Donald Trump confidant and former New York City Mayor Rudy Giuliani is one of the leading voices in designing a “cyber doctrine” for the U.S., according to the Director of National Intelligence Dan Coats, but there is little information about how that process is going.
The long-awaited doctrine — a broadly defined framework that lawmakers hope will one day serve to define the nation’s boundaries in cyberspace and rules of engagement — has been a consistent albeit vague talking point on Capitol Hill for the last year.
Senior Republicans — including Senate Armed Services Committee Chairman John McCain of Arizona — have called on colleagues and the executive branch to develop policy that establishes a clear “red line” for when the U.S. will aggressively respond to specific cyber incidents.
At a Senate Intelligence Committee hearing Thursday concerning “worldwide threats” — a conversation that included an overview of cyber conflicts between the U.S. and Russia — James Lankford, R-Okla., asked Coats, “Who should be held accountable next year if we do not have a cyber doctrine?”
Coats responded: “As you know, the president tasked an effort under the direction of former Mayor Giuliani with this.”
The process “has not led to a conclusion at this particular point in time,” Coats said of the Giuliani cyber working group. “I don’t have the details on that … [and] frankly given the proliferation of issues we’re dealing with [right now] it’s almost overwhelming to get our hands around all of them.”
Discussions of such guidelines originally picked up steam after the U.S. intelligence community claimed that Russian intelligence services were involved in influencing the 2016 presidential election by hacking into domestic political organizations.
Little is publicly known about the cybersecurity task force, although it received early support from Trump in January during the transition period.
Giuliani said during a press call in January organized by the transition team that Trump had asked him to be in charge of a “group that is going to tap the private sector for most of the problems and the solutions to cyber-defense.”
“It’s going to be my role to, from time to time, to bring together the leaders in the private sector — the corporate leaders and the thought leaders — to meet with the president, so that he can get from them directly the problems they’re facing, and maybe even more importantly, the solutions that they have,” Giuliani said during the call.
Later Thursday, after the Senate Intelligence hearing, current White House homeland security adviser Thomas Bossert announced that Trump had signed a long-awaited cybersecurity executive order. Bossert, while speaking at a White House press briefing, thanked Giuliani for his help in developing the document.
Bossert didn’t specify what Giuliani’s input was. More than a dozen major cybersecurity firms and tech companies that regularly engaged with the White House about the EO said they had not spoken to Giuliani during the feedback process, two people with knowledge of the plan told CyberScoop.
John Felker, director of the National Cybersecurity and Communications Integration Center, said in June that the Giuliani-led team has not yet reached out to his agency. The NCCIC acts as a sort cybersecurity nerve center for the federal government, working to identify, warn and coordinate the disclosure of important events to the private sector.