OPINION — The global terrorism landscape in 2026 — the 25th anniversary year of the 9/11 terrorism attacks — is more uncertain, hybridized, and combustible than at any point since 9/11. Framing a sound U.S. counterterrorism strategy — especially in the second year of a Trump administration — will require more than isolated strikes against ISIS in Nigeria, punitive counterterrorism operations in Syria, or a tougher rhetorical posture.
A Trump administration counterterrorism strategy will require legitimacy: the domestic, international, and legal credibility that leverages a wide-range of counterterrorism tools, while engendering international counterterrorism cooperation. Without legitimacy, even tactically successful counterterrorism operations risk becoming illusory, politicized, and ultimately self-defeating.
The terrorist threat landscape
Extremist violence no longer conforms to clean ideological lines. Terrorist objectives and drivers are muddled in ways that are hard to understand — but evolving. There’s little ideological purity with those radicalizing in today’s extremist milieu.
At the same time, state-directed intelligence officers increasingly behave like terrorists. Russian intelligence-linked sabotage plots blur the line between terrorism and hybrid warfare. Islamic Revolutionary Guard Corps officers provide hands-on training to Lebanese Hizballah commanders. Addressing these kinds of risks requires legitimacy, too, especially among allies whose intelligence cooperation, legal authorities, and public support are indispensable.
Nowhere is this threat picture more tenuous than in the Middle East. Hamas’s October 7, 2023, attacks triggered a profound rebalancing of power in the region. Yet, Syria remains unfinished business. Power vacuums there invite foreign jihadists, threaten Israel's border communities, and create future opportunities for Iranian influence to rebound.
A modest but persistent U.S. presence in Syria with a friendly Ahmed al-Sharaa-led government remains a strategic hedge against an Islamic State resurgence, and is a strong signal of U.S. commitment that helps sustain partner confidence. The U.S. counterterrorism presence and alignment with al-Sharaa is not without its risks, though: in December, three Americans were killed by a lone ISIS gunman in central Syria. The country is, and will continue to be, plagued by sectarianism and terrorism, which means that restoring control over a deeply fractured Syria remains fraught.
Taken together, the current transnational terrorism threat landscape is volatile and difficult to predict, a challenge compounded by resource constraints. In such an environment, legitimacy becomes a force multiplier. A belief that America is a ‘force for good’, credible messaging, and confidence that U.S. government action is perceived as just, can go a long way.
This is not an abstract concern. Terrorism today thrives in contested information environments, polarized societies, and fragile states. In short, transnational jihadist networks now coexist with domestic violent extremists, and online radicalization ecosystems that blur the line between terrorism, insurgency, and hybrid warfare. Terrorist propaganda continues to resonate with individuals in the West, especially younger generations who radicalize online. In this environment, legitimacy is no longer a secondary benefit of sound strategy—it is a core guiding principle.
The Trump administration's counterterrorism approach
We are looking for more clarity on the trajectory of Trump 2.0 counterterrorism efforts. It’s still, premature to consider a strategy that has yet to be formally articulated, as many in the counterterrorism community eagerly await its release. History offers a useful reminder. The first Trump administration did not publish its National Strategy for Counterterrorism until its second year. When it appeared in 2018, critics and supporters alike acknowledged that it reflected professional judgment rather than ideological excess. That document recognized terrorism’s evolution and called for strengthening counterterrorism partnerships within the U.S. government, but abroad as well, with a range of longstanding allies.
What gave that strategy durability was its legitimacy. Authorities were grounded in law, threat assessments were evidence-based, policies were stress-tested for faulty assumptions, and foreign partnerships were treated as strategic assets rather than transactional relationships.
When the Biden administration publicly released a set of redacted rules secretly issued by President Trump in 2017 for counterterrorism operations — such as “direct action” strikes and special operations raids outside conventional war zones — those guidelines explicitly acknowledged the power of legitimacy. Counterterrorism succeeds when allies trust the U.S., and the American public believes force is used proportionately and lawfully.
That legacy of trust matters now more than ever, given signals that a second Trump administration could overcorrect on its counterterrorism priorities by redirecting and focusing resources on far-left extremist groups such as the Turtle Island Liberation Front (TILF) or Antifa, while downplaying far-right extremism—or being distracted from the more dangerous terrorism threats from ISIS and other violent jihadists. As the world recently witnessed during the holidays, from Bondi Beach to Syria, ISIS remains a threat. Far-Left terrorism in the U.S. is on the rise, but far-right terrorism accounts for greater lethality than did the left. And still, after 25 years, it’s ISIS and al-Qa’ida that remain the most persistent and enduring transnational terrorism threat against U.S interests.
The Trump National Security Strategy
It’s concerning that the recently published National Security Strategy (NSS) only tepidly addresses transnational terrorism, but notably links terrorism with cross-border threats and hemispheric cooperation against things like “narco-terrorists,” blurring the traditional separation between transnational organized crime and terrorism.
Still, the Trump administration’s emphasis on drug cartels is justifiable, if it does not detract from broader counterterrorism objectives, such as the ISIS or hybridizing terrorist threats that continue to emerge. Commentators claim, however, that the Trump administration is already losing sight of the ISIS and al-Qa’ida threats, though settling that debate here is quixotic at best — only time will tell.
Besides jihadi threats, the U.S. does not need the unintended consequences and risks of triggering a cycle of cartel retaliation – or provoking greater far-left violence – down-the-line in the U.S. homeland.
Contrastingly, the 2017 National Security Strategy saw radical Islamist terrorism as one of the priority transnational threats that could undermine U.S. security and stability. The strategy highlighted groups such as ISIS and al-Qa’ida as continuing dangers, stressing that terrorists had taken control of parts of the Middle East and remained a threat globally.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Addressing transnational terrorism during the first Trump administration required discipline and steadiness amid predictable frictions at the National Security Council (NSC) among policymakers who wanted a more rapid shift toward other priorities, such as great power competition. Still, terrorist labeling and designations, strategic messaging, and resource allocation for counterterrorism were grounded in evidence rather than politics.
So, overhyping some threats while minimizing others undermines legitimacy, invites backlash, and weakens the very moral authority needed to operationalize a cogent, thoughtful national security strategy. It also erodes trust between the government and the public and leads citizens to second-guess whether they are being told the truth or being led astray. The 2017 NSS carried weight precisely because it was grounded in intelligence, not politics. Moreover, the NSS helped frame the counterterrorism strategy that followed and proved highly effective in keeping Americans safe.
Drawing lessons from the 2018 National Strategy for Counterterrorism
The 2018 National Strategy for Counterterrorism (NSCT) remains a useful foundation for the second Trump administration—not because the world is unchanged, but because it embraced balance. The strategy emphasized foreign partnerships, non-military tools, and targeted direct action when necessary. It recognized a central legitimacy principle: the United States cannot and should not fight every terrorist everywhere with American troops when capable counterterrorism partners can do so in their own backyards, with local consent, and a more granular understanding of the grievances that motivate these terrorist groups and their supporters.
And still, U.S. counterterrorism pressure through direct action remains a necessary tool to disrupt terrorism planning. It seems that the second Trump Administration is following the playbook of the first Trump administration in terms of aggressive counterterrorism kinetic strikes in places like Somalia, Yemen, and Iraq.
President Trump rescinded Biden-era limits on counterterrorism drone strikes, allowing the kind of flexible operational framework used for counterterrorism throughout the President’s first term. Thus far, in the aggressive counter-narcotic campaign in international waters off Venezuela, the standoff U.S. strikes resemble counterterrorism operations in Yemen and Somalia during the first Trump administration. Operationally, direct action remains an indispensable counterterrorism tool for disrupting terror groups overseas, and more U.S. direct action will likely be necessary in West Africa and the Sahel to keep jihadist groups operating there off balance, forcing them to devote more time and resources to operational security.
But pressure without legitimacy is counterproductive. What works against jihadist networks does not necessarily translate cleanly to drug cartels or transnational criminal gangs. So, policymakers must be circumspect that expanding the scope of counterterrorism authorities and terrorist designations to canvas drug cartels, risks the unintended consequences of triggering destabilizing cycles of violence in the future, and straining more traditional counterterrorism resources.
Coming full circle, in light of the U.S. capture of Nicolás Maduro for narcoterrorism-related offenses, the idea of legitimacy will be fiercely debated in the days and weeks ahead. If the Trump National Security Strategy is the roadmap for focusing on narcoterrorism in the Western Hemisphere, then the need for publishing a clarifying and rational U.S. counterterrorism strategy for the rest of the world takes on even greater sense of urgency.
Pushing a boulder uphill
Drawing on past counterterrorism lessons to find a comprehensive strategy—from the Bush administration’s wartime footing, through 8 years of Obama counterterrorism work, to President Trump’s "war on terror" — is a Sisyphean task. But, in the wake of over two decades of relentless overseas counterterrorism work, a few ideas have come into sharper focus:
After more than two decades of counterterrorism, loosening the Gordian knot of modern terrorism requires balance, far greater clarity, and consistent, predictable national leadership.
Above all, counterterrorism strategy requires legitimacy. Without it, counterterrorism becomes reactive and politicized. With it, a Trump 2.0 counterterrorism strategy can still be firm, flexible, and credible in a far more dangerous world.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
EXPERT PERSPECTIVE — Iran is experiencing its most consequential period of internal unrest in years. Nationwide demonstrations driven by economic collapse, social grievance, and political frustration have been met with force, mass arrests, and near-total information control. The scale and coordination of the response suggest a regime that feels threatened but not unmoored, confident in its ability to absorb pressure while preventing fragmentation.
This moment has reignited debate in Washington about escalation, leverage, and the possibility—explicit or implicit—of regime collapse. That debate is familiar. The United States has confronted similar moments before, most notably in Afghanistan and Iraq, where early assumptions about pressure, legitimacy, and endurance proved wrong.
This article is not an argument for restraint or intervention. It is a warning drawn from experience: without understanding how competition unfolds below the level of open conflict - the gray zone - pressure alone does not produce favorable outcomes. Iran today sits at the center of a problem the United States has repeatedly misunderstood - not the use of force, but what comes before and after it.
Afghanistan and Iraq: Where Strategy Slipped
In Afghanistan, the United States removed the Taliban from power quickly. In Iraq, Saddam Hussein’s regime collapsed even faster. In both cases, the decisive phase of the conflict ended early. What followed was the harder contest—one defined less by firepower and more by local power structures, informal authority, and external interference operating quietly and persistently.
In Afghanistan, as I witnessed firsthand, regional actors adapted faster than Washington. Iran, Pakistan, Russia, and later China treated the conflict as a long game. They invested in relationships, cultivated influence, and positioned themselves for the post-U.S. environment years before the withdrawal. The result was not an immediate defeat on the battlefield, but a strategic hollowing-out of the state.
Iraq followed a similar trajectory. Iranian-aligned militias embedded themselves within neighborhoods, religious institutions, and political parties. Over time, they became inseparable from the state itself. U.S. military dominance did not prevent this. In fact, it often obscured it, until the architecture of influence was already in place.
The lesson from both cases is straightforward: control of territory is temporary; control of networks endures.
Iran Is Not Afghanistan or Iraq — But the Pattern Rhymes
Iran today is often discussed as if pressure will produce rapid political change. That assumption ignores how power is organized inside the Islamic Republic.
Iran’s security model is deliberately social. The Basij is not simply a paramilitary force; it is embedded across society—universities, workplaces, neighborhoods, religious institutions. Its purpose is not only repression, but surveillance, mobilization, and ideological reinforcement. This structure was built to survive unrest, sanctions, and isolation.
Externally, Iran has exported the same logic. In Iraq, allied militias function simultaneously as armed actors, political movements, and social providers. In Afghanistan, Iran preserved influence across regime changes, maintaining access to key actors even after the fall of the Republic. These are not improvisations; they are the product of decades of learning.
It is worth remembering that Iran was not a spectator during the U.S. presence in Afghanistan and Iraq. It observed American methods up close—what worked, what failed, and where patience outperformed power. Tehran adapted accordingly.
