As often happens with difficult issues in America, by default, the Department of the Defense has become the U.S. government's lead agency on "cyber." There are good reasons for this.
The Pentagon is the best-resourced department in government with people and dollars. It fully recognizes the military dangers, as well as opportunities posed by cyber. And it can act decisively.
But military solutions rarely apply to society at large. And, so far, no precise definition of "cyber" nor a unified strategy and plan exists for relating cyber to this broader societal context. Indeed, when asked, most people regard cyber as part of the Internet and some form of computer "hacking" for illegal gain or simply sport.
This deferral of cyber to defense -- even with a White House cyber czar on the job -- can inadvertently provoke broader crises. The occupations of Iraq and Afghanistan that followed successful short-term military interventions are tragic textbook examples. Military solutions alone do not always work.
Only a "whole of government" approach could have established functioning governments once Saddam and the Taliban were deposed. But whole of government turned out to be an empty phrase as the necessary agencies were never provided the required resources. Nor did we possess sufficient knowledge and understanding of the societies we were attempting to rebuild in advance.
Now, Washington is coming perilously close to repeating these errors if it overly militarizes cyber. In the Pentagon, buzzwords can have theological impact. Cyber has been promoted to equal status with the other designated warfighting domains of sea, air, land and space. But these domains only define where and not how wars will be fought and not why cyber is so distinctive as to deserve this classification.
The overriding and critical question of whether cyber's importance has been distorted and exaggerated by this attachment to defense has been raised. It has not been answered. Nor has much use of history been made so far in analyzing cyber.
Unlike nuclear weapons, cyber is not relatively new. A century ago during World War I, cyber was not expressed in zeroes and ones. But it still monopolized the electronic and visual spectrum.
Underwater telegraph cables, the only means of rapid international communications, were targets for destruction or interruption as well as for disinformation. Code breaking was extensive. Data was manipulated as part of economic warfare to mislead the enemy and do real financial damage. Less well-known was the extensive use of camouflage to deceive visual reconnaissance in the most used portion of the electronic spectrum. And propaganda relied on the precursors to today's information revolution for transmission.
Of course there were no real computers, smartphones, iPads or Internet then. Systems were largely manually and rarely electrically connected. Telephone exchanges were the command and control headquarters. The difference is that today, driven by globalization and the information revolution, cyber is now integral and essential to human endeavors.
Cyber clearly involves and affects far more than the relatively small slice covered by defense. The departments of Justice, Commerce, Treasury, State, Health and Human Services, Homeland Security, Transportation and Energy are critical. After all, each has broader duties regarding cyber than does defense if protecting the most basic services for the functioning of the nation, including finance, healthcare, transportation and law enforcement is mission critical. So if cyber is that important, if not a Department of Cyber, what then?
First, no single theory or rules-based system has been created to define and cover cyber writ large. Second, by default, cyber has been largely left to the military (and related intelligence services) and the private sector because both have the lion's share of resources. And third, the U.S. government simply is unable so far to rationalize and integrate all the other, stove-piped cyber efforts occurring inside it.
As nuclear weapons provoked a theory of deterrence, cyber needs a similar intellectual discipline. For example, when is a cyber attack an act of war? No one knows for certain. And above all, this effort must be comprehensive to cover all of society and not just defense and national security.
A useful analogy is the global financial system. Money has many of the same characteristics as cyber: it is ubiquitous; essential to society; highly accessible to crime and manipulation; and influencing every demographic and sector of humanity. Why not then create a theory for cyber using the global financial system as a model?
And make sure that in this process, overly militarizing cyber does not repeat failures in Iraq and Afghanistan that relied excessively on military solutions.
Harlan Ullman is UPI's Arnaud de Borchgrave Distinguished Columnist and serves as senior adviser at the Atlantic Council and at Business Executives for National Security and chairs two private companies. His latest book is "A Handful of Bullets: How the Murder of Archduke Franz Ferdinand Still Menaces the Peace."
