31 December 2020

For Beijing and New Delhi, 2020 Was the Point of No Return


In a year that challenged policymakers across the world, one development will perhaps have the most significant long-term impact in the Indo-Pacific—the ongoing standoff between India and China in the Himalayas. Chinese forces have shown no inclination to back away from the positions they have occupied along the Line of Actual Control (LAC), which divides India- and China-controlled territory in Ladakh region, since April. Meanwhile, Indian troops have been amassing at the disputed border, with New Delhi demanding comprehensive restoration of the status quo ante. Several rounds of military and diplomatic talks have failed to yield any results, underlining the high stakes for both sides.

2020 may well be the year when romanticism about Sino-Indian ties finally died. Many in New Delhi evinced a naive belief that, despite all the evidence to the contrary, India would be able to manage China diplomatically and that it was possible to keep the shadow of the border dispute from darkening the larger relationship. Even after the 2017 standoff between the two militaries in Dolkam at the India-Bhutan-China border, in which the People’s Liberation Army razed stone bunkers that the Royal Bhutan Army had constructed, Indian Prime Minister Narendra Modi tried to build a personal relationship with Chinese President Xi Jinping. This was as much about the practical necessity of dealing with a much stronger neighbor as it was about shaping the bilateral engagement beyond disputes. It worked for a while, but Beijing clearly had other plans.

India, OneWeb And The Queen’s Stake – Analysis

By Chaitanya Giri*

OneWeb, the London-based satellite internet services company, had a momentous 2020. It launched 68 (still operational) satellites between February and March 2020, then the company filed for bankruptcy protection in late March, less than a week after the launch of the second batch of 34 satellites. By July 2020, an unexpected duo, Her Majesty’s Government of the United Kingdom and India’s Bharti Global, acquired an insolvent OneWeb. On 18th December 2020, OneWeb launched the next batch of 36 satellites for the first time after its new buyers took over.

India, which launched an expansive reformation of its space sector in May 2020, must make the most of the new ties with OneWeb and the U.K. government. Through OneWeb, Bharti Global has become the first Indian telecom provider to enter the next-generation satellite internet market. Its partner, the U.K. government, is probably looking at geostrategic returns. The Airtel brand of Bharti Global is the third largest telecom service provider in the world, with deep last-mile connectivity in the African and South Asian markets. OneWeb will tap into the existing markets of its sister concern. These are excellent opportunities. But there are also challenges.



One of the foundational concepts in Mao Zedong’s thinking about politics and war is that mobilization and the “People’s War” (人民战争) are intrinsically linked.1 The ability of the Communist Party of China (CCP) to retain support depends on mobilizing the masses for political purposes, generating combat power and logistics support from the militia and industries.2 Mobilization also contributes to deterrence and preparation for potential protracted war.3 

Xi Jinping, CCP General Secretary, Central Military Commission Chairman and Chinese People’s Liberation Army (PLA) Supreme Commander (统帅), has breathed new life into mobilization with policies that emphasize the integration of China’s military and civilian infrastructure. He also has created new reserve units and upgraded the training for traditional militia. 

Given all the money poured into the PLA, a reliance on militia and reserves might seem a thing of the past. This is not the case. U.S. Army leaders should understand that China’s military can now be augmented by reserve units around China, modernized forms of militia. The case studies in this article provide useful examples of how quickly the People’s Republic of China (PRC) could mobilize and how militias and paramilitary forces have contributed to China’s military conflicts.


A Transatlantic Effort to Take on China Starts with Technology

Alina Polyakova

Technology is now the epicenter of geopolitics: governments increasingly recognize that all aspects of their power — military, economic, and normative — derive in substantial part from dominance in technology. The Covid-19 pandemic has only heightened awareness of the geopolitical dimensions of technology and the inherent vulnerability of technological interdependence as supply chain fragility and demand for digital services have become more visible. In recognizing vulnerabilities, however, democracies must resist the impulse to put up digital “walled gardens.” Instead of a race to the bottom, where every nation rushes to achieve technological sovereignty, democracies must develop a shared strategic approach that reflects values of openness, drives innovation, and establishes a legal framework for digital governance that prioritizes fundamental human rights.