Why Escalation Without Preparation Backfires
Moments of internal unrest often create pressure for external action. Yet Afghanistan and Iraq show that collapse—real or perceived—creates its own risks.
Removing a regime does not dismantle informal power structures. It often accelerates their consolidation. Networks that survive pressure are the ones that define what comes next. Iran’s internal system is designed precisely for this kind of stress: decentralized, redundant, and socially embedded.
There is also a strategic paradox at play. External pressure can validate internal narratives of siege and foreign threat, strengthening coercive institutions rather than weakening them. Information controls, security mobilization, and proxy signaling are not reactions; they are rehearsed responses.
This is why simplistic comparisons—whether to Eastern Europe, Latin America, or past protest movements, are misleading. Iran’s political ecosystem is closer to the environments the United States faced in Kabul and Baghdad than many in Washington are willing to admit.
Who’s Reading this? More than 500K of the most influential national security experts in the world.
None of this suggests that Iran is immune to pressure or that its current trajectory is stable. Economic distress, generational change, and legitimacy erosion are real. But history cautions against assuming that pressure equals control or that unrest equals opportunity.
The more relevant question for U.S. policymakers is not whether Iran is vulnerable, but whether the United States is prepared to operate effectively in the space that follows vulnerability.
That preparation requires understanding how authority is distributed beneath formal institutions, recognizing how coercive and social systems reinforce one another, and anticipating how regional actors adapt during periods of instability.
These are the same lessons Afghanistan and Iraq offered lessons learned too late.
Iran’s current unrest has reopened a familiar debate in Washington about pressure, leverage, and escalation. But Afghanistan and Iraq should have settled that debate long ago. The United States did not lose those conflicts because it lacked military power; it lost because it underestimated how authority, loyalty, and influence actually function inside contested societies.
Iran is not a blank slate, nor is it a fragile state waiting to collapse under external strain. It is a system built to absorb pressure, manage unrest, and outlast moments of crisis. Any approach that treats unrest as an opportunity without first understanding what follows it risks repeating the same strategic error the United States has already made—twice.
The choice facing U.S. policymakers is therefore not whether to act, but how to act without misunderstanding the terrain. Escalation without preparation does not produce control; it produces consequences that others are better positioned to manage. If Washington has truly learned from Afghanistan and Iraq, it will recognize that the most dangerous moment is not the collapse of order, but the false confidence that comes before it.
History will not judge the United States on whether it applied pressure. It will judge whether it understood what that pressure would unleash.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief.
THE KREMLIN FILES / COLUMN — Russian hybrid warfare, often referred to in the West as “gray zone” conflict, has transitioned from theoretical concept to prominent headlines, particularly following the invasion of Ukraine and the Kremlin’s campaigns of sabotage, disinformation, and targeted intelligence actions across Europe and the U.S. What defines Russian-style gray warfare, or hybrid war? What are its doctrinal roots, and how well do these foundations align with assumptions in Western security discussions? To explore these questions, this article analyzes the writings of Russian military thinkers and the views of Russian military and intelligence agencies—covering their terminology, doctrines, and their evolving grasp of non-kinetic conflict.
This is the first in a two-part series by Sean Wiswesser on Russian gray zone, or hybrid warfare
Gray zone operations in the West are generally seen as actions that influence the course of a conflict or harm an adversary without crossing into direct kinetic attacks. For Russia, at the core of the gray zone is the concept of “non-contact war” (bezkontaktnaya voina), which is part of a larger doctrinal framework under which gray warfare, also called “new generation warfare” by the Russians, falls. This is not a new concept in Russian military thinking, but it has developed over decades. By examining its evolution over the past thirty years through Russian sources and military thinkers, we can better understand how Moscow uses these concepts today—and how they influence the conflicts we may face now and in the future, enabling the U.S. and our allies to respond more effectively.
There are two main components of Russian gray warfare. Russians rarely use the term hybrid war, which exists in Russian only as a borrowed term from English. The first concept is non-contact warfare - the concept of preparing and softening the battlefield, then minimizing ground engagements for their troops whenever possible. The second concept is Russian intelligence active measures, also known as measures of support. This is also an old idea in Russian intelligence circles, but one that has been expanded and intensified in recent decades, incorporating new elements such as cyber operations and cognitive warfare.
We will briefly discuss each of these concepts below, along with Russia’s gray-zone developments up to its deployments into Ukraine in 2014. In the second part of this series, we will analyze Russia’s doctrine as it was applied in the years immediately leading up to and through the full-scale invasion of Ukraine, while also considering another key factor for Russia—their ability to evolve and adapt.
Non-Contact Warfare: Origins and Russian Military Necessities
Non-contact warfare developed from what the Russian General Staff and other military thinkers called sixth-generation warfare. The concept grew from the “reconnaissance strike complex” theory and the so-called “revolution in military affairs” at the end of the Cold War. As the Soviet Union disintegrated and the U.S. demonstrated overwhelming air power with NATO and other allies during the Persian Gulf war, former Soviet and Russian generals were not fools. They understood they could not keep pace with the new advancements in air warfare and the technological edge of NATO weapons systems.
Russian General Staff thinkers recognized that the Russian Air Force could not match TTPs (techniques, tactics, and procedures), the number of pilot training hours, or the advanced systems that the U.S. and NATO could field, especially given their significantly reduced military budget following the Soviet Union's collapse. This operational shortfall was further emphasized by the targeted bombing campaigns and overwhelming force deployed by U.S./NATO forces in the Balkan campaigns of the mid-1990s.
Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
In short, Russian military planners recognized they could not keep pace. NATO airpower and the reach of the alliance into all sorts of regions and conflict zones posed a significant challenge for the Russian military and its intelligence services. One of the lessons they understood was that massed tank formations alone would not win wars in the 21st century. Throughout the 1990s and into the early 2000s, several important writings were produced by prominent Russian general staff figures, such as Generals Slipchenko and Gareev, as well as the future Chief of Staff of the Russian military and currently the commander of the Russian forces in the Ukraine war, Valeriy Gerasimov.
Slipchenko is credited in Russia with coining the phrase “sixth generation warfare” more than twenty years ago. According to Slipchenko, this new form of warfare signified a shift from nuclear-based conflict (which he called “fifth generation”) toward information-enabled, precision-strike, so-called non-contact wars (he authored a book with that same title). These wars would be fought at a distance, relying on airpower, command, control, intelligence, surveillance, reconnaissance (C4ISR), and long-range precision strikes, rather than large ground forces. He and Gareev published a book in Russia in 2004 titled On Future Wars, which became influential in many Russian military circles. In this work, Slipchenko and Gareev emphasized the importance of studying non-contact warfare and firmly stated that Russia must adapt to it, or else “Russia would not survive.”
During that same period, Russia’s Air Force struggled significantly in the 1990s and 2000s to adopt precision-guided munitions (PGMs). Russia never fully integrated them or appropriately trained them on their use, which was evident in its prolonged conflicts with Chechen separatists. Most ground-attack operations during that period, from the mid to late 1990s, relied on “dumb bombs” and massed artillery on the battlefield. This resulted in the Russian air force’s poor performance in the 2008 Georgian conflict, when an outmanned Georgian military embarrassingly shot down several Russian fighter-bombers.
In the summer of 2008, responding to Georgia launching an incursion to retake South Ossetia, Russia responded with overwhelming force, sending an entire army to occupy swaths of Abkhazia, Ossetia, and also northern Georgia from Poti to Gori and the edges of Tbilisi. But while their force ratios led to quick success on the ground, the Russian air force did not perform as well in the air. In addition to air losses to ground-based air defense and friendly fire, Russian precision strikes did not go off as planned. Russia’s performance could be summed up as ineffective from the air. They were not able to project over-the-horizon warfare in the ways that Russian military planners had envisioned for non-contact war.
The first widespread and successful use of Russian PGMs would come still later, mostly during Russia’s involvement in Syria, where Russian squadrons were rotated for training and gained exposure to actual combat. Before that, many pilots had not experienced any combat outside of Chechnya.
Russia’s Air Force underwent a series of reforms due to these failures. It was reorganized and renamed the Russian Aerospace Forces (the VKS) in 2015 as a result of many of these reforms, or what were claimed to be reforms. When the full-scale invasion happened in 2022, Russia’s VKS, like much of its military, was still trying to evolve from its targeted reforms and these earlier developmental challenges. They attempted a limited shock-and-awe offensive but failed miserably in areas such as battle damage assessment and other key aspects of a true air campaign (the second article in this series will touch on these issues in more detail).
However, military reforms and adaptations in the Russian Air Force were not meant to stand alone. Russian kinetic actions were intended to be supported by other elements in non-contact warfare, aimed at softening the battlefield and undermining an adversary’s ability to fight. Prominent among these were active measures focused on information operations.
Active Measures, Measures of Support, and Non-state Actors
Returning to Russian arms doctrine, Slipchenko and other figures on the General Staff argued that, in the post–Cold War world, especially after observing the 1991 Gulf War and the dominance of US airpower, massing military forces was no longer effective. The world saw how Saddam’s large army, with thousands of tanks and armored vehicles, was destroyed from the air. Slipchenko claimed that future wars will focus on disrupting enemy systems, including military, economic, social, and other so-called “information means.”
This was not a new concept for Russia and its intelligence agencies—the FSB, GRU, and SVR (collectively the Russian intelligence services or RIS). The RIS would play a key role by using a well-known Russian technique—active measures, or as the RIS calls them today, measures of support. These tactics aim to weaken the enemy's ability to fight through malign influence, political interference, and disinformation. The Russians use state agencies and means, like their intelligence services, but also so-called non-state actors, like organized crime, private mercenaries, hacker groups, and many others, to carry out these and other hybrid actions as proxies.
The doctrinal approach of gray war, or new generation warfare, was gaining attention in Russia just as Putin's reign started. His rule coincided with the growing influence of the RIS within the government. It was natural for the RIS to take on roles the military was not equipped to perform, and Putin was quick to authorize them. One of the first tests for their active measures and gray war was Russia’s brief war with Georgia in 2008. As noted above, and while their military’s performance was mixed, their intelligence services were very active in the information arena. Russia flooded international media with its version of events. Their still-growing “RTV” news network promoted stories of atrocities they claimed were committed by the Georgian military. Europe and the U.S. were caught off guard and unprepared by the conflict; there was little to no meaningful response to Russia’s military actions, and no high costs or reprisals. It was a lesson Russia would remember.
After Georgia in 2008, while reforms were introduced in the air force in particular, the doctrinal debates continued. Building on Slipchenko’s ideas, writers from the General Staff, such as General Chekinov and General Bogdanov, further developed the doctrine they called “new-generation warfare.” Their work emphasized scripted roles in conflict for the information-psychological struggle, subversion, and cyber operations, while traditional large-scale combat operations became, by comparison, less prominent.
Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.
Gerasimov’s speech and article focused on shifting Russia's attention to countering the so-called “color revolutions” that occurred in the first decade of this century in Ukraine, Georgia, and Kyrgyzstan. They were, and still are, viewed as a direct threat to Russia’s national security and to Putin’s dictatorship. Russia cannot tolerate functioning democracies and freedom on its borders.
By combining Gerasimov’s contributions with those of Slipchenko, Gareev, and others, the Russian military developed a concept of non-contact warfare that planned for long-range strikes executed after weakening the enemy through non-kinetic means. They de-emphasized large ground formations because, according to the theory, they should not be necessary. Russian measures of support are designed to weaken an adversary through disinformation, misinformation, malign influence on politics, and other methods. This would become the battle plan the Russians would attempt to implement in Ukraine in 2014 (and again, with adjustments, in 2022).
As cyber has taken a greater role in society and the mass media, the Russian grey zone approach has also increasingly included RIS cyber operations and online media manipulation to support “reflexive control,” an old Russian intelligence concept from the 1960s. The term reflects the notion of influencing an adversary to act in a desired way without the enemy’s awareness. Gerasimov and the military, along with leaders of the RIS, knew from Russia’s poor performance in Georgia that they were not ready for war with NATO or any strong peer-level adversary. They needed help to weaken any adversary with a capable armed force before actual war.
