After years of talks about the need for public-private partnerships to strengthen U.S. cyber defenses, Russian aggression is testing them in real time, according to legal experts who spoke at the American Bar Asociation National Security Law CLE Conference: Emerging Critical Issues, sponsored by the ABA Standing Committee on Law and National Security.
The invasion of Ukraine by Russia has added urgency to difficult questions about the lines between national security and law enforcement, the relative roles of government and the private sector and strategies to improve the U.S. cybersecurity posture.
It boils down to “resilience, resilience, resilience,” said Robert Chesney, law professor and associate dean for academic affairs at the University of Texas School of Law. “I think we’ve made great strides in getting our defenses systematically leveled up,” especially since technology companies in the U.S. are mostly privately owned. “It’s obviously a difficult challenge but I do think we’re trending in the right direction.”
Because most of the actionable intelligence has been found by companies like Microsoft and Google, some tech company employees have attended secure briefings organized by the National Security Agency and United States Cyber Command, which is a good sign. “The tone between public and private is positive,” agreed panelist Sujit Raman, a partner at Sidley Austin LLP and a former associate deputy attorney general at the U.S. Department of Justice.
Some officials are braced for a cyberattack by Russia in retaliation for economic sanctions imposed by the United States and Europe, which means the U.S. could face an escalation of risk in real-time, Chesney said. “The Russians have proven they’re more than willing to do deeply destructive and wildly reckless things, including things that will spill out and harm others beyond their immediate targets.”
To counter this threat, he said the U.S. has empowered our cyber command forces to defend forward, which could mean operating inside their networks, and when necessary, take disruptive steps to head off or terminate those attacks. “Are we great at this yet? I don’t know, I’m on the outside,” Chesney said. “I do know that Congress has been building a legal architecture to prune away some of the legal ‘who has the authority’ type questions that stood in the way of these types of activities, and I guess I would say not a moment too soon.”
- Posted March 09, 2022
- Tweet This | Share on Facebook
U.S. must harden its cybersecurity defenses, experts say
headlines Oakland County
headlines National
- Judge accused in drive-by shootings has progressive brain disease, court filing says
- Despite lyrics mistake by AI, lawyer wasn’t ineffective for using tech in rapper’s case, federal judge says
- Former Littler lawyer drops California suit against firm, bringing end to departure dispute
- Last-minute election lawsuits may serve political goals, law prof says
- Criticizing plaintiff’s ‘chutzpah,’ federal judge holds lawyer jointly responsible for over $207K in legal fees
- Personal injury firm sues TD Bank after loss in fraud scheme