Debate Slows New US Cyber Rules

Despite the ongoing concern about the escalating pace of cyber attacks, a new set of standing rules of engagement for cyber operations — policy guidelines that would specify how the Pentagon would respond to different types of cyber attacks — is being delayed by a debate over the role of the U.S. military in defending non-military networks, sources said.

The new policy, in the works for years and set to be completed in the next several months, according to Defense Department officials, is meant to update rules put in place in 2005. Those rules were of a limited scope, specifying a response to attacks against only military and government networks. This time, the department is looking for more latitude as it considers how to defend critical infrastructure and private corporations, with the division of responsibility between DoD and the Department of Homeland Security (DHS) contested. “This is a turf war,” said James Cartwright, the retired U.S. Marine Corps general who stepped down as vice chairman of the Joint Chiefs of Staff in August.