Syria and Ukraine would be the new testing grounds for this concept in practice, with a heavy reliance on the intelligence services to help prepare the battlefield before and through the military’s engagement. Their perceived successes in both theaters would, over time, convince the Russian intelligence services, its military, and most importantly, President Putin that Russia was ready for a much larger task— an attack on and seizure of the entire territory of Ukraine.
All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
OPINION — “We [the U.S.] began as a sliver of a country and next thing you know we're a continental power, and we did not do that primarily through our great diplomacy and our good looks and our charm. We did that primarily by taking the land from other people.”
That was Michael O’Hanlon, the Brookings Institution’s Director of Research in the Foreign Policy program, speaking January 12, about his new book, To Dare Mighty Things: U.S. Defense Strategy Since the Revolution, on a panel with retired-Gen. David Petraeus and Historian Robert Kagan.
O’Hanlon continued, “Now, this is not a revisionist history that's meant to beat up on the United States for having become a world power, because if we hadn't done that, if we hadn't become this continental power, then we could never have prevailed in the World Wars…The world would have been a much worse place and we could never have played the role we did in the Cold War and at least up until recent times, the post-Cold-War world. So generally speaking, I'm glad for this American assertiveness, but to me, it's striking just how little we understand that about ourselves.”
Listening to that event eight days ago at Brookings, and looking around at what the Trump administration is doing at home and abroad today, I thought elements of what I heard from these three were worth repeating and reviewing.
For example, O’Hanlon pointed out a great amount of U.S. grand strategy and national security thinking took place during historic periods considered times of American isolationism and retrenchment.
O’Hanlon said, “A lot of the institutional machinery, a lot of the intellectual and leadership development capability of the United States began in this period starting in the late 19th century and accelerating into the inner [World] War years [1918-to-1941]. And without that, we would not have had the great leaders like [Gen. Dwight D.] Eisenhower, and [Gen. George C.] Marshall, trained in the way they were. I think that made them ready for World War II.”
He added, “We would not have had many of the innovations that occurred in this period of time -- so whether it's [Rear Admiral William A.] Moffett and [Navy] air power and [aircraft] carrier power, [Army Brig. Gen.] Billy Mitchell and the development of the Army Air Corps, [Marine Maj. Gen. John A.] Lejeune and the thinking about amphibious warfare. A lot of these great military leaders and innovators were doing their thing in the early decades of the 20th century and including in the inner war years in ways that prepared us for all these new innovations, all these new kinds of operations that would prove so crucial in World War II.”
“To me it's sort of striking,” O’Hanlon said, “how quickly we got momentum in World War II, given how underprepared we were in terms of standing armies and navies and capabilities. And by early 1943 at the latest, I think we're basically starting to win that war, which is faster than we've often turned things around in many of our conflicts in our history.”
Kagan, a Brookings senior fellow and author of the 2012 book The World America Made, picked up on American assertiveness. “Ideologically, the United States was expansive,” Kagan said, “We had a universalist ideology. We got upset when we saw liberalism being attacked, even back in the 1820s. You know, a lot of Americans wanted to help the Greek rebellion [against the Ottoman Empire]. The world was very ideological in the 19th century and we saw ourselves as being on the side of liberalism and freedom versus genuine autocracies like Russia and Austria and Prussia. And so we always had these sympathies. Now everybody would say wait a second it's none of our business blah blah blah blah, but nevertheless the general trend was we cared.”
Kagan went on, “People keep doing things out there that we're finding offensive in one way or another. And so we're like wanting to do something about it. So then we get dragged into, [or] we drag ourselves into these conflicts and then we say, ‘Wait a second, we're perfectly safe here [protected east and west by the Atlantic and Pacific Oceans]. Why are we involved in all this stuff?’ And then we want to come back. And so this tension between our essential security on the one hand and…our kind of busy bodyness in the world has just been has been a constant -- and I think explains why we have vacillated in terms of our military capability.”
Petraeus, began by saying, “I'm a soldier not a historian here,” and then defended some past U.S. interventions as “basically when we've been attacked,” citing Pearl Harbor and ships being sunk in the Atlantic. He added, “Sometimes it's and/or when we fear hostile powers especially, if they're aligned as it was during the Cold War with the communists, or now arguably with China and/or Russia or both taking control of again Eurasia, Southeast Asia, East Asia.”
Petraeus admitted, “We have sometimes misread that. You can certainly argue that Vietnam was arguably more nationalist [North Vietnamese seeking independence from France] maybe than it was communist. But that I think still applies. I think one of the motivations with respect to [Venezuelan President Nicolas] Maduro is that they [the Maduro Venezuelan leadership] were more closely than ever aligning with China, Iran to a degree, Russia and so forth. And we've seen that play out on a number of occasions as well.”
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Petraeus, who played several roles in Iraq, said the U.S. had “to be very measured in what your objectives are if you're going to use force, and…try to avoid boots-on-the-ground. If they're going to be on the ground, then employ advise, assist, and enable operations where it's the host nation forces or partner forces that are on the front lines rather than Americans.”
Looking back, Petraeus said, “I think we were unprepared definitely intellectually for these operations after toppling regimes in Iraq and Afghanistan and not just [in] the catastrophically bad post-conflict as phase,” citing “horrific decisions to fire the entire Iraqi military without telling them what their future was. And then firing the Baath Party down to the level of bureaucrats. That meant that tens of thousands [of Iraqis] without an agreed reconciliation process are literally cast out. And by the way, they're the bureaucrats that we needed to actually help us run a country [Iraq] we didn't sufficiently understand.”
Describing another lesson learned, Petraeus said, “In looking back on Afghanistan, trying to distill what happened, what we did wrong, what we did right, I really concluded that we were never truly committed to Afghanistan nation building. Rather, we were repeatedly committed to exiting. And that was a huge challenge [for the 20 years the U.S. was there], because if you tell the enemy that you're going to draw down on a given date, during the speech in which you announce a buildup, really undermines the enemy's sense of your will in what is a contest of wills at the end of the day. Not saying that we didn't want to draw down, but to do it according to the right conditions. And of course then the other challenge was that the draw-down became much more based on conditions in Washington than it did on conditions in Afghanistan, which is again another pretty fatal flaw.”
Kagan gave his view on past American interventions with U.S. troops in foreign countries, and tied them sharply to today’s situation, not only in Caracas, but also in Washington. “You know, the United States did not go to war in Iraq to promote democracy despite the vast mythology that has grown up about that,” Kagan began.
He then continued, “It was primarily fear of security. Saddam was a serial aggressor. He certainly was working on weapons of mass destruction. Rightly or wrongly that was the primary motive [of the George W. Bush administration]. But then Americans, as always the case, and you know, all you have to do is look at what we did in Germany after World War II, what we did in Japan after World War II. Americans never felt very comfortable about moving into some country, taking it over for whatever reason and then turning it over to some dictator. We wanted to be able to say that we left something like democratic governance behind. Until now that has been such a key element of our self-perception and our character.”
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
Kagan said the Bush administration then sent U.S. troops into Iraq “was not because we were dying to send troops into Iraq, but because we had concluded you cannot control countries from the air. And so we're now [with Venezuela] we’re back in that mode.”
But here, Kagan gave his view of an important change from the past. He said, “So here's what's different. We did not want to leave in Iraq Saddam's number two. Go ahead, take over. In Venezuela, we've gone after a regime head…[but] this isn't regime change. This is decapitation and now we've turned it over to the next, you know, part of the Maduro regime and said you take care of it. We'll run it, but you take care of it. That is a departure from American history and I think it is directly a consequence of the fact that for the first time I can say without any doubt we do not have a president who believes in the American principles of liberalism, but is actively hostile to them here in the United States as well as internationally. He is on the side of anti-liberalism. He is on the side of authoritarianism, both here and abroad. That, to my mind, it's not do we intervene in Latin America, Yes, we do, but for what purpose? And I think that is the huge break [from the past] that we're witnessing right now.”
To my mind and others, Kagan has it right. President Trump, facing political problems at home – affordability, the Epstein files, the upcoming November House and Senate elections – has tried to show expanding power abroad. Based on past success in Iran bombing nuclear sites and removing Maduro from Venezuela, Trump wants to absorb Greenland, send U.S. forces into Mexico after drug cartels, and threaten attacking the faltering regime in Iran.
Let me add a final element to Trump’s current eagerness to show power abroad. The one thing he doesn’t want is the death of any U.S. military personnel he sends into harm’s way. Trump and his top aides have repeatedly pointed out, whether it was in blowing up narco-trafficking boats or the Iran bombing or the Maduro snatch, no American lives were lost.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
DEEP DIVE — It is one of the most lauded defense developments in recent decades, providing preeminent capability to U.S. military personnel worldwide, but that prowess evidently comes with a steep cost that military leadership allowed to grow for years.
Critics have long asserted that the military failed to adequately address a mounting series of safety issues with the V-22 Osprey aircraft, even as service members died in preventable crashes. The Naval Air Systems Commandreview and Government Accountability Officereport paint a scathing portrait of systemic failures by the Joint Program Office overseeing V-22 variants for the Air Force, Marine Corps, and Navy.
The Marine Corpsoperates approximately 348 MV-22s, the Air Force 52 CV-22s, and the Navy 29 CMV-22s, with the program of record at around 464 total across services. Japan operates 17 MV-22s, with deliveries complete or near-complete.
The Deadly Track Record
Some 30 U.S. Marines lost their lives in threeseparate crashes during the testing and development phase throughout the 1990s, giving the Osprey the nickname “The Widow Maker.” Since its introduction in 2007, at least 35servicemembers have died in 10 fatal crashes.
“Initially, the V-22 suffered from Vortex Ring State, which produced crashes during development. The problem was diagnosed and remediated, and the loss rate went down dramatically,” John Pike, a leading defense, space and intelligence policy expert and Director of GlobalSecurity.org, tells The Cipher Brief. “Subsequent losses have been ‘normal accidents’ due to the usual mechanical and human failings.”
The GAOfound that serious Osprey mishaps in 2023 and 2024 exceeded the previous eight years and generally surpassed accident rates of other Navy and Air Force aircraft. In August 2023, three Marines died in Australia. In 2022, four U.S. soldiers were killed in a NATO training mission, and five Marines were killed in California.
Unresolved Problems
The NAVAIR reportrevealed that “the cumulative risk posture of the V-22 platform has been growing since initial fielding,” and the program office “has not promptly implemented fixes.” Of 12 Class A mishaps in the past four years, seven involved parts failures already identified as major problems but not addressed.
Issues with hard-clutch engagement (HCE) caused the July 2022 California crash that killed five. The problem occurs when the clutch connecting the engine to the propeller gearbox slips and reengages abruptly, causing a power spike that can throw the aircraft into an uncontrolled roll.
There were eight Air Force servicemembers killed in the November 2023 crash off Yakushima Island when a catastrophic propeller gearbox failed due to cracks in the metal pinion gear, and the pilot continued flying despite multiple warnings, contributing to the crash.
This manufacturing issuedates to 2006, but the Joint Program Office didn’t formally assess the risk until March 2024 – nearly two decades later. A NAVAIR logbook reviewfound that over 40 safety-critical components were operating beyond their airworthiness limits, and that 81 percent of ground accidents were due to human error.
A Broken System: Poor Communication Between Services
The GAO also found that the three services don’troutinely share critical safety information. Aircrews haven’t met regularly to review aircraft knowledge and emergency procedures. The servicesoperate with significantly different maintenance standards, with three parallel review processes and no common source of material.
The GAOidentified 34 unresolved safety risks, including eight potentially catastrophic risks that have remained open for a median of 10 years. The V-22 has the oldestaverage age of unresolved catastrophic safety risks across the Navy’s aircraft inventory.
Fixes May Take a Decade
The Navy reportindicated fixes won’t be complete until 2033-2034. Officials now say the fleet won’t return to unrestricted operationsuntil 2026 – a year later than planned. The V-22 program plans to upgrade gearboxes with triple-melted steel, reducing inclusions by 90 percent.
Under current restrictions, overwater flights are prohibited unless within 30 minutes of a safe landing spot, severely limiting their use by the Navy and Marine Corps.
Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.
Osprey's Unmatched Capabilities
The Osprey still offers a game-changing advantage for U.S. troops, despite its troubled past, according to its supporters.
As it currently stands, the entire fleet operates under restrictions that prevent overwater flights unless within 30 minutes of a safe landing spot, significantly limiting its utility for Navy and Marine Corps missions.
In 1979 to 1980, American hostages were taken in Iran during Operation Eagle Claw, which gave rise to the Osprey. As five of the eight Navy helicopters that arrived at Desert One were inoperable, it was clear that rapid troop movement in harsh environmental conditions was urgently needed.
After development began in 1985, the Osprey entered service in 2007, replacing the Vietnam-era CH-46 Sea Knight.
Compared to fixed-wing transports, the Osprey can land troops just where they are needed. Airdrops with parachutes tend to scatter paratroops all over the place; see ‘Saving Private Ryan,’” Pike explained. “And compared with other rotary wing aircraft, the Osprey is much faster and has a much longer range.”
The Osprey shifts from helicopter to airplane mode in under 12 seconds, reaches speeds of 315 mph, has an operational range of 580 miles, and carries 10,000 pounds – or 24 troops. It’s used for missions ranging from combat operations to the occasional transport of White House staff. During a dust storm in Afghanistan in 2010, two CV-22 helicopters rescued 32 soldiers in under four hours from a distance of 800 miles.
Chronic Readiness Problems
Yet these performance advantages have been undercut by persistent readiness shortfalls.
The NAVAIR reportnoted that mission-capable rates between 2020 and 2024 averaged just 50 percent for the Navy and Air Force, and 60 percent for Marines. The Ospreyrequires 100 percent more unscheduled maintenance than the Navy averages and 22 maintenance man-hours per flight hour versus 12 for other aircraft.
In addition, Boeing settled a whistleblower lawsuit in 2023 for $8.1 million after employees accused the company of falsifying records for composite part testing. Boeing, in its defense,claimed that the parts were “non-critical” and did not impact flight safety.
Conflicting Views on Safety
“The Osprey does not have a troubled safety record. Per a recent press release, the V-22 mishap rate per 100,000 flight hours is 3.28, which is in line with helicopters with similar missions.” a government source who works closely with the Osprey fleet but is not authorized to speak on the record contended to The Cipher Brief. “Like anything measured statistically, there are periods above and below the mean. Just because humans tend to conclude because of apparent clusters doesn’t necessarily mean there is a pattern or connection – think of how some people say that ‘celebrities die in threes.’”
The source vowed that “the design issues, such as certain electrical wiring rubbing against hydraulic and oil lines, were fixed before fleet introduction.”
“The problems with the test plan were a product of pressure applied to accelerate a delayed and overbudget program and were not repeated when the aircraft was reintroduced,” the insider pointed out. “Those mishaps, combined with the distinctive nature of the V-22, mean that any subsequent incident, major or minor, is always viewed as part of the ‘dangerous V-22’ narrative. A U.S. Army Blackhawk crash in November killed five but barely made the news. A Japanese Blackhawk crash killed ten soldiers in April, but the Japanese didn’t ground their Blackhawks.”
That perception, however, has done little to quiet families who argue that known risks went unaddressed.
Amber Sax’s husband, Marine Corps Capt. John J. Sax died in the 2022 California crash caused by hard clutch engagement, a problem the Marine Corps had known about for over a decade. “Their findings confirm what we already know: More needs to be done, and more needs to be done,” Saxsaid. “It’s clear in the report that these risks were not properly assessed, and that failure cost my husband his life.”
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
An Uncertain Future
As the military confronts those findings, the future of the Osprey fleet is not completely clear. In 2018, the Marine Corps Aviation proposaloutlined a sustainability plan for the Osprey to at least 2060.
“The quality of maintenance training curricula, maturation, and standardization has not kept pace with readiness requirements,” the reportstated. “Current maintenance manning levels are unable to support demands for labor. The current V-22 sustainment system cannot realize improved and sustained aircraft readiness and availability without significant change. Depot-level maintenance cannot keep up with demand.”
Despite extensive recommendations – NAVAIRunderscored 32 actions to improve safety – Vice Adm. John Dougherty reaffirmed commitment to the aircraft. Pike believes it’s a matter of when, not if, the Osprey returns to full operations.
“Once the issues are fixed, everyone will resume their regular programming,” he asserted.
Officials and insiders alike expect that process to translate into tangible fixes.
“I would expect that to lead to some type of corrective action, whether it’s a new procedure or replacing a defective part,” the insider added. “After that, I would expect a long career for the aircraft in the Marine Corps, Navy, and Air Force, as it’s an irreplaceable part of all three services now and gives a unique capability to the American military.”
Whether that optimism proves warranted depends on whether military leadership finally addresses the systemic failures the latest reports have laid bare – failures that cost 20 service members their lives in just the past five years.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business
WEEKEND INTERVIEW — In an era when foreign adversaries can shape public sentiment with a well-timed meme and a handful of AI-driven accounts, the U.S. government is racing to redefine what national power looks like in the information age.
At the center of that effort is Shawn Chenoweth, the country’s first Director of Cognitive Advantage - a role designed to help the United States compete in the domain where modern influence, persuasion, and political outcomes are increasingly decided.
What, exactly, does a Director of Cognitive Advantage do? It’s not a title most Americans encounter, and it sits far outside the familiar contours of diplomacy, military force, or economic leverage. But as Chenoweth explains, the contest for influence no longer stays neatly within those lanes either.
His focus is often on the gray space - where information, perception, culture, and behavior collide, and where adversaries like China, Russia, Iran, and North Korea are operating with staggering resources and strategic focus.
In this Cipher Brief conversation, Chenoweth breaks down how cognitive operations actually work, why the U.S. has struggled to keep pace, and what it means to give the President an “information option” that’s not simply kinetic or economic.
He offers rare, candid insight into how technology, AI, and social platforms—from TikTok to algorithmically driven personas—are reshaping the battlespace faster than policymakers can write doctrine.
Our conversation is a deep dive into one of the least understood - but perhaps most consequential - fronts of modern national security. Our conversation has been lightly edited for length and clarity.
Shawn Chenoweth is the Director of Cognitive Advantage at the US National Security Council.
The Cipher Brief: How do you explain the role of the director of Cognitive Advantage?
Chenoweth: When you look at traditional elements of military power, you probably think of the DIME construct.It's not a perfect construct, but it's pretty good. DIME, is broken down into Diplomatic, Information, Military and Economic, and it's very clear who owns the Diplomatic, Military, and Economic components. But there hasn't been, at least in several decades, a good example of where people have really come to the president and the administration with an "I" option, for Information. And it's a shame because when you actually look at the DIME construct, you don't want to break it into stove pipes. We should think of it as a cell. Each of those elements acts as part of a functioning cell, and removing any of those elements means you have an imperfect or failing cell.
So, I was asked to help put the "I" back in DIME so that we can provide additional options and advantages across the other elements of DIME to national power and provide the president with opportunities to accomplish the Administration’s objectives that aren't just warheads on foreheads or threatening economics or expending political leverage. We can enhance those things, but we can also gain advantages by using cognitive effects through the information environment.
Kelly: Let’s set the stage a bit further. If you were to explain to the average American what is happening in terms of cognitive warfare in the gray zone – the area where conflict occurs below the level of warfare - how would you describe it?
Chenoweth: I think if you look through your military histories, philosophers, politicians, political science, it's all pretty clear. You can pick out the elements. They all have one underlying thread, which is that political victory is the one that matters at its core. That's really what we're talking about. Nothing's changed. How human beings are connected, how technology is affected has certainly changed. But what we really care about is what people do in the real world and the geophysical world, the world we live in.
So, the point of a cognitive advantage is to leverage that so that human beings are taking behaviors favorable to outcomes, to national objectives, which most of the time are also - in the case of the United States - favorable in their own right. So it's core. And that is what we're driving to get: those advantages in what people do in the real world through their sensing, to make decisions that come back to the real world and have the effects that you want.
Kelly: Can you give an example of what that would look like?
Chenoweth: Let's say you're negotiating for a piece of land or a base that you need for overflight intel collection. You're going to conduct a trade-off in negotiations. Maybe it's going to look like, - if you pay more, you'll get more - based off what the value proposition is. But very rarely is it that blatant and simple. So, what you want to be able to do is understand, what advantage would we need in the negotiation? What's actually driving this other party other than maybe just cost or just danger? What’s the risk calculus?
There are cultural nuances that affect things: their understanding of influence, political implications. So, the point would be to understand why they would be interested in this in the first place? What advantage does it give them? What are the cultural nuances? Why wouldn't they do this in the first place? Why aren't they taking this action and what can we do to make sure that the outcome is what we want?
There are other areas where that applies across the spectrum.
Let's say we're conducting counter-terrorism operations, and we know an objective tends to use a particular cafe. Well, what if they were using a different one that day? What can we do to influence them to go to a place that's more favorable for options to decrease our own risk calculus, either because we want to conduct a kinetic strike or make an arrest? Maybe we can't find them. So, what if we use that for our intel collection and our methods to basically make them come up on comms and change their behavior so it's easier to find them, collect on them, and build the data so that we can conduct physical actions to stop or disrupt them? And you can kind of see how that applies across the board.
If you know more than the person you're dealing with, chances are that you're going to be better at accomplishing your outcome. It’s very similar with the werewolf theory. It's a game where two people are chosen to be the werewolf of the village and everyone else in the group doesn't know who the werewolf is. Most of the time the people who are the werewolves win the game because they have an information advantage over everyone else playing the game. So, it's a human norm.
And again, I point out that nothing's new under the sun. It's just that we haven't really thought through the implications of what it means in the information age that we live in - where everyone is connected through software defined radios. We're a long way away from direct sensing where it's communication and things happening in the real world. Now we have sort of indirect sensing where you're fed data feeds and everything else. We can affect cognitive behavior in ways we never imagined, and we really haven't thought through just as we can reach people and sell items. And if I want to find a person whose favorite color is red, who's a military age male who's really into Magnum PI, I can find that person thanks to their radio, and I can craft messages specifically for someone who fits that demographic and move them in a particular direction. That's the first time in history that that's been the case.
Kelly: You have a background that combines both government and private sector experience. Given that technology is being rapidly developed in the private sector, how do you think that background gives you an advantage in this role?
Chenoweth: There are a lot of people who've served in the military and have been contractors but just by happenstance, I happen to have been in a lot of critical locations at critical times. I think one of the advantages that has brought me is that I saw the frustration within the military when the contracting apparatus didn't work. I was also empowered by industry to go and fix a lot of those structures and enable the government to do it, and now I'm getting afforded the opportunity to work on policy to make the system really hum.
I think the advantage with that is that when it comes to the information space, there's no control. And I try to emphasize this to any policy maker or power broker or decision maker that I can find. You can put an armored brigade in an intersection - fully equipped, fully supported – and a U.S. Armored Brigade could own that intersection. There are things you can control. But when it comes to the information space, there is no control. It is constantly shifting, constantly changing. You have a binary decision. You are either going to participate, preferably at a level that matters, or not, and whatever's going to happen is going to happen.
So, you could find yourself in an advantageous information space in the morning, lose it by the late morning, get a stalemate in the afternoon, and win it back in the afternoon – just to lose it again at the end of the day. And when you wake up the next morning, you're going to have to do it all over again. There is no, "We have information dominance and we're done and we can crack our beers and go on with other things."
That's not how this works because every day new information is being injected into the system. People are changing and developing new opinions. Things are occurring and people are going to react to those things, change their opinions, adapt, age out, age in, so those cultural references may change. It's a constant flux. One of the things that from the U.S. government side we're getting our head around is that we need an information carrier group constantly operating afloat in the information environment, effectively. One that’s engaged 24/7 to affect these changes.
The Cipher Brief is partnering with the Information Professionals Association and the National Center for Narrative Intelligence to bring you Pinnacle 2026: Gray Zone Convergence: Cognitive Security at the Intersection of Influence, Innovation, and Shared Interests. Register for the February 9-10 conference now to secure your spot.
