Cyber defense
Download 2.54 Mb. View original pdf
|
- Navigate this page:
- Financial service
- Legal service
| CIBERDEFENSA ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR 54 Analysis and lessons learned 326. The analysis and lessons learned capability is based on the implementation of a systematic process in order to consider, document, analyze and value the experiences gained in past projects, activities and situations that must be actively taken into account in similar future projects, activities and situations by the same or new actors. 327. This capability, often neglected, is critical for the cyber force given the budding maturity level of the cyberspace domain of operations. The lack of experience and knowledge will prompt the cyber force, not infrequently, to make baseless decisions, which could lead to erroneous, inappropriate or ineffective results. These should be avoided or modified in similar future situations, or contrariwise, in optimal results that must be included in similar future situations. 328. This capability must be especially supported by the knowledge management capability it must feed the processes of formulation of the cyber defense doctrine and it must serve the cyber force commander in assessing the effectiveness of the organization, means and procedures implemented and alignment with the objectives stated in the development plan. Financial service 329. Ordinary financial resources are needed by the cyber force to ensure the acquisition, sustainability and evolution of the planned capabilities. 330. The dynamic nature of cyberspace requires the establishment of agile hiring mechanisms and flexible financial planning otherwise there is a risk of collapsing the procurement processes of the new capabilities. 331. In addition, the cyber force needs atypical financial resources for urgent acquisitions and the purchasing of highly confidential products and services or products that are not available in ordinary markets. Legal service 332. The cyber force needs its own legal service with full dedication to cyber force/cyber defense matters. 333. The cyber force legal service should be made up of jurists specialized in computer law and, in particular, in the application of international law to cyber operations both in wartime and in peacetime. 334. The main task of the cyber force legal service is advising the commander on ordinary and operational legal matters and the pursuit of justice in the field of cyber force/cyber defense. 335. Ordinary legal issues are related to the ordinary life of the cyber force such as contracts, collaboration agreements, technical agreements, nondisclosure agreements (NDA), legal matters related to personnel and discrimination, etc. 336. Operational legal issues are related to the enforcement of national and international law in cyber conflicts, area of operations and exercises, and in particular the application of jus in bello (acceptable practices during war) and jus ad bellum (legitimate reasons to go to war) in cyberspace. The legal service, in addition, must have a relevant active participation in the drawing up of the rules of engagement in cyberspace (cyber-specific ROEs). |