President Obama signed a classified directive that authorizes the military to act far more aggressively towards cyber-attacks on government and private networks in mid-October.
In describing the function of the Presidential Policy Directive 20, a senior administration official said, “What it does, really for the first time, is it explicitly talks about how we will use cyber-operations. Network defense is what you’re doing inside your own networks. Cyber-operations is stuff outside that space, and recognizing that you could be doing that for what might be called defensive purposes.”
This policy, which is considered to be an update to a presidential directive in 2004, is a comprehensive effort by the Obama administration to deal with cyber-threats, and which has overtaken terrorism as the most significant form of danger to the country.
For the first time, this directive makes a clear distinction between cyber-operation and network defense so as to help officials make quick decision when faced with one of these threats. Also, a process has been put in place in order to carefully examine operations that occur outside defense and government networks, follow international laws while also ensuring the protection of data of US citizens and their foreign allies.
The policy also clearly defines what an ‘offensive’ and ‘defensive’ action entails in regard to the rapidly changing world of cyber-terrorism and cyberwar.
Experts have welcomed this directive as the government securing itself against ‘destructive scenarios’ that can possibly occur as the United States will not be a bystander to such attacks in the future.
Finally, this directive has also been able to decide which government agencies will be able to what action in cyberspace as well as up to which levels of permission.