Kelly: It's not just the United States that has gotten pretty good at understanding the impact of cognitive advantage. We see these tactics from China and Russia being used with stunning success. In this role, how focused are you on their activities when it comes to doing the exact same thing that you're tasked with doing?
Chenoweth: They absolutely practice these activities. I call them the ‘CRINKETT’. Every challenge we're generally dealing with falls in the CRINKETTS. It's China, Russia, Iran, North Korea, Terrorists and Trans[national] criminals. And particularly for the nation states, this is exactly how they want to compete.
From their perspective, there are two ways to deal with the United States: asymmetrically and stupidly, largely because of our economic and military power. They get that. They're not interested in a kinetic fight; that is an awful prospect. So the way they want to do this is in gray zone activities, in the information space, in the cognitive domain.
And they outspend us. I'm not going to say necessarily outperform, but I'll say if you want to compete at a level that matters, they outspend us, period. Iran probably spends around $1.8 billion plus-minus a year, maybe more with their proxies and everything else they do in this particular space. Russia - post Ukraine invasion, spends about $2.6 billion, something like that. China - 48 plus billion dollars a year. The U.S., if I take all of the activities from the DoD, the State Department and everything else, and you put those together, you might approach $1.2 billion.
It doesn't mean we're executing those funds either. It just means that that's what we've allocated. When you think about how we outspend to have an advantage on the other parts of DIME, we're hideously underperforming here. And again, all props to the administration. They're acutely aware of this and the support I've had at the National Security Council and across the elements of government - the departments and agencies - has been stellar. And we're going to continue to work on this and get it right because we have three and a half more years of President Trump's administration to get this right, do the reps and sets, and make this a durable policy so that the American people can start enjoying those benefits that come when we're really focused on this space.
Kelly: What does success look like for you in this role and how do you measure it?
Chenoweth: Measurement has always been a funny thing. People will constantly tell me how hard it is to measure these activities. And what I’ve found time and time again is that we're actually pretty good at these activities. The issues with the measurements are, again, participating at a scale that matters. We need to measure behavior change, and in order to do that, we need to have clear objectives. What are we after?
The big part of that is who is the target audience that has the agency to do the thing we want? We spend a lot of time making plans and CONOPS [Concept of Operations] on sub-target audiences that don't actually have the agency – in hopes that they affect agency - and that's perfectly fine. But why are we doing assessments against this? We spend a lot of time and money generating assessments to target audiences that don't have the agency you want. So, let's focus on the target audience that has the agency and let's do this at scale.
For example; I'm in the DC area and I can go down to the Potomac River, drop a bucket of water in the river, and I have objectively molecularly increased the amount of water in the Potomac. There isn't a sensor on this planet that is going to detect that molecular change.
The fact is that you might be having an effect, but you don't have a sensor that is going to pick that up. So, you need to increase your scale or customize your sensing system to the effect you're having. That tends to be where the assessments fall apart.
I’ve heard all the time for decades now that assessments are so hard. I don't find that to be true. What I find is that you've sacrificed assessments for effect, which is fine. It's risk calculus. If I had a low amount of resources and I decided to put as much into the effect I've wanted, that's fine. But at the end of the day, you're looking for the real behavior change in the targeted audience that matters. What are the sensors you have on that and what are you doing to collect that data: public opinion, research surveys, building the networks. We're going to see this exacerbate further as the AI revolution continues at pace.
Kelly: How is technology impacting what you're trying to do, your mission, and then how are you also working with the private sector because the private sector is controlling so much of the technology and the innovation that the government needs to work with. So how are you doing that?
Chenoweth: One of the challenges I see emerging from AI is that there's sort of an assumption that AI will fix all your woes. I've seen the best tools out there do one thing: they model the data they have, and that's the core issue. We don't have the data. So again, I'm back to there's not a whole lot of new things under the sun. And the AI models are really good, and it can allow you to find new insights from the data that you have, but new data needs to be created. So, sacrificing collection methodologies and new approaches to gather the data at the foot of a model is terrible.
The AI snake oil salesman I would deal with in industry all the time would come in and say, ‘Oh, you're interested in that? I could absolutely model you the thing.’ Cool. How does that work? ‘Well, all you have to do is provide me the data and we'll put all this together and give you the insights.’ I'm like, whoa. We don't have the data either. No one has the data. That's kind of the problem. So, let's be honest about what we're doing.
AI is going to be a great boon for industry and for the government and everyone else under the sun. It's going to obviously have impact, but I think as that moves forward, we need to start looking at how we actually employ it. Building an agent or a token for every worker so that they're augmented by an AI that does the thing that they themselves may not be good at or saving them time is going to be amazing, but it needs to be undergirded by being able to detect what's actually happening out in the real world. And those two things are not necessarily - not interrelated. As I said, most things are kind of a whole cell that operate in one unit, and we can't necessarily bifurcate these things and then expect good outcomes.
Former Senior CIA Executive Dave Pitts wrote a three-part series exclusively for The Cipher Brief on what the U.S. can do to become more competitive in the Gray Zone. Subscriber+Members can read it here. Need access? We can help with that.
Kelly: So you have a mission that is difficult to measure, is hugely impactful, adversaries are using it as well against American citizens effectively, and in some cases, those adversaires are dedicating a lot more resources to this. If you could explaine to the average U.S. citizen how they might be targeted by cognitive operations that are conducted by U.S. adversaries, what would you tell them to look for?
Chenoweth: You need to be mindful of sources obviously. When I look at the construct of how we approach cognitive warfare, I think one of the biggest problems I've had for at least the last 10 years has been the construct of dis- and misinformation. My issue isn't the dis- and misinformation construct. It's the overuse of it.
Disinformation and misinformation are things. They have meaning. But they mean something that is true and people use it for things that are not true. For example, disinformation are lies. The person projecting the information knows it's a lie. They're doing it to accomplish an objective. The bigger problem of disinformation is misinformation. Those are people who are sharing those lies, not knowing they are lies, or taking things out of context like satire, et cetera, and propagating as if it were truth. Those are what those are.
But not everything we have to deal with falls into that construct. There are two other portions to this that we have to be mindful of.
One is missing information, which used to mean that the target audience wasn't informed enough to make a correct decision, favorable to them or anyone else. ‘It's a tragedy that your family member died and you should mourn their loss, but stop touching the body. That's how you're spreading Ebola’, right? Pretty straightforward, pretty simple.
Now that we're dealing with nation states with deep pockets, that's been flipped up on its head and they're practicing active missing information, where they will provide wire services into a country saying, ‘Congratulations, you can use our wire service for free and we'll provide you all the stuff, and that's your biggest cost except for labor. Isn't that wonderful? The catch is that you just have to use our wire service’.
If you think [contextual] stories are going to get into the press through those channels, good luck. This isn't happening in the third world. These are happening in major countries and places that would shock you.
Imagine something like, ‘If you run this story, all our connected businesses that are connected through us or other means are going to pull their advertising budget from you.’ So again, good luck talking about the story in your environment. No one's going to touch it. No influencer wants a piece of it because they're going to lose their incentive structure and their revenue stream. It's things like that.
On the other side of the coin, and the bigger problem, is the rhetoric information. These are the things that aren't necessarily true or false. They are framed by your value system, how you view things, what you think truth actually is.
There are people out there who will say, I think a communist socialist form of government that is highly authoritarian is more stable and therefore better than a liberal democracy. There are people who believe that, and just by saying, well, history would prove you otherwise, it's not a good enough argument. You need to engage with those people at a scale that matters and be prepared to win the argument.
We've seen this time again on the counter-terrorism front where we would shut down the comms of a nobody, and suddenly that person would come back with the reputation that was so valuable, and now they're a terrorist thought leader because the Western world thought that they were so dangerous they needed to be shut down instead of just accepting the fact, that maybe we should just engage with this guy because no one's ever heard of him and maybe we should just point out that he's a moron.
There are ways to deal with this, and just because we don't like something doesn't mean it's a lie to the person that's spreading it. They might believe it. Before we just title something disinformation and say, well, it's a lie and we can ignore it — that is not adequate in the modern era where everyone is connected because, again, this person has connective tissue to the internet. They have web platforms. They can be just as connected as a government if they should choose to be and if they have the popularity, because at its core, regardless of whether or not you're a government or a celebrity or anything else, you are fighting for attention.
Kelly: It’s sometimes difficult for busy Americans to navigate the information space today and know what to believe without inviting some serious time into the source. Do you look at part of your mission in this role as helping people understand more of the context they need in order to make good decisions?
Chenoweth: I've been more on the side dealing with foreign audiences. But even in that regard, I think that it really matters to ask what are the things that we know to be what we feel are objective truths and things that matter? Things that we want target audiences to know because we know it would be better for them and better for our objectives?
And then what are the things where we just want to make sure that if a debate needs to be had, we facilitate the debate so that the target audience, particularly with an American target audience - which again, it's not my forte, we don't do that in government or shouldn't — that needs to be facilitated by Americans pointing out to each other that we do need to have these debates and come to kind of consensus, understanding that there will be disagreements.
Kelly: Do you think your job is going to be even more important in the future or maybe less?
Chenoweth: I've never thought the job wasn't important. I think the thing I'm enjoying right now is that everyone's kind of getting their head around what this means. The overused expression that ‘We need to do some things on Facebook,’ when you would have policymakers say, ‘Well, I'm concerned that that would destroy Amazon and internet commerce’ and your head would explode as you're trying to explain, ‘That's just not how the internet works, man.’
We can be comfortable operating on these platforms and doing things that we need to do without destroying internet commerce or the internet. And now I think a lot of policy makers and industry are all connected. They're a lot more comfortable doing these things. Now is the time when we need to get to where the resources and the permissions really match the ability to get us where we need to be.
I've generally not found too many authority problems. I generally find permissions problems. I find that when it comes to authorities, you almost always find that every organization actually has a framework that allows them to do things. It's just that someone somewhere in the chain can say no and is all too comfortable saying no, because, particularly in the past administration, they were very comfortable at avoiding risk and not as comfortable at managing risk. And that is a dynamic that we have to change. The world is a risky place, and we need to be out there participating in it, throwing our elbows around and managing the risk, not avoiding it.
Kelly: How hard of a job is it to give the U.S. the cognitive advantage in today’s world?
Chenoweth: It's hard, tremendously hard because you're talking about changing culture. I don't think the activity itself and the policy and the things that can be done are hard. I think the hard part will be changing the culture and changing people's mindsets.
We've talked about the fact that there used to be three domains: physical domain, information domain and cognitive domain. We have to explore the information domain and actually call it what it is. There is the physical domain, the geophysical domain. But I like the ‘kill web’ approach. A good kill web will constitute a kill chain that is disrupted, and we have to get out of just a kill chain. We need to get into a kill web mentality when it comes to cognitive effects.
Kelly: Explain what you mean by a “kill web”?
Chenoweth: You have your geophysical world where things exist in the real world, the place where we all live. When it comes to the information domain, though, it used to consolidate a bunch of things.
The reality is that when we break that down into a kill web, you're looking from your physical domain up to your logic layer. The internet is not some amorphous cloud that wanders around. It's composed of a system of systems that live in the real world. It's data centers, servers, modems, et cetera. Where does that infrastructure actually exist? Sometimes the files are in the computer. So, we need to be mindful of where does that work? How does the internet, how do these structures work, the mobile networks, et cetera.
From there, it then creates the digital layer, where all the trons are that exist. You can have effects, that's where your real cyberspace comes into play. That's how the mobile devices work, but that is just data.
Then it goes up to the persona entity level. These are the real human beings, sometimes fake human beings, they're personas, organizations but entities that potentially could be targeted or addressed or engaged, et cetera.
And then there's the cognitive space. The trick in the cognitive space is what happens in the mind. And that mind is influenced by the sensing that goes up through that chain when they process it. You're able to interdict on its way up or influence, and you're able to influence on the way down when a decision is made.
