The Pentagon is still writing rules for combating cyberattacks, even though U.S. Cyber Command has been operating for more than a year, defense officials said Tuesday.
“The [Pentagon] is working on standing rules of engagement which will give us the authority” to respond to attacks on vital computer networks, Air Force Gen. Keith Alexander, commander of Cyber Command, told a House hearing.
Madelyn Creedon, assistant secretary of defense for global strategic affairs, added that the work should be completed “in a couple of months.”
“We have been working on this a long time,” she told the House Armed Services subcommittee on emerging threats and capabilities.
Both testified alongside Teresa Takai, the Pentagon’s chief information officer, about the department’s $37 billion information technology budget request for 2013.
Cybercom was set up in May 2010, and became fully operational in October 2010.
Some lawmakers suggested it is unready to act at the speed required to thwart cyberattacks, which traverse the Internet at the speed of light.
Gen. Alexander insisted that the military is “fully integrated” with the FBI and the Department of Homeland Security, the two domestic agencies with which it shares responsibility for detecting and responding to cyberattacks.
Asked whether he could respond against a cyberattack before it reached the United States, as the military would with a missile or air attack, Gen. Alexander replied, “What I’m pushing for is to have those [authorities in the rules of engagement] so that we can protect and prevent” as well as respond.