WASHINGTON, D.C. –U.S. Senator Angus King (I-Maine) today questioned Admiral Mike Rogers, Director of the National Security Agency and Commander of U.S. Cyber Command, regarding the status of the Administration’s efforts to establish a national policy of cyber deterrence.

“On December 23^rd, 2016, the Congress passed the National Defense Authorization Act,” said Senator King in his questioning. “In it was a section that required the Secretary of Defense to file a report on just the questions we’ve been talking about within 180 days – which was June of 2017, about the definition of a cyber attack, what would be the response. It talks about operational authorities…delegated to the United States Cyber Command for military cyber operations, how the law of war applies, the whole list. The purpose of the amendment…which is in the law, was to establish a clearly articulated doctrine of response in this kind of situation… I’m asking, is anybody working on this? We’re eight months late now.

“Here’s what’s frustrating – here we are still talking about this issue when the Congress made a specific instruction to the Secretary of Defense,” Senator King continued. “And the President, by the way, was then required to respond to the Congress within 180 days from that report – that should have been coming in June 2017, hasn’t come, so we’re way late. And we keep talking about this. You and I have been in probably a dozen or fifteen hearings on this, and we don’t seem to be any further ahead than we were before. And the problem, as you’ve testified today, I think quite accurately and repeatedly: until we have some clearly articulated doctrine of response to these kinds of attack they’re going to continue. If all we do is try to patch our software, they’re going to continue, and you know that, and I know that. What’s it going to take? Is it going to take the destruction of the electric grid, or the financial system, in order for us to finally get to the point of taking this seriously?”

A report from the Secretary of Defense on options for deterring and responding to adversaries in cyberspace was mandated by a provision in the 2017 National Defense Authorization Act authored by King and Senator Mike Rounds (R-S.D.). The report was due in June 2017, but has yet to be finalized. In addition, the provision requires a report from the President identifying the types of actions in carried out in cyberspace against the United States that could warrant a military response; this report is due 180 days following the initial report from the Secretary of Defense.

Senator King has been a leading voice on the need for a national emphasis on cyber deterrence, and has repeatedly pressed officials in both the Obama and Trump Administrations on the importance of deterrence. Earlier this month, he questioned top national intelligence officials on the lack of a national doctrine on the subject. He has also introduced the Securing Energy Infrastructure Act with Senator Jim Risch (R-Idaho), which aims to protect America’s electric grid from cyber-attacks.