For example, when something happens in the real world, it's communicated to a decision maker, but it's going to go through the logic layer transmitted through sensors, computers, emails, phones, et cetera, to people and entities who are going to process it themselves, communicate it to a decision maker who's going to make a decision based off that information, or an individual or a bunch of individuals.
They're all going to make decisions on how to react to that or not react to that. And that's going to go back down to the physical world when they say, ‘I don't really like what is happening’, or maybe ‘I do like what's happening. Let's do the thing’. They're going to communicate that down to ‘Yes, launch the missiles’, or ‘Let's have a protest’. So, you can affect the chain up. You can affect the chain down, but that's how it works.
We as the United States have a pipe that exists inside that kill web structure - so does everyone else. And it doesn't matter if you're a nation state or a family or an individual. You have your sensing sources.
As I mentioned earlier, the direct conversations between people in the real world - even now, you and I are communicating completely over that entire structure - and that structure could be affected on the way up as we're communicating to when this is finally produced and goes back out to the real world where suddenly I have AI effects on me and I'm saying things I never meant to say, but the rest of the world's now interpreting that.
I didn't say that, that wasn't my cognitive decision, but you intercepted on the way down and now you would inadvertently affect everyone else's cognitive approach to what I'm communicating.
Kelly: What does the future from a technology and AI standpoint really look like?
Chenoweth: It's having fundamental changes. It's going to be interesting to see what happens in the entertainment industry as AI takes over and suddenly people can have more access. We've seen how the music industry went through huge change just on streaming music. We're about to witness what this is going to look like from our more traditional platforms. We've seen how things move from streaming. I think there is a level of adaptation that's going to go with that.
One of the things that needs to be addressed is how exactly we're going to engage. There is a point where we need to be comfortable with giving sort of guidance to the AIs - human in the loop - but if you think that you're going to be able to review every single message that needs to go out in an AI-driven world, you're out of your mind.
So, you need to be able to be comfortable generating for your target audience profiles and give sort of thematic guidance and let the AI do some level of engagements against foreign audiences to steer conversations in a particular direction, or at least identify where a conversation might be going so you can intervene when it looks like decisions are being made in a bad way, and then find out if that is an open and honest cultural nuance thing where it is about engagement or if it's being steered by your opponent.
I think that we are not far, and we're probably already in a game, where there are AIs versus AIs as we speak in the information environment.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
OPINION -- China was very critical of the capture of Venezuelan President Nicolas Maduro last week. The spokesperson for the Ministry of Foreign Affairs said the U.S. action was “blatant interference” in Venezuela and a violation of international law.
Mr. Maduro was accused of working with Columbian guerrilla groups to traffic cocaine into the U.S. as part of a “narco-terrorism” conspiracy. Of all countries, China should appreciate the need to stop Mr. Maduro from smuggling these illicit drugs into the U.S., killing tens of thousands of Americans. China experienced this in the Opium War of 1839-1842, when Great Britain forced opium on China, despite government protestations, resulting in the humiliating Treaty of Nanjing, ceding Hong Kong to Great Britain. Mr. Maduro was violating U.S. laws, in a conspiracy to aid enemies and kill innocent Americans. Fortunately, the U.S. had the political will, and military might, to quickly and effectively put an end to this assault. China should understand this and withhold criticism, despite their close relationship with Mr. Maduro and Venezuela.
The scheduled April meeting of presidents Donald Trump and Xi Jinping will hopefully ease tension related to the South China Sea and Taiwan. The meeting will also offer an opportunity of the two presidents to elaborate on those transnational issues that the U.S. and China can work together on, for the common good.
The National Security Strategy of 2025 states that deterring a conflict over Taiwan is a priority and does not support any unilateral change to the status quo in the Taiwan Strait. It also states that one-third of global shipping passes annually through the South China Sea and its implications for the U.S. economy are obvious.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
The April meeting will permit Messrs. Trump and Xi to candidly discuss the South China Sea and Taiwan and ensure that there are guardrails to prevent conflict. Quiet and effective diplomacy is needed to address these issues, and the Trump – Xi meeting could establish the working groups and processes necessary to ensure the U.S. and China do not stumble into conflict.
Also important are the transnational issues that require the attention of the U.S. and China. This shouldn’t be too difficult, given the history of cooperation between the U.S. and China, primarily in the 1980s and 1990s.
Indeed, it was China’s Chairman Deng Xiaoping who approved cooperation with the U.S. on the collection and sharing of intelligence on the Soviet Union.
China opposed the December 1979 Soviet Union invasion of Afghanistan and worked with the U.S. to provide weapons and supplies to the resistance forces in Afghanistan – who eventually prevailed, with the Soviet Union admitting defeat and pulling out of Afghanistan in 1989. The war in Afghanistan cost the Soviet Union immense resources, lives and prestige, weakening the Soviet Union and contributing to its later dissolution.
After the 1979 normalization of relations, the U.S. and China cooperated on a few transnational issues: nuclear nonproliferation; counternarcotics, focusing on Southeast Asia’s Golden Triangle and the heroin from Burma going into China and the U.S.; counterterrorism and the sharing of intelligence on extremist networks.
In 2002, Secretary of State Colin Powell asked China to assist with the denuclearization of North Korea. The following year, China hosted the Six-Party Talks on North Korea’s nuclear program and actively assisted convincing North Korea, in the Joint Statement of September 19, 2005, to commit to complete and verifiable dismantlement of all nuclear weapons and nuclear weapons programs.
China also cooperated with the U.S. on public health issues, like SARS and the avian flu.
Cooperation on these transnational issues was issue-specific, pragmatic, and often insulated from political tensions. Indeed, even during periods of rivalry, functional cooperation persisted when interests overlapped.
Opportunities to Further Enhance Bilateral Cooperation for the Common Good
Although U.S. – China cooperation on counternarcotics is ongoing, specifically regarding the fentanyl crisis, trafficking in cocaine, heroin and methamphetamines also requires close attention. More can be done to enhance bilateral efforts on nuclear nonproliferation, starting with China agreeing to have a dialogue with the U.S. on China’s ambitious nuclear program. Extremist militant groups like ISIS continue to be active, thus requiring better cooperation on counterterrorism. Covid-19 was a wakeup call: there needs to be meaningful cooperation on pandemics. And ensuring that the space domain is used only for peaceful purposes must be a priority, while also ensuring that there are acceptable guidelines for the lawful and moral use of Artificial Intelligence.
U.S. – China cooperation today is more about preventing a catastrophe. The Belgrade Embassy bombing in 1999, when the U.S. accidentally bombed China’s embassy in Belgrade, killing three Chinese officials and the EP-3 incident of 2001, when a Chinese jet crashed into a U.S. reconnaissance plane, killing the Chinese pilot, and China detaining the U.S. crew in Hainan Island are two examples of incidents that could have spiraled out of control. Chinas initially refused to take the telephone calls from Presidents Bill Clinton and George W. Bush, both hoping to deescalate these tense developments.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
Thus, crisis management and military de-confliction should be high on the list of subjects to be discussed, with a robust discussion of nuclear risk reduction. Stability in Northeast Asia and a nuclear North Korea, aligned with Russia and viewing the U.S. and South Korea as the enemies, should also be discussed, as well as nuclear nonproliferation.
The April summit between Messrs. Trump and Xi will be an opportunity to candidly discuss Taiwan and the South China Sea, to ensure we do not stumble into conflict.
The summit is also an opportunity to message to the world that the U.S. and China are working on a myriad of transnational issues for the common good of all countries.
The author is the former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication or information or endorsement of the author’s views.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
OPINION — U.S. defense planning rests on the assumption that wars are fought abroad, by expeditionary forces, against defined adversaries. For decades, those assumptions held. But today, many of the most consequential security challenges facing the United States violate all three. They occur closer to home, below the threshold of armed conflict, and in domains where sovereignty is enforced incrementally.
The shift has exposed a chronic mismatch between how the United States defines its defense priorities and how it allocates resources and respect. While defense discourse continues to stubbornly emphasize power projection and high-end conflict, many of today’s challenges revolve around the more modest and rote enforcement of U.S. territorial integrity and national sovereignty—functions that are vital to U.S. strategic objectives yet lack the optical prestige of winning wars abroad.
Sitting at the center of this gap between prestige and need is the U.S. Coast Guard, whose mission profile aligns directly with America’s most important strategic objectives—the enforcement of sovereignty and homeland defense—yet remains strategically undervalued because its work rarely resembles the celebrated and well-funded styles of conventional warfighting. In an era of increased gray-zone competition and persistent coercion, the failure to properly appreciate the Coast Guard threatens real strategic fallout.
In the third decade of the 21st century, U.S. defense planning remains heavily oriented toward expeditionary warfighting and high-end kinetic conflict. Budget conversations still revolve around Ford-class supercarriers, F-35 fighters, and A2/AD penetration. This orientation shapes not only force design and budget allocations, but also institutional prestige and political capital. The services associated with visible combat power, with the Ford-class and the F-35, continue to dominate strategic discourse—even as many of the most persistent security challenges confronting the United States unfold close to home, in the gray-zone, without the need for fifth-generation air power or heavy armor.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
At the most basic level, any nation’s military exists primarily to defend territorial integrity, enforce sovereignty, and protect the homeland. Power projection, forward presence, and deterrence abroad are important—but they are secondary functions derived from the primary purpose of homeland defense. Yet U.S. defense discourse often treats homeland defense as a background condition when it should be revered as the first priority. The result is a blind spot in how security resources are evaluated and allocated.
The Coast Guard operates at a unique point where law enforcement, military authority, and sovereign enforcement all converge. On any given day, the Coast Guard may board foreign-flagged vessels suspected of sanctions violations, police maritime borders against illicit trafficking, secure ports that underpin global supply chains, and maintain a persistent presence in contested spaces, like the Arctic, without inviting escalation. The Coast Guard is equipped to intercept illegal fishing fleets, escort commercial shipping through sensitive waterways, and assert jurisdiction in legally ambiguous areas. These activities rarely resemble traditional warfighting, they rarely result in a Hollywood blockbuster, and they can be accomplished without nuclear-powered submarines or intercontinental ballistic missiles. But these are not peripheral activities—they are arguably amongst the most important daily functions the U.S. military undertakes.
Distinct among the military branches, the Coast Guard operates under a legal framework that is uniquely suited to today’s security environment. Under Title 14 status, the Coast Guard falls within the Department of Homeland Security, conducting law enforcement and regulatory missions on a daily basis. Yet, when needed, the service can transition to Title 10 status, under the Department of Defense, and operate as an armed service when required. This agility allows the Coast Guard to remain continuously engaged across the spectrum of competition, whether enforcing U.S. law in peacetime, managing escalation in gray-zone encounters, or integrating seamlessly into military operations. Few other elements of U.S. power can move so fluidly between legal regimes.
Still, despite such strategic relevance, the Coast Guard suffers from a persistent optical problem. U.S. defense culture has long privileged services and missions associated with visible, kinetic combat—those that lend themselves to clear narratives of victory, sacrifice, and heroism. The Coast Guard’s work rarely fits that cinematic mold. Its success is measured not in territory seized or targets destroyed, but in disruptions prevented, borders enforced, and crises that never materialize. Inherently quiet work with outcomes that reflect a force operating exactly as designed, although without generating institutional prestige or political support. In a system that rewards the loudest and the brightest, the Coast Guard’s quiet enforcement of sovereignty is easy to overlook.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
Continuing to overlook the value of the Coast Guard carries strategic consequences. Specifically, persistent underinvestment in the Coast Guard weakens maritime domain awareness, reduces sustained presence in key waterways, and narrows the set of tools available to manage gray-zone competition. As adversaries increasingly rely on legal ambiguity, deniable actors, and incremental pressure to test U.S. resolve, gaps in enforcement become opportunities. In this environment, the absence of credible, continuous sovereignty enforcement invites probing behavior that becomes harder to deter over time.
