Biden’s Pick For Defense Policy Chief Outlines Cyber Deterrence Position

OceanFishing/iStock

Featured eBooks
Space Tech
Read Now

CDM

Read Now

Digital Transformation

Read Now
Mila Jasper By Mila Jasper

By Mila Jasper

|

In a contentious nomination hearing, Colin Kahl called for a whole-of-government approach to technology.

In between heated questions from Republican senators about tweets and arguments over the 2015 Iran nuclear deal, President Joe Biden’s pick for undersecretary of Defense for policy called for a layered approach to tackle growing threats in the cyber realm. 

Colin Kahl, who previously served as deputy assistant secretary of defense for the Middle East and national security adviser to Biden during the Obama administration, testified before the Senate Armed Services Committee Thursday regarding his nomination for the Pentagon’s top policy position. 

Throughout the hearing, Republican senators including Sen. Tom Cotton, R-Ark., who presented some of Kahl’s tweets on poster boards, attempted to paint Kahl as prohibitively partisan. Sen. Tim Kaine, D-Va., also said the continuous questions from senators on the Joint Comprehensive Plan of Action, which Kahl supports, is “a proxy for a sharp difference of opinion in this committee, in Congress about the wisdom of the JCPOA.” 

But peppered within these two high-profile lines of debate were questions about technology and cybersecurity in the wake of the SolarWinds incident, which Kahl called a reminder of the “vulnerability” that exists across the U.S. government. In his testimony, Kahl voiced support for the defend forward position articulated in the Defense Department’s 2018 cyber strategy as well as the work of the Cyberspace Solarium Commission. 

Kahl also said because the pandemic has forced so much activity online, he fears the potential attack surface has grown “substantially” over the last year, calling it an issue of foremost importance for the entire government necessitating a government-wide technological policy to keep the U.S. on the cutting edge. 

“We need a mix of deterrence by punishment—that is the ability to retaliate in cyberspace and other domains against those who attack us,” Kahl said. He later added this can include actions in cyberspace but also activities like sanctions and diplomatic isolation. “We have to be able to defend our networks. Almost as important we have to be able to quickly rebuild our networks so that that resilience itself is a deterrent against actors who think they can gain by taking those networks down, and we have to work with allies and like-minded states on norms and rules of the road around cyberspace so that malign actors pay real costs internationally, multilaterally when they engage in harmful activities.” 

In response to a question from Sen. Mark Kelly, D-Ariz., Kahl said the U.S. must also prioritize investments in other emerging technologies that will “determine the strategic competition for the rest of the century.” Kahl again emphasized the necessity of a whole-of-government approach. 

“We are in the process of the digitization of everything, right, we are literally seeing zeros and ones turned into living beings and beings turned into zeros and ones through things like synthetic biology,” Kahl said. “Quantum computing is going to revolutionize a whole array of issues with implications for national security, hypersonics, directed energy … so I think as we craft our national defense strategy, and then form a budget around that, we have to be prioritizing investments in these areas because we know that China is.” 

The nomination hearing came after a week of substantive hearings before SASC and other Congressional committees highlighted concerns that the U.S. lacks clear red lines in the cyber realm designating what kind of actions require what kind of response. The Cybersecurity and Infrastructure Security Agency on Wednesday also published an emergency directive ordering all federal agencies to track and capture data related to all on-premises Microsoft Exchange Servers and investigate whether they’ve been compromised or immediately disconnect such instances from their networks after Microsoft flagged vulnerabilities it believes are being exploited by a state-sponsored group originating in China. 

The Biden administration on Wednesday also provided more details showing where cyber fits into the administration’s national security viewpoints. The White House released Biden’s Interim National Security Strategic Guidance. The 24- page document includes “cyber and digital threats” among the “profound dangers” faced by the U.S. 

“As we bolster our scientific and technological base, we will make cybersecurity a top priority, strengthening our capability, readiness, and resilience in cyberspace,” the document reads. “We will elevate cybersecurity as an imperative across the government. We will work together to manage and share risk, and we will encourage collaboration between the private sector and the government at all levels in order to build a safe and secure online environment for all Americans.”

NEXT STORY: CISA Orders Immediate Action on Vulnerabilities in Microsoft Exchange Servers

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.