The transatlantic alliance should be the driver of a 21st-century democratic digital agenda. But disagreements over government surveillance, private sector data collection and sharing, platform content restrictions, digital competition, and protection of fundamental freedoms like privacy and free expression, mean that Europe and the United States find themselves increasingly at odds.



From 2004 to 2019, experts from the United States and China came together once or twice a year to discuss nuclear policy. Of the 22 total meetings, half were convened in Beijing and half in Hawaii, with each venue offering particular benefts to the dialogue (in Beijing, direct access to interested stakeholders, in Hawaii a less formal setting and a shared jet-lag burden). Participants included experts from think tanks and academia as well as former and current offcials participating in their private capacities. The U.S. and Chinese militaries were also represented at junior and senior levels. 

Both sides also used the process to encourage the development of successor generation interest and expertise. Over this same period there were only a very small number of nuclear-focused meetings at the offcial level. This was essentially the only game in town. Such mixed gatherings are referred to as Track 1.5, as opposed to Track 1 (when offcials gather for offcial purposes) or Track 2 (when academic experts meet). 

Research Report on the Status of China’s Information Security Professionals (2018-2019)

See our original translation of a study by a PRC government cybersecurity center that analyzes the structure of China's complement of cybersecurity and IT security professionals.Download Full Translation

The following study, by a PRC government cybersecurity center, analyzes the structure of China’s complement of cybersecurity and IT security professionals. The study finds that PRC cybersecurity practitioners are still too few in number and are often burdened with non-security-related IT tasks, although China is making progress solving these problems. The authors recommend that all Party leaders take courses on cybersecurity to raise awareness of the importance of the topic.

1. Overview

Cyberspace competition is, in the final analysis, a talent competition. As the new science and technology (S&T) revolution continues and industries upgrade, information technology is fundamentally changing the way people live and shaping new patterns of economic and social development and national security. Information security talent will play a critical role in this process of transformative development. Given the challenges and opportunities of this new era, the question of whether it is possible to effectively promote the development of information security talent will become an issue of paramount importance in implementing the cyber powerhouse1 strategy. It will also be critical to gaining the initiative in a setting of increasing international competition.

Hints of Chinese Naval Procurement Plans in the 2020s

By Rick Joe

This year has seen multiple major navies in the world establish their future long term procurement strategies, ranging from the U.S. Navy’s 500-ship plan for its fleet by the year 2045, to the U.K.’s plans for the Royal Navy post-2030, and the Indian Navy’s recent reinforcement for its aspirations for a third aircraft carrier. Indeed, ambitions for expansion appear to be in the cards worldwide for many major navies, both for the near future, and in the longer term beyond 2030 as well, despite the economic consequences of the COVID-19 pandemic.

Thus it is somewhat appropriate that in recent weeks rumors emerged surrounding some of the naval procurement goals set as part of China’s recently concluded Fifth Plenum in late October surrounding the 14th Five-Year Plan (to be abbreviated hereafter as 14-FYP), that produces goals and strategy for the entire nation across the next five years from 2021 to 2025. This article will review the details of those rumors (as well as omitted information), in context of some recent predictions written by myself on the subject of future PLA Navy (PLAN) procurement. 

An Impending Slowdown?

How 2020 Shaped U.S.-China Relations

Article by Elizabeth C. Economy, Yanzhong Huang, Jerome A. Cohen, Adam Segal, and Julian Gewirtz

U.S.-China relations sharply deteriorated in 2020, after three years of steadily declining under the Donald J. Trump administration. Beijing and Washington traded blame over the coronavirus pandemic, remained locked in a trade war, competed over 5G networks and other technologies, and clashed over rights abuses in Xinjiang and Hong Kong, among other issues.