Advocacy for the Coast Guard does not require reassigning prestige, or elevating one service at the expense of others. It is merely an argument for strategic alignment. If territorial integrity, sovereignty enforcement, and homeland defense are truly core national-security priorities, then the institutions most directly responsible for those missions should be treated accordingly. As competition increasingly unfolds in the gray-zone between peace and war, the United States will need forces designed not only to win conflicts—but to prevent them from starting in the first place.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
“I would never wish death upon anyone, but I have read some obituaries with great satisfaction.” - Winston Churchill
OPINION -- I associate myself with at least the latter part of that quote from Winston Churchill with regard to Aldrich Ames. To my knowledge, I met Ames on only one occasion. It was during a cocktail party in 1989 or 1990 when he oversaw the CIA operations group responsible for what was then Czechoslovakia. I have no clear recollection of that event, but I was later told that fellow traitor Robert Hanssen was also in attendance. If so, to paraphrase Shakespeare: ‘Hell was empty and the devils were there’.
While I can recall little about meeting Ames at that party, my colleagues and I lived – and still live – with the consequences of his betrayal. The loss of an agent is a very personal thing for those responsible for securely handling him or her. I saw that impact up close early on in my career.
Toward the end of my training as an operations officer in late 1982, I was summoned to the office of the then-chief of Soviet Division (SE). In that era, a summons to a meeting with any Division Chief - much less the head of what was then the most secretive operational component – could be unnerving for any junior officer. The initial moments of my appointment with then-C/SE, Dave Forden, were appropriately unsettling. He began by asking me whether I had stolen anything lately. Having never purloined anything ever, I was taken aback. After I answered no, he asked if I could pass a polygraph exam. Again surprised, I responded that I could the last time I took one. ‘Good’, Forden said, ‘you are coming to SE to replace Ed Howard in Moscow’. Howard, whom I had met during training, had been fired from CIA for a variety of offenses. He later defected to the USSR, betraying his knowledge of CIA operations and personnel to the KGB.
After completing training, I reported to SE Division. Shortly thereafter, I was told I would not be going to Moscow after all. Instead, I was informed, I would be going to Prague. Initially, I was a bit disappointed not to have a chance to test my skills against our principal adversary. In hindsight, however, that change in plan was fortuitous. While I could not know it at the time, my SE colleagues who went to Moscow would be there during the grim mid-1980’s period in which our agents were being rolled-up by the KGB. Many CIA officers involved with those cases would have to live for years thereafter wondering what had happened to their agents and whether anything they had done had contributed to their arrests and executions. My colleagues’ ordeals would only end with the revelation that one of our own was a spy.
But Ames was more than a spy. He was a killer. His career floundering and burdened by growing debt, Ames decided to solve his money problems by selling the identities of several low-level CIA agents to the KGB. Consequently, on April 16, 1985 he walked into the Soviet Embassy and passed on the following note: "I am Aldrich H. Ames and my job is branch chief of Soviet (CI) at the CIA. […] I need $50,000 and in exchange for the money, here is information about three agents we are developing in the Soviet Union right now.” He attached a page from SE Division's phone list, with his name underlined, to prove he was genuine. Within weeks, fearful that Soviet spy John Walker had been fingered by a CIA agent within the KGB, and worried that he might likewise be exposed, Ames decided to comprise all of the CIA and FBI Soviet sources he knew of. “My scam,” he later said, “was supposed to be a one-time hit. I was just going to get the fifty thousand dollars and be done with it, but now I started to panic.”
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Accordingly, on June 13, 1985, Ames passed the Soviets what he called “the Big Dump.” That tranche of documents contained the identities of at least 11 CIA agents. Brave men who had risked all in deciding to serve freedom’s cause, many of them would be arrested, interrogated and ultimately executed.
Ames’s rationalization of this act says everything about the kind of man he was. “All of the people whose names were on my list knew the risks they were taking when they began spying for the CIA and FBI,” he said, before adding that, "They knew they were risking prison or death.”
He would repeatedly seek to justify his actions by claiming that his espionage for the USSR was morally equivalent to what Western services had long done against their adversaries. Oleg Gordievsky, a British spy within the KGB and one of the few agents betrayed by Ames who escaped, rightly rejected any such equivalency. "I knew,” he said, that “the people I identified would be arrested and put in prison. Ames knew the people he identified would be arrested and shot. That is one of the differences between us.”
Sentenced to prison, Ames would spend almost 32 years of his life behind bars. I like to think that punishment was worse than death. One hopes he whiled away hours in his cell thinking of what he’d done and the lives he took. He expressed contrition during the plea bargain and sentencing process to ensure leniency for his wife, Rosario, saying, for example, that, "No punishment by this court can balance or ease the profound shame and guilt I bear."
But I very much doubt the sincerity of such statements because he showed no signs of having a troubled conscience thereafter. Instead, in statements while incarcerated, Ames was at pains to give his actions a veneer of ideological justification. "I had,” he said, “come to believe that the espionage business, as carried out by the CIA and a few other American agencies, was and is a self-serving sham, carried out by careerist bureaucrats who have managed to deceive several generations of American policy makers and the public about both the necessity and the value of their work.”
“There is an actuarial certainty that there are other spies in U.S. national security agencies and there always will be.” That statement by former CIA Chief of Counterintelligence Paul Redmond in the wake of the Ames and Hanssen cases reflects a grim reality of the intelligence profession.
Nonetheless, when I joined CIA, it was accepted wisdom that the Agency had never had, and could never have, a spy in its ranks. With the benefit of hindsight, it is hard to understand how such a naïve conviction could have taken hold given the repeated penetration of our predecessor organization, the Office of Strategic Services (OSS), and our British counterparts by Soviet intelligence. “There will,” as CIA Chief of CI James J. Angleton said, “always be penetrations…it is a way of life. It should never be thought of as an aberration. Anyone who gets flustered is in the wrong business.”
Perhaps the downplaying of such a possibility was a natural reaction to the overreach of Angleton himself with his ‘HONETOL’ spy hunts which hindered the Agency’s ability to mount operations against the Soviets for years at the height of the Cold War. It was certainly a reflection of institutional arrogance.
Whatever the reason, the idea that a foreign intelligence service could recruit a serving CIA officer as a spy was inconceivable to many. That mindset makes the accomplishment of Redmond and the Agency team led by Jeanne Vertefeuille, concluding that reporting from a Soviet mole – ultimately determined to be CIA officer Aldrich Ames – was the cause of the losses, all the more remarkable.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
The years-long hunt for the agent the KGB called “KOLOKOL” (‘Bell’) ended on February 21, 1994 with the arrest of Ames by the FBI. The assessment of the damage that Ames had inflicted on U.S. national security in exchange for some $2.5 million from Moscow was, not surprisingly, extensive. Even in the analogue era, he was able to pass along voluminous documentary and oral reporting to Moscow. This included reporting on his own debriefing of Vitaliy Yurchenko, who defected briefly to U.S. before returning to the USSR.
But it was the review of Ames’s role in compromising our courageous agents that struck home with us. Their sacrifice is commemorated by the CIA ‘Fallen Agent Memorial’ and other memorials within Agency spaces. And one hopes that someday the Russian people, too, will come to realize that Military/Technical researcherAdolf G. Tolkachev (GTVANQUISH); KGB Line PR officer Vladimir M. Piguzov (GTJOGGER); KGB Line PR officer Leonid G. Poleschuk (GTWEIGH); GRU officer Vladimir M. Vasilyev (GTACCORD); GRU officer Gennadiy A. Smetanin (GTMILLION); KGB Line X officer Valeriy F. Martynov (GTGENTILE); KGB Active Measures specialist Sergey M. Motorin (GTGAUZE); KGB Illegals Support officer Gennadiy G. Varenik (GTFITNESS); KGB Second Chief Directorate officer Sergey Vorontsov (GTCOWL); and the highest-ranking spy run by the U.S. against the USSR; GRU General Dmitry F. Polyakov (TOPHAT, BOURBON and ROAM); sacrificed everything for them and for their country.
“The life of the dead,” Marcus Tullius Cicero wrote, “is placed in the memory of the living.” For my part, I will remember Ames as the base traitor he was and the men he killed as the heroes they were.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
OPINION — The White House this past November issued a Presidential action statement designating certain Muslim Brotherhood “chapters” as terrorist organizations. On Tuesday, the U.S. State Department and U.S. Treasury Department announced the designations of the Lebanese, Jordanian, and Egyptian chapters of the Muslim Brotherhood as terrorist organizations. The Egyptian and Jordanian chapters received a Specially Designated Global Terrorist (SDGT) designation. The Lebanese chapter received both the SDGT designation and a Foreign Terrorist Organization (FTO) designation.
In the spring of 2019, Washington, responding to mounting pressure by Egyptian President Abdel Fattah al-Sisi, decided to brand the Egyptian Muslim Brotherhood (MB) a terrorist organization. There was no mention of “chapters” outside Egypt.
Having followed the MB and interviewed many of its members for years during my government service, I published an article in 2019 questioning the underlying assumptions of the plan. This article is a revised version of my 2019 piece.
I argued in the 2019 piece that the administration’s decision at the time did not reflect a deep knowledge of the origins of the Muslim Brotherhood and its connection to Muslim societies and political Islam.
In the fall of 2025, the leaders of the United Arab Republic, Jordan, Bahrain, and Lebanon pressured the administration to label the MB a terrorist group.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Context
The Egyptian Muslim Brotherhood was founded by schoolteacher Hassan al-Banna in 1928 in response to two fundamental realities: First, Egypt was under the influence of British colonialism embodied in the massive British military presence near the Suez Canal. Second, under the influence of the pro-Western corrupt monarchy lead first by King Fuad and later by his son King Faruk, the MB’s founder believed that Muslim Egypt was drifting away from Islam. Egypt of course is the home of Al-Azhar University, the oldest Muslim academic center of learning in the world.
In addition, Al-Azhar University represents the philosophical and theological thought of the three major Schools of Jurisprudence in Sunni Islam—the Hanafi, the Maliki, and the Shafi’i Schools. The fourth and smallest School of Jurisprudence—the Hanbali—is embodied in the Wahhabi-Salafi doctrine and is prevalent in Saudi Arabia.
Al-Banna’s two founding principles were: a) Islam is the solution to society’s ills (“Islam hua al-Hal”), and b) Islam is a combination of Faith (Din), Society (Dunya) and State (Dawla). He believed, correctly for the most part, that these principles, especially the three Arabic Ds, underpin all Sunni Muslim societies, other than perhaps the adherents of the Hanbali School.
In the past 98 years, the Muslim Brotherhood has undergone different reiterations from eschewing politics to accepting the authority of Muslim rulers to declaring war against some of them to participating in the political process through elections.
Certain MB thinkers and leaders over the past nine decades, including the Egyptian Sayyid Qutb, the Syrian Muhammad Surur, and the Palestinian Abdullah Azzam, adopted a radical violent view of Islamic jihad and either allied themselves with some Wahhabi clerics in Saudi Arabia or joined al-Qa’ida. The organization itself generally stayed away from violent jihad. Consequently, it would make sense to label certain leaders or certain actions as terrorist but not the entire group or the different Islamic political parties in several countries.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
In the early 1990s, the Egyptian MB rejected political violence and declared its support for peaceful gradual political change through elections, and in fact participated in several national elections. While Islamic Sunni parties in different countries adopted the basic theological organizing principles of the MB on the role of Islam in society, they were not “chapters” of the MB.
They are free standing Islamic political groups and movements, legally registered in their countries, which often focus on economic, health, and social issues of concern to their communities. They are not tied to the MB in command, control, or operations.
Examples of these Sunni Islamic political parties include the AKP in Turkey, the Islamic Action Front in Jordan, Justice and Development in Morocco, al-Nahda in Tunisia, the Islamic Constitutional Movement in Kuwait, the Islamic Movement (RA’AM) in Israel, PAS in Malaysia, PKS in Indonesia, the Islamic Party in Kenya, and the National Islamic Front in Sudan.
During my government career, my analysts and I spent years in conversations with representatives of these parties with an eye toward helping them moderate their political positions and encouraging them to enter the mainstream political process through elections. In fact, most of them did just that. They won some elections and lost others, and in the process, they were able to recruit thousands of young members.
