Professional Documents
Culture Documents
Afp Notes
Afp Notes
d. The military role (Pros and Cons) & cyber command structure, rules of
engagement in peace time
National priorities
Presidential adviser
The Protocol is intended to ‘extend the rule of law further into cyberspace, protect internet
users, and help provide justice for those who become victims of crime. a imed at
enhancing co-operation and disclosure of a
When setting up an NCA, countries can consider design choices, such as:
Should the agency reside within a defense and intelligence entity or within a civilian
body?
What level in the government does the agency report to?
What is the scope of the agency’s control and oversight (for example, does it focus
only on critical infrastructure or also on citizens and small and midsize businesses)?
PDP – Peace and Security; Ensuring Security, Public Order, and Safety
Hybrid warfare can involve attempts to influence the adversary’s society through
legal means such as purchasing news agencies and strategic infrastructure, as well
as through illegal spreading of mistrust such as undermining free and fair
elections (Comelec expands call on military involvement).
NCSP 2028
- Vis-à-vis Cybercrime
- Vis-à-vis NSP 2022
- New, change or enhancing NCSP 2022? Presidential EO to create NCSP
2028
- Implementation through IRR, Cybersecurity Protocols, EO, legislative Agenda
SC/14563
29 JUNE 2021
EOs
Frequency communication – AFP
What this all means, of course, is that governments all over the world face
major decisions about how they use their military in the course of building
their national cybersecurity strategies. Considerations will need to
include:
Given all the variables, how involved should the military be in national
cybersecurity?
Given the factors in play, how should governments balance their
cybersecurity investments across the military, law enforcement and the
private sector?
How, if at all, should the military be used to support the private sector?
How can diplomatic initiatives reduce the need for the military to be used
in domestic cybersecurity?
How can government act to avoid international disputes over cyber issues
(e.g. responses to Edward Snowden’s revelations about the activities of the
U.S. National Security Agency) that undermine cooperation on
cybersecurity?
The ADMM Cybersecurity and Information Centre of Excellence (ACICE) was proposed by Singapore
and approved by the 15th ADMM in Jun 2021, to enhance regional cooperation among ASEAN
defence establishments in the cybersecurity and information domains. Given our increasing reliance
on digital and information technologies, the defence sectoral is well-positioned to contribute to
efforts to tackle these common security challenges. The key objectives of the ACICE are to: (a)
function as a node for confidence-building measures, information-sharing and capacity building
among regional militaries; (b) enhance regional cooperation and information sharing, focusing on
cyber security, disinformation and misinformation threats including through the dissemination of
regular and timely reports; and (c) work with international experts to improve collective resilience
against common security threats. The ACICE will host the defence sectoral’s first Malware
Information Sharing Platform, for regional militaries to share unclassified malware information. The
ACICE will also work with the ASCCE to offer training courses to defence sectoral personnel where
relevant.
The Principal Cyber Advisor advises the SECDEF and DSD on cyber related activities that
support or enable DOD's missions in, through, and from cyberspace, in coordination with the
appropriate PSAs. The PCA leads a Department-level cross functional team that coordinates
and oversees implementation of the DoD Cyber Strategy; assesses cyber programming and
budgeting issues, making recommendation through the Program Budget Review process;
informs Department-level cyber-related budgeting and acquisition processes and forums;
and initiates projects to strengthen DoD's approach to cyber activities and missions. The
PCA does not have operational responsibilities for DoD operations and is not in the
operational chain of command.
Central to the question of the role of the military in “defending the nation”
against cyber threats is what else governments can do. Traditionally, the
other institution that provides security is law enforcement. Police and other
law enforcement agencies are often constrained by the laws under which
they operate and the challenges of developing cases that lead to successful
prosecutions. However, in recent years innovative agreements such as the
European Council’s 2001 Convention on Cybercrime (now with 50
signatories across every continent) have made it harder for cyber criminals
to avoid justice by basing themselves outside the country they are stealing
from. Meanwhile, law enforcement like the U.S.’s Federal Bureau of
Investigation are working with international colleagues and major
companies like Microsoft to disrupt the very worst criminals (such as the
takedown earlier this year of the Citadel network botnet used to steal over
$500 million from bank accounts).
What this all means, of course, is that governments all over the world face
major decisions about how they use their military in the course of building
their national cybersecurity strategies. Considerations will need to
include:
Given all the variables, how involved should the military be in national
cybersecurity?
Given the factors in play, how should governments balance their
cybersecurity investments across the military, law enforcement and the
private sector?
How, if at all, should the military be used to support the private sector?
How can government act to avoid international disputes over cyber issues
(e.g. responses to Edward Snowden’s revelations about the activities of the
U.S. National Security Agency) that undermine cooperation on
cybersecurity?
Supporters of the Paris Call are therefore committed to working together to:
Protect critical individuals and infrastructures from malicious cyber activities;
Protect the availability and integrity of the Internet;
Prevent interference aimed at undermining electoral processes;
Defend intellectual property from cyber threats;
Prevent the proliferation of malicious software and practices;
Strengthen the security of digital products and processes;
Improve cyber hygiene for all;
Prevent non-state actors, including the private sector, from hacking-back;
Strengthen international norms of responsible behaviour and confidence-
building measures.
The plan was developed to provide relevant information and steps or
tasks to be performed at the national level on procedures for
detection, response, communication and coordination in the event of
cyberattack for protection of the Critical National Information
Infrastructure (CNII) in critical domains namely; defence and security;
banking and finance; information and communications; energy;
transportation; water; health; government services; emergency
services; and food and agriculture against cyber threats.