U.S. President-Elect Joe Biden will have to grapple with all these challenges from day one in office. In this roundup, CFR experts look back on significant moments over the past year that will have lasting implications for the relationship and offer their analysis on what to expect under Biden.

The Trump administration’s China policy is here to stay—or at least that is what the administration is working furiously to ensure. In the weeks following the U.S. presidential election, administration officials have undertaken a flurry of activities related to Tibet, Taiwan, financial decoupling, and the South China Sea, adding to the vast edifice of initiatives they have constructed over the past four years. While it may appear as though these last-minute actions will make it more difficult for the incoming Biden administration, the opposite is true. The more policies the Trump administration piles on, the greater the leverage and range of options it leaves for the Biden team. 

The Arab Spring Changed Everything—in Europe


Adecade after the Arab Spring, little has improved for those who stood up against Middle Eastern autocrats and demanded a better life. Most of the countries that erupted in protests and subsequently in violence are still ruled by despotic regimes under which oppression and corruption are routine while economic hardship has continued unabated.

Europe, however, is a different continent than it was before 2011—and for reasons directly relating to the failed revolutions next door. For one, Europe is split. The United Kingdom’s vote to leave the European Union was, in part, a reaction to the refugee crisis triggered by Syria’s uprising, and its subsequent civil war. Populist political parties across Europe, leveraging growing fears of Islam and extremism, have been on the rise for years.

European foreign policy has already palpably changed, with countries increasingly embracing the new dictators who have emerged on the continent’s southern borders, without even the fig leaf of liberal moralism they once evoked. In sum, the events of the Arab Spring have not only failed to make Arab countries more stable—they’ve also made European ones far less so.

In 2015, Germany’s Chancellor Angela Merkel found it reprehensible to deny shelter to Syrians whose homes and entire cities had been pulverized in a mad bombing spree by Bashar al-Assad’s regime. She opened Germany’s doors to the refugees, and almost a million walked in. That decision was hailed by many as the right thing to do. But its implications were far-reaching.

How the Biden administration should tackle AI oversight

Alex Engler

Had Democrats decisively won control of the White House and the Senate, there would be a robust conversation around legislatively expanding the federal government’s authority for technology oversight. While this conversation would take a backseat to issues like fighting the COVID-19 pandemic and shoring up the economy, legislation on new data privacy and algorithmic consumer protections could have had a chance in the first term of the Biden administration. Even a technology oversight agency would have been possible, and perhaps still is, pending the results from the Georgia special elections. Yet, even without a Democratic majority in the Senate, there are meaningful steps that the Biden administration can take to further reasonable oversight of the technology sector, and specifically the largely unregulated use of artificial intelligence (AI) and algorithmic decision-making.

The Biden administration can reverse Trump-era executive orders and agency regulations, instead requiring federal agencies to enforce existing discrimination laws on algorithmic systems and expanding their regulatory capacity to do so. President-elect Biden should push Congress to enact new algorithmic consumer protections in any new legislative compromises on privacy or antitrust, and further support the revival of the Office of Technology Assessment.

These efforts are likely not sufficient in the long term. The digital economy accounts for over 9% of GDP–larger than the finance sector–and was growing at 6.8% per year before the pandemic. Since the rise of the modern regulatory state in the 1970s, perhaps no other segment of the overall economy has experienced such growth while remaining largely unregulated. Even that framing understates the importance of data systems and algorithms, which are affecting nearly every part of our society. While the economic growth is undeniable, the mass proliferation of data systems and algorithms—especially in the form of permissionless innovation—has enabled extensive societal harms. A new regulatory agency, or expanded capacity of an existing agency such as the Federal Trade Commission, is necessary. For now, however, the Biden administration should take the available steps to curtail the direct harms, especially algorithmic discrimination, enabled by AI.

