The Defense Department is several months behind its self-imposed deadline to establish a final version of its rules of engagement for cyber warfare mainly because the number of stakeholders involved make it a complex process, reports FCW, a sister publication of Defense Systems.
The rules were most recently expected in March, but the Office of the Secretary of Defense, the Joint Staff and appropriate combatant commands are still working on the issues, Lt. Col. April Cunningham, a DOD spokesperson, said in the story.
Any discussion of the plan’s details would be inappropriate because they are “pre-decisional,” and rules of engagement are typically classified and not for general release, Cunningham added.
DOD’s goal is to model the new rules of engagement on traditional laws of conflict, using similar legal and military structures, Jim Lewis, a senior fellow and cybersecurity expert at the Center for Strategic and International Studies, said in the story. Doing so would make it easier to integrate the plans into routine training and operations, Lewis said.
But this is problematic because cyber warfare also flouts some of the established norms for armed conflict, such as the concepts of proportionality, limited effect, not targeting civilian populations and the long-standing challenge of identifying perpetrators for retaliation, the story said.