[ISN] Report: U.S. needs clear policy on cyberattacks

From: InfoSec News <alerts_at_private>
Date: Thu, 30 Apr 2009 10:39:07 -0500 (CDT)

By Ben Bain
April 29, 2009

The United States. policy and legal framework regarding launching 
cyberattacks is "ill-informed, undeveloped and highly uncertain" and the 
country needs a public national policy in that area that applies to 
sectors of government, according to a report released today by the 
National Research Council.

The report, from the council's Committee on Offensive Information 
Warfare, said cyberattack capabilities greatly expand policymakers. 
options and that an open discussion about the country's cyberattack 
policy was needed. The group said much of the public policy debate has 
focused on cyber defenses.

"We are of the opinion that the policy issues related to cyberattack are 
important enough to the nation to warrant serious public discussion - 
and I emphasize public discussion - about its significance and place in 
the U.S. policy toolkit," Kenneth Dam, a co-chairman of the committee 
and a professor at the University of Chicago law school, said at a news 

The group also recommended that the government maintain and acquire 
effective cyberattack capabilities and conduct high-level wargaming 
exercises to understand the dynamics and potential consequences of cyber 
conflict. The government should also support academic research on the 
topic, the committee said. 


LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Thu Apr 30 2009 - 08:39:07 PDT

This archive was generated by hypermail 2.2.0 : Thu Apr 30 2009 - 08:46:13 PDT