Mapping U.S. Multinationals’ Global AI R&D Activity

Roxanne Heston 

Many factors influence where U.S. tech multinational corporations decide to conduct their global artificial intelligence research and development (R&D). Company AI labs are spread all over the world, especially in North America, Europe and Asia. But in contrast to AI labs, most company AI staff remain concentrated in the United States. Roxanne Heston and Remco Zwetsloot explain where these companies conduct AI R&D, why they select particular locations, and how they establish their presence there. The report is accompanied by a new open-source dataset of more than 60 AI R&D labs run by these companies worldwide.Download Full Report

This paper presents new data on the global distribution of U.S. tech companies’ artificial intelligence labs and staff. It focuses on six companies—Amazon, Apple, Facebook, Google, IBM, and Microsoft—all of which have a history of conducting cutting-edge AI research and development. Our findings shed light on where these companies conduct AI R&D and why they select particular locations. This paper also addresses debates about the benefits and risks to national security of having U.S. companies conduct R&D abroad. On its own, new data will not solve these debates, but data is a prerequisite for nuanced policy discussions and cost-benefit analyses. To facilitate future research on the topic, we are releasing our new global AI labs dataset on CSET’s GitHub page.

The Uneven Global Response to Climate Change

Recently published climate science ultimately underscores the same points: The impacts of climate change are advancing faster than experts had previously predicted, and they are increasingly irreversible. One blockbuster report, from a United Nations grouping of biodiversity experts in May 2019, found that 1 million species are now in danger of extinction unless dramatic changes are made to everything from fuel sources to agricultural production. Despite these warnings, however, scientists confirm that the world remains on pace to blow past the goal of restricting warming to 1.5 degrees Celsius above pre-industrial levels, likely with catastrophic consequences.

Persistent climate skepticism from key global figures, motivated in part by national economic interests, is slowing diplomatic efforts to systematically address the drivers of climate change. In particular, U.S. President Donald Trump’s decision to pull out of the Paris climate agreement upon taking office immediately undermined the pact. Despite these hurdles, negotiators made substantive progress during a U.N. climate change conference in December 2018, putting in place an ambitious system of monitoring and reporting on carbon emissions for nations that remain part of the agreement. But the latest round of talks in December 2019 ended in abject failure, and the coronavirus pandemic hobbled further diplomatic efforts in 2020.

7 Reasons Why Silicon Valley Will Have a Tough Time With the Biden Administration


So far, U.S. President-elect Joe Biden seems like business as usual for Silicon Valley. The industry’s upper class
bankrolled his campaign, and several tech executives are likely to take senior positions in the incoming administration. After four unpredictable years, policy discussions are back on familiar ground—and companies are dusting off their tried-and-true lobbying techniques. But while this may look at first glance like a return to the past, it is not: The mood and context have changed utterly, and the traditionally cozy relationship between the Democratic Party and Big Tech is on the brink of turning much more contentious.

The Dec. 10 anti-trust lawsuit brought against Facebook by the U.S. Federal Trade Commission and the attorneys general of New York and other states is likely just the start of the long-expected crackdown on Silicon Valley, no matter which party controls the White House.

Here is why Big Tech is in for a rough time over the next four years:

Living and Dying in America in 2021


PRINCETON – American capitalism is not serving most Americans. While educated elites live longer and more prosperous lives, less-educated Americans – two-thirds of the population – are dying younger and struggling physically, economically, and socially.

The world received the blessings of cutting-edge science this holiday season with the record-fast development of effective COVID-19 vaccines that promise to end a pandemic that has so far killed more than 1.7 million people and caused the worst economic crisis in generations. But the rush by rich-country governments to secure enough doses for their own citizens threatens to prolong the agony for the developing world.

This growing divide between those with a four-year college degree and those without one is at the heart of our recent book, Deaths of Despair and the Future of Capitalism. The rise in deaths that we describe is concentrated almost entirely among those without a bachelor’s degree, a qualification that also tends to divide people in terms of employment, remuneration, morbidity, marriage, and social esteem – all keys to a good life.

