to remain in India’s top five-hundred most-used list. Apps PUBG Mobile and TikTok are trying to re-earn their welcome, but tensions linger over the nations’ summer conflict in the Himalayas.
Implications of US space cybersecurity policy.
An essay in Lawfare argues the emphasis on cybersecurity in the US’ September Space Policy Directive (SPD-5), coupled with the nation’s defend forward posture, could bring the policy into conflict with international laws preserving the use of space for peacekeeping. The defend forward stance, first spelled out two years ago by the Defense Department, requires cyberweapons development and proactive engagement with rivals.
International laws and norms, on the other hand, stress national sovereignty and nonintervention (although cyber applications are generally “murky.”) The Outer Space Treaty of 1967, for example, seeks to protect the “interests of all countries” and preclude space’s militarization, underscoring “international co-operation” and mandating discussion about “potentially…harmful interference.”
Attacks on satellites in 2014 and 2017 impressed the need for space cybersecurity standards. SPD-5 instructs space, intelligence, defense, science, communications, transportation, and commerce leaders to enact its directives via regulatory guidance and establish best practices through public-private partnerships “consistent with applicable law.” The US has not specified how the defend forward doctrine would apply to space, but incursions into enemy or third-party territory without international consultation would seem to fall foul of the Space Treaty.
Private sector space initiatives present additional complications. While the Government has been hesitant to intervene in companies’ terrestrial operations, in space, the country bears accountability for commercial enterprises’ actions, which could blur previously respected lines between intelligence gathering and corporate espionage.