Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Part II Mission and Institutional Perspectives Part II contains three different mission perspectives. Chapter 3 addresses military perspectives on cyberattack, largely from the point of view of the Department of Defense. Chapter 4 addresses intelligence perspectives on cyberattack (for conducting covert action) and cyberex- ploitation (for obtaining information). Chapter 5 addresses federal law enforcement perspectives on cyberattack and cyberexploitation and con- siders how the private sector might view cyberattack as an element of its defensive posture. These chapters depict in outline form how various institutions both inside and outside government have conceptualized or may in the future conceptualize the use of cyberattack and cyberexploita- tion technologies. Regrettably, the picture that emerges from these chapters is frag- mented and incompleteâlargely because national policy with respect to cyberattack is fragmented and incomplete. The secrecy that surrounds policy in this area has further worsened the coherence of the overall picture. On the other hand, it is often true that with a new and easily available technology (the technology of cyber offensive actions), interests among a variety of different institutional actors in using this technology have arisen from the bottom upâfrom those with operational missions. In the early stages of technology adoption, some actors consider how the technology of cyber offensive actions might support or better enable the performance of their traditional missionsâand others ignore it. The bottom-up nature of technology adoption in such cases inevitably leads to adoptions at different rates and for relatively parochial purposes, and 159
160 Technology, Policy, Law, And Ethics Of U.s. Cyberattack CapabiliTIES so the fragmentation of policy and organization today is not entirely surprising. Nevertheless, the committee believes there is value in setting forth a notional view of how these institutions might conceptualize the uses of cyberattack, the associated decision-making structures, and the infra- structure needed to support the use of cyberattack as an instrument in their toolkits. If nothing else, the availability of a notional view provides a framework against which to react and within which to pose questions about what might be missing. These comments should be kept in mind as these chapters are read. Part II also contains Chapter 6, a description of decision-making and oversight mechanisms in both the executive and the legislative branches that are relevant for cyberattack. Considering these mechanisms from a top-down perspective is intended to provide some points of reference that can help to identify what is missing from the picture painted by Chapters 3, 4, and 5.