The COVID-19 pandemic is playing out similarly. Many educated professionals have been able to work from home – protecting themselves and their salaries – while many of those who work in services and retail have lost their jobs or face higher occupational risk. When the final tallies are in, there is little doubt that the overall losses in life and money will divide along the same educational fault line.

The pandemic is also changing the business landscape, favoring large firms over small ones, and e-businesses over brick-and-mortar firms. Many of the large firms – especially Big Tech – employ few workers relative to their market valuations, and do not offer the good jobs that once were available to less-educated workers in old-economy companies.

Climate Hope Is Back


DENVER – Around this time four years ago, the climate community was in shock. Just when the world seemed to be on the cusp of pursuing serious measures to fight climate change, voters in the United States elected a president who would try to reverse all of the country’s previous climate achievements, causing immeasurable damage. We are now finally approaching the end of that bleak era.

The world received the blessings of cutting-edge science this holiday season with the record-fast development of effective COVID-19 vaccines that promise to end a pandemic that has so far killed more than 1.7 million people and caused the worst economic crisis in generations. But the rush by rich-country governments to secure enough doses for their own citizens threatens to prolong the agony for the developing world.3Add to Bookmarks

Over the past four years, many outside the US federal government have continued to make progress against climate change. State and city governments, major institutions, and businesses large and small ignored the president’s backward-looking rhetoric and continued working toward a sustainable future. And, outside the US, many other countries strengthened their climate commitments and instituted concrete action plans.

The Stampede from Silicon Valley


STANFORD – The news out of Silicon Valley is that some of America’s most dynamic businesses are pulling up stakes and leaving. Hewlett Packard Enterprise, the firm started by Bill Hewlett and David Packard in a Palo Alto garage in 1939, is moving its headquarters to Houston, Texas, and the software giant Oracle has already relocated its headquarters from Redwood City, California, to Austin, Texas.

The world received the blessings of cutting-edge science this holiday season with the record-fast development of effective COVID-19 vaccines that promise to end a pandemic that has so far killed more than 1.7 million people and caused the worst economic crisis in generations. But the rush by rich-country governments to secure enough doses for their own citizens threatens to prolong the agony for the developing world.3Add to Bookmarks

Likewise, Elon Musk, the CEO of Tesla and SpaceX, has announced that he, too, is moving to Texas, as is Joe Lonsdale, the founder of the data-analytics company Palantir, who is bringing his entire venture-capital firm, 8VC, along with him. Lonsdale is so disenchanted with the Golden State that he announced his move publicly in an op-ed for the Wall Street Journal headlined “California, Love It and Leave It.”

Myanmar: An Era Of Change Or A Change Of Era – OpEd

By Kanbawza Win

As the New Year rings in, one is quite perplex of whether, we are surviving in an era of change or in a change of era, as we leave behind the painful year of tragedy, hardship and look forward for a better new era, now that Truth has overcome Trump, we are left wondering of whether the US and China would be able to finalise their agreement to de-escalate the trade war and conjecturing whether China would grow fast enough to reach the goal of doubling the size of its economy as in the past decade overtaking the US in 2028.

The sudden outbreak of this mysterious COVID 19 forced China to lock down, compelling the WHO to declare a global pandemic as CORVID 19 spread quickly around the world, killing more than one and a half million people and ravaging the global economy, while forcing a miserable lives on the people. Work from home, which started as an emergency response, is likely to be a permanent change. Even though the most populous country of the world lock down, causing its economy to contract since the end of the Cultural Revolution of 1976, this draconian response worked, sharply curtailing the spread of the virus and allowing the economy to recover and is one of the few countries to post positive growth, donating and distributing, the coronavirus vaccines to the Third World countries.

After 2020, an Era of Global Harmony — or a New Dark Age?

Hal Brands

By most standards, 2020 has been an awful year, visiting death and disruption on societies around the globe. But if it has been undeniably challenging in real time, how might it appear to historians looking back, a half-century from now?

