Recent Events May Provide Opportunity for U.S. to Explore ‘Defend Forward’ Cyber Strategy Against Iran

Recent U.S.-Iran engagements may be an opportunity for the U.S. personnel to explore the ‘defend forward’ strategy that involves carrying out cyber operations in non-U.S. networks, Fifth Domain reported Thursday.

On Jan. 2, the U.S. conducted a drone strike against Iran and Iran fired missiles on Jan. 7 against an Iraq military base that stationed American service members. Security specialists believe that Iran may execute cyber attacks in the future.

“This Iran situation today is a big test of the ‘defend forward’ approach of this administration,” said James Miller, senior fellow at Johns Hopkins Applied Physics Laboratory and former undersecretary of defense for policy.

“Will [Cyber Command] take preventative action? Will they do it in a way that our allies and partners support and that can be explained to the public?”

A document released by the Cybersecurity and Infrastructure Security Agency stated that Iran and its proxies “history of leveraging cyber and physical tactics” such as disruptive cyber operations, disinformation and espionage.

Section 1642 of the National Defense Authorization Act for fiscal year 2019 states that if certain countries, Iran included, named in the bill are conducting a cyberspace campaign against the U.S., then the United States Cyber Command may be authorized “to take appropriate and proportional action in foreign cyberspace.”

You may also be interested in...

Maria Roat

Maria Roat on Federal CIO Council’s Data-Sharing Priorities

Maria Roat, deputy federal chief information officer and a 2020 Wash100 Award recipient, has said the Federal CIO Council seeks to make investments in identity and access management as well as data-sharing protocol updates. Roat said that the council seeks to improve data-sharing across systems that handle large volumes of critical information such as the Department of Health and Human Services’ HHS Protect.