That’s hard to say, of course, given that how we view any historical event depends significantly on the choices that people made afterward. We would remember World War II much differently, for example, had America simply retreated from the world after that conflict ended, rather than engaging tirelessly to shape the postwar global order. Yet 2020 is sure to loom large in future efforts to trace the arc of the 21st century — perhaps as the year that the American-led global order began to buckle, or perhaps as the year that gave it new life.

It’s easy to imagine how historians might someday see 2020 as the onset of a new dark age. In the space of a few months, the world was staggered by once-in-a-century strategic shocks. A global pandemic killed millions and froze societies across multiple continents. The world underwent a wrenching de-globalization as borders closed and travel virtually ceased. International bodies, such as the World Health Organization and the Group of Seven, were incapable of delivering technocratic competence and global cooperation.

America’s History of Luck Is Running Out


The United States is the luckiest country in modern history. It began as a set of marginal European outposts, separated from the settlers’ home countries by a difficult sea voyage. When the colonies gained independence, they were weak, poor, and fractious. But in less than a century and a half, those 13 original colonies had expanded across North America, survived a civil war, driven other great powers from the Western Hemisphere, and created the world’s largest and most dynamic economy. That ascent didn’t stop until the end of the 20th century, when victory in the Cold War left the United States alone at the pinnacle of power. For a little while.

Americans like to attribute this remarkable story to their ancestors’ virtues, the enlightened wisdom of the Founding Fathers, and the intrinsic merits of America’s peculiar blend of liberal democratic capitalism. But in addition to the considerable cruelty displayed toward the native population and the slaves imported from Africa, good fortune played a major role as well.

Americans were fortunate that North America was rich with natural resources and fertile land, traversed by navigable rivers, and had a mostly temperate climate. And from the very beginning, the United States benefited from rivalries among the existing great powers. France backed the American Revolution in order to weaken its British rival, and the new nation doubled its territory when Napoleon needed money to wage war in Europe and was willing to sell the Louisiana Purchase at a bargain price. War in Europe also helped the United States survive its foolish decision to invade Canada in the War of 1812; Britain was too busy defeating Napoleon to turn its full strength against its obnoxious former colonists. The United States gradually attracted more attention as it expanded across the continent and took Texas, New Mexico, Arizona, and California from Mexico, but the European powers spent most of the time competing with each other and for the most part left the United States alone. By 1900, British concerns about a rising Germany led them to abandon their territorial claims in the Pacific Northwest and South America and appease the United States. And at that moment, the Monroe Doctrine of 1823 became a reality.

The post-Brexit trade agreement leaves many questions unanswered

AFTER THE deal, the salesmanship. No sooner had Boris Johnson, Britain’s prime minister, and Ursula von der Leyen, the European Commission’s president, announced their trade and security deal on the afternoon of December 24th than the spinning began. Ms von der Leyen got her press conference in first, and EU diplomats were quick to insist that it was Mr Johnson who had given the most ground. Clément Beaune, France’s Europe minister, declared that Britain would be subject to more export rules than any other country. Meanwhile in London an unofficial table was circulated purporting to support claims that Britain had won the argument twice as often as the EU. In an interview with the Sunday Telegraph, Mr Johnson himself boasted that he had secured “free trade with the EU without being drawn into their regulatory or legislative orbit”.

The truth is that both sides compromised. As analysts pored over the 1,255-page document that was published only on December 26th, the consensus was that Mr Johnson had given away more than expected on fisheries, whereas the EU had backed off its insistence on instant unilateral retaliation if Britain ever undercut its labour, environmental or state-aid rules. For all the point-scoring, the expectation is that most people will see enough in the deal (and be sufficiently worried by the alternative of no deal) to welcome the outcome. Brexiteers are pleased that Britain will be out of the single market and customs union and escape the jurisdiction of the European Court of Justice (though this overlooks the fact that Northern Ireland will remain covered by all three). The EU believes it will have enough purchase to deter future regulatory divergence, even though some in London see such divergence as one of the key reasons for Brexit. For both sides the agreement to zero tariffs and zero quotas on goods trade will be seen as mutually beneficial.

Five Foreign Policy Stories to Watch in 2021

by James M. Lindsay

Two thousand twenty had its fair share of big news stories. The same will be true of 2021. Some of those stories no doubt will surprise. Few experts a year ago were warning of an impending pandemic. Maybe a year from now everyone will be talking about cascading debt defaults in emerging market economies or a mass terrorist attack that surpasses September 11. Or maybe not. As Yogi Berra apparently didn’t say, “It’s hard to make predictions, especially about the future.” But a fair number of significant world events are ones we know are coming—call them the “known knowns.” Here are five known stories to follow closely in 2021. Any one of them could turn into the dominant news event of the year—or fade away. We’ll know in twelve months which will sizzle and which will fizzle.

COVID Continues. The novel coronavirus turned the world upside down in 2020. As the year closed, the death toll worldwide had topped 1.7 million, any economic recovery was “likely to be long, uneven and highly uncertain,” and experts and laypeople alike were wondering whether life will ever return to a pre-pandemic normal. The good news is that two highly effective vaccines have been approved for use, with more on the way. But distributing the vaccines widely, efficiently, and equitably will take many months and pose major logistical challenges. Missteps are almost inevitable. A split could also develop between those countries that are vaccine “haves” and those that are “have nots.” Much is expected of COVAX, the international alliance to produce, manufacture, and ship vaccines. But it could be hobbled if countries hoard supplies or use what they get unwisely. India and South Africa are pushing to strip intellectual-property protections from COVID vaccines and therapeutics for reasons that may have as much to do with commercial interests as humanitarian ones. Critics worry that such a move could diminish incentives to discover future vaccines and treatments. Meanwhile, questions remain about how long the immunity offered by contracting COVID or getting vaccinated will last, whether it’s possible for someone who has been vaccinated to contract the virus and infect others, and whether the virus will continue to mutate in ways that make it more contagious. As a result, measures such as mask-wearing, social distancing, testing, and contact tracing will continue to play a major role in combatting the spread of COVID-19 throughout 2021 and perhaps beyond.

No, the United States Does Not Spend Too Much on Cyber Offense

by Robert K. Knake

In the wake of the SolarWinds incident, critics have pointed to budget and personnel imbalances between offensive and defensive missions. As Alex Stamos pointed out in the Washington Post, the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security has only 2,200 employees for a mission that includes protecting all sixteen critical infrastructure sectors and all federal agencies while the National Security Agency (NSA) alone has more than 40,000 employees. The Department of Defense’s (DOD) Cyber Command has over 12,000 personnel, including 6,000 military members.

While total spending on cyber missions at NSA is classified, what is known about federal spending suggests priorities skewed toward offense. As Jason Healey pointed out last spring, the DOD’s cybersecurity budget is significantly larger than the cybersecurity budgets of all civilian components combined. The federal government spends more than half a billion dollars per year on the headquarters elements of Cyber Command alone and only $400 million on cyber diplomacy at the State department. All of CISA’s budget adds up to about half of what DOD spends on just offensive cyber operations.

The SolarWinds Breach Is a Failure of U.S. Cyber Strategy

By Robert Morgus

On Dec. 13, news broke that Russian intelligence operatives had successfully breached networks of the U.S. government and private entities by leveraging a vulnerability in the SolarWinds network management system. The campaign, which had been active for months before discovery, is a blow to U.S. Cyber Command’s strategy of “defend forward”—the notion that the U.S. should work to identify adversary cyber campaigns early and disrupt them closer to their source by disabling attacker infrastructure or other disruptive activities.

It is indisputable that defend forward failed to prevent the campaign As Nicholas Weaver notes in Lawfare, “This attack started in March with the first exploitation starting in April. Either [the U.S. intelligence community] didn’t know about it—a failure in the ‘defend forward’ philosophy—or they did know about it, in which case they also failed to defend forward.” But does this mean that defend forward is a failure? 

Not necessarily. But the SolarWinds breach does reveal an important gap in the strategy that the U.S. must understand and address. For defend forward to be fully effective, the agent conducting defend forward must have perfect intelligence; to disrupt an adversary campaign, the U.S. must know about the adversary campaign in the first place. But perfect intelligence is not realistic: Intelligence is a process of painting as comprehensive a picture as possible with limited information. So the United States must expect some adversary campaigns to slip through the cracks. And as the conventional wisdom goes, “in cyberspace, the offense has the upper hand.” The attacker needs to succeed only once, while a defender must prevent all attacks in order to be successful. 

Visualizing 2021: Trends to Watch

by Michelle Gavin, Alice C. Hill, Jennifer Hillman, and Jennifer Nuzzo

As a tumultuous 2020 comes to a close, four CFR experts use charts and maps to show important trends to watch in the years ahead.
Preparations for the Next Pandemic

The costs of premature death and impairment are based on a statistical calculation of the value of human life and health, and are distinct from lost GDP, which is based on goods and services produced.

Notes: “Multi-hazard” includes programs focused on multiple hazards or on building infrastructure and capacity to respond to large-scale health threats. “Pandemic flu and emerging infectious diseases” includes programs focused on preparedness and response to large, naturally occurring, and potentially destabilizing epidemics.

The United States has the largest epidemic of COVID-19 in the world. While it accounts for just 4 percent of the global population, it has more than 20 percent of all cases. The projected health-related and other economic costs from the disease are staggering: more than $16 trillion. This figure dwarfs what the United States has spent trying to prepare for pandemics and other public health emergencies. The most generous accounting of federal spending on public health preparedness indicates the United States put in just under $100 billion over the last decade, with only a fraction going specifically to emerging infectious diseases.

Given both the considerable potential costs of a single-disease emergency and the increasing frequency with which significant epidemics and pandemics are occurring, national governments including the United States’ should increase their investments in preparedness so as to prevent similar, or potentially worse, losses in the future.

How do you fix a flying computer? Seeking resilience in software-intensive mission systems

Report by Trey Herr, Reed Porada, Simon Handler, Orton Huang, Stewart Scott, Robert Lychev, and Jeremy Mineweaser

Defense organizations, by nature, confront unanticipated and highly impactful disruptions, but must continue to operate using complex mission systems. They must adapt these systems to withstand surprise and accomplish defined objectives despite disruption and the behavior of adversaries. It is crucial to understand a system as more than hardware or software—it is a combination of people, organizational processes, and technologies. Mission resilience is the ability of a mission system to prevent, respond to, and/or adapt to both anticipated and unanticipated disruptions, optimizing efficacy and long-term value. This means overcoming sophisticated cyberattacks and managing the risk of systemic software vulnerabilities, but it also encompasses changing operating environments, adversary innovation, and unexpected failures. Resilient mission systems should have the capacity to continue mission essential operations while contested, gracefully degrading through disruption rather than collapsing all at once.

Resilience is a key challenge for combat mission systems in the defense community as a result of accumulating technical debt, outdated procurement frameworks, and a recurring failure to prioritize learning over compliance. The result is brittle technology systems and organizations strained to the point of compromising basic mission functions in the face of changing technology and evolving threats.

Resilience is not a novel concept, but it tends to be presented as a technology issue. While technologies provide the most intuitive and concise examples for understanding resilience, people are responsible for selecting a system’s purpose and mission, designing a system’s technologies, and enforcing organizational processes within a system. This report provides actionable strategies and practices to combat mission system program owners who manage complex, software-intensive systems, enabling them to reshape their organizations to perform in a state beyond normal operational boundaries—otherwise known as graceful extensibility.1