Based on these conversations, we concluded that these groups were pragmatic, mainstream, and committed to the dictum that electoral politics was a process, and not “one man, one vote, one time.” Because they believed in the efficacy and value of gradual peaceful political change, they were able to convince their fellow Muslims that a winning strategy at the polls was to focus on bread-and-butter issues, including health, education, and welfare, that were of concern to their own societies. They projected to their members a moderate vision of Islam.
Labeling the Muslim Brotherhood and other mainstream Sunni Islamic political parties as terrorist organizations could radicalize some of the youth in these parties and opt out of electoral politics. Some of the party leaders would become reticent to engage with American diplomats, intelligence officers, and other officials at U.S. embassies.
Washington inadvertently would be sending a message to Muslim youth that the democratic process and peaceful participation in electoral politics are a sham, which could damage American national security and credibility in many Muslim countries.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
EXPERT PERSPECTIVE — Now comes the hard part in Venezuela. Dictator Nicolas Maduro and his wife are gone but the regime is still in power. Most Venezuelans, particularly in the diaspora, are pleased and relieved. Many are also apprehensive.
The Trump administration has decided to compel the cooperation of Maduro’s Vice President, Delcy Rodriguez, now interim president. It is not at all assured that she will be a reliable partner. The U.S. decision to work with those still in control was logical even if disappointing to some in the democratic opposition which, after all, won the presidential election overwhelmingly in late July of 2024. The opposition’s base of support dwarfs that of the regime but the military, intelligence services and police are all still loyal to the regime - at least for the time being. The Trump administration believes the cooperation of these elements of the regime will be necessary for the Trump administration to implement its plans for the country without further U.S. police and military actions on the ground.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
The Trump administration has said we will be taking over the oil sector and President Trump himself has announced his intention to persuade the U.S. private sector to return to Venezuela to rebuild the sector. Oil production in Venezuela has declined by two thirds since Hugo Chavez, Maduro’s predecessor, was elected in 1998. This unprecedented decline was due to incompetent management, undercapitalization and corruption. Had Chevron not opted to stay in the country under difficult circumstances, the production numbers would look even worse. Resurrecting the oil sector will take time, money and expertise. The return of the U.S. oil companies and the infusions of cash that will be required will only happen if an appropriate level of security can be established — and that will require the cooperation of the Venezuelan armed forces and police. Many senior leaders in those sectors are believed to have been deeply complicit in both the abuses and corruption of a government the United Nations said was plausibly responsible for “crimes against humanity.” Two of the regime figures most widely believed to have been, along with Maduro himself, the architects of the Bolivarian regime’s repressive governance are still in power, Minister of the Interior Diosdado Cabello and Minister of Defense General Vladimir Portino Lopez. They will need to be watched and not permitted to undermine U.S. efforts to rehabilitate the oil sector and orchestrate a return to legitimate, popularly supported and democratic government.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
There are several considerations that the U.S. will need to keep in mind going forward. First, more than 80 percent of Venezuelans now live below the poverty line. Their needs must be addressed . Even the shrinking number of Venezuelans who aligned with the regime are hoping to see their lives improve. Between 2013 and 2023, the country’s GDP contracted by around 70 percent, some believe it may have been as much as 75 percent. As most of Venezuela’s licit economy is essentially moribund and the U.S. will be controlling oil exports, the poor will naturally look to the United States for help. Heretofore, the regime employed food transfers to keep the populace in line. That role should move to the NGO community, the church or even elements of the democratic opposition.
Indeed, it will be important to secure the cooperation of the opposition, notwithstanding the Trump administrations to work with Delcy Rodriguez and company as the opposition represents the majority of Venezuelans inside the country as well as out. It will also be necessary to pay the military and it is not at all clear that the regime elements still in place will have the money to do so once oil receipts are being handled by the United States. If the U.S. is to avoid the mistakes that followed the fall of Saddam Hussein, attending to the needs of the populace and paying the rank and file of the military should be priorities.
The Trump administration should also move as quickly as the security situation permits to reopen the U.S. embassy in Caracas. There is reporting out of Colombia that the U.S. Charge in Bogota has already made a trip to Caracas to evaluate the situation. This is a good thing. There is no substitute for on-the-ground engagement and observation.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
Asked if there were any restraints on his global powers, [President Trump] answered: “Yeah, there is one thing. My own morality. My own mind. It’s the only thing that can stop me.”
“I don’t need international law."
EXPERT PERSPECTIVE — Nicholas Maduro’s fate seems sealed: he will stand trial for numerous violations of federal criminal long-arm statutes and very likely spend decades as an inmate in the Federal Bureau of Prisons.
How this U.S. military operation that resulted in his apprehension is legally characterized has and will continue to be a topic of debate and controversy. Central to this debate have been two critically significant international law issues. First, was the operation conducted to apprehend him a violation of the Charter of the United Nations? Second, did that operation trigger applicability of the law of armed conflict?
The Trump administration has invoked the memory of General Manuel Noriega’s apprehension following the 1989 U.S. invasion of Panama, Operation Just Cause, in support of its assertion that the raid into Venezuela must be understood as nothing more than a law enforcement operation. But this reflects an invalid conflation between a law enforcement objective with a law enforcement operation.
Suggesting Operation Just Cause supports the assertion that this raid was anything other than an international armed conflict reflects a patently false analogy. Nonetheless, if - contrary to the President’s dismissal of international law quoted above – international law still means something for the United States - what happened in Panama and to General Noriega after his capture does have precedential value, so long as it is properly understood.
Parallels with the Noriega case?
Maduro was taken into U.S. custody 36 years to the day after General Manuel Noriega was taken into U.S. custody in Panama. Like Maduro, Noriega was the de facto leader of his nation. Like Maduro, the U.S. did not consider him the legitimate leader of his country due to his actions that led to nullifying a resounding election defeat of his hand-picked presidential candidate by an opposition candidate (in Panama’s case, Guillermo Endara).
Like Maduro, Noriega was under federal criminal indictment for narco-trafficking offenses. Like Maduro, that indictment had been pending several years. Like Maduro, Noriega was the commander of his nation’s military forces (in his case, the Panamanian Defense Forces, or PDF).
Like Maduro, his apprehension was the outcome of a U.S. military attack. Like Maduro, once he was captured, he was immediately transferred to the custody of U.S. law enforcement personnel and transported to the United States for his first appearance as a criminal defendant. And now we know that Maduro, like Noriega, immediately demanded prisoner of war status and immediate repatriation.
It is therefore unsurprising that commentators – and government officials – immediately began to offer analogies between the two to help understand both the legal basis for the raid into Venezuela and how Maduro was captured will impact his criminal case. Like how the Panama Canal itself cut that country into two, it is almost as if these two categories of analogy can be cut into valid and invalid.
Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
False Analogy to Operation Just Cause
Almost immediately following the news of the raid, critics – including me – began to question how the U.S. action could be credibly justified under international law?
As two of the most respected experts on use of force law – Michael Schmitt and Ryan Goodman - explained, there did not seem to be any valid legal justification for this U.S. military attack against another sovereign nation, even conceding the ends were arguably laudable.
My expectation was that the Trump administration would extend its ‘drug boat campaign’ rationale to justify its projection of military force into Venezuela proper; that self-defense justified U.S. military action to apprehend the leader of an alleged drug cartel that the Secretary of State had designated a Foreign Terrorist Organization. While I shared the view of almost all experts who have condemned this theory of legality, it seemed to be the only plausible rationale the government might offer.
It appears I may have been wrong. While no official legal opinion is yet available, statements by the Secretary of State and other officials seem to point to a different rationale: that this was not an armed attack but was instead a law enforcement apprehension operation.
And, as could be expected, Operation Just Cause – the military assault on Panama that led to General Noriega’s apprehension – is cited as precedent in support of this assertion. This effort to justify the raid is, in my view, even more implausible than even the drug boat self-defense theory.
At its core, it conflates a law enforcement objective with a law enforcement operation. Yes, it does appear that the objective of the raid was to apprehend an indicted fugitive. But the objective – or motive – for an operation does not dictate its legal characterization.
In this case, a military attack was launched to achieve that objective. Indeed, when General Caine took the podium in Mara Lago to brief the world on the operation, he emphasized how U.S. ‘targeting’ complied with principles of the law of armed conflict. Targeting, diversionary attacks, and engagement of enemy personnel leading to substantial casualties are not aspects of a law enforcement operation even if there is a law enforcement objective.
Nor does the example of Panama support this effort at slight of hand. The United States never pretended that the invasion of Panama was anything other than an armed conflict. Nor was apprehension of General Noriega an asserted legal justification for the invasion. Instead, as noted in this Government Accounting Office report,
The Department of State provided essentially three legal bases for the US. military action in Panama: the United States had exercised its legitimate right of self-defense as defined in the UN and CM charters, the United States had the right to protect and defend the Panama Canal under the Panama Canal Treaty, and U.S. actions were taken with the consent of the legitimate government of Panama
The more complicated issue in Panama was the nature of the armed conflict, with the U.S. asserting that it was ‘non-international’ due to the invitation from Guillermo Endara who the U.S. arranged to be sworn in as President on a U.S. base in Panama immediately prior to the attack. But while apprehending Noriega was almost certainly an operational objective for Just Cause, that in no way influenced the legal characterization of the operation.
International law
The assertion that a law enforcement objective provided the international legal justification for the invasion is, as noted above, contradicted by post-invasion analysis. It is also contradicted by the fact that the United States had ample opportunity to conduct a military operation to capture General Noriega during the nearly two years between the unsealing of his indictment and the invasion. This included the opportunity to provide modest military support to two coup attempts that would have certainly sealed Noriega’s fate.
With approximately 15,000 U.S. forces stationed within a few miles of his Commandancia, and his other office located on Fort Amador – a base shared with U.S. forces – had arrest been the primary U.S. objective it would have almost certainly happened much sooner and without a full scale invasion.
That invasion was justified to protect the approximate 30,000 U.S. nationals living in Panama. The interpretation of the international legal justification of self-defense to protect nationals from imminent deadly threats was consistent with longstanding U.S. practice.
Normally this would be effectuated by conducting a non-combatant evacuation operation. But evacuating such a substantial population of U.S. nationals was never a feasible option and assembling so many people in evacuation points – assuming they could get there safely – would have just facilitated PDF violence against them.
No analogous justification supported the raid into Venezuela. Criminal drug traffickers deserve no sympathy, and the harmful impact of illegal narcotics should not be diminished.
But President Bush confronted incidents of violence against U.S. nationals that appeared to be escalating rapidly and deviated from the norm of relatively non-violent harassment that had been ongoing for almost two years (I was one of the victims of that harassment, spending a long boring day in a Panamanian jail cell for the offense of wearing my uniform on my drive from Panama City to work).
With PDF infantry barracks literally a golf fairway across from U.S. family housing, it was reasonable to conclude the PDF needed to be neutered. Yet even this asserted legal basis for the invasion was widely condemned as invalid.
Noriega was ultimately apprehended and brought to justice. But that objective was never asserted as the principal legal basis for the invasion. Nor did it need to be. Operation Just Cause was, in my opinion (which concededly is influenced from my experience living in Panama for 3.5 years leading up to the invasion) a valid exercise of the inherent right of self-defense (also bolstered by the Canal Treaty right to defend the function of the Canal).
Nor was the peripheral law enforcement objective conflated with the nature of the operation. Operation Just Cause, like the raid into Venezuela, was an armed conflict. And, like the capture of Maduro, that leads to a valid aspect of analogy: Maduro’s status.
Like Noriega, at his initial appearance in federal court Maduro asserted his is a prisoner of war. And for good reason: the U.S. raid was an international armed conflict bringing into force the Third Geneva Convention, and Maduro by Venezuelan law was the military commander of their armed forces.
The U.S. government’s position on this assertion has not been fully revealed (or perhaps even formulated). But the persistent emphasis that the raid was a law enforcement operation that was merely facilitated by military action seems to be pointing towards a rejection. As in the case of General Noriega, this is both invalid and unnecessary: what matters is not what the government calls the operation, but the objective facts related to the raid.
Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? If not, you're missing out on insights so good they should require a security clearance.
Existence of an armed conflict
Almost immediately following news of the raid, the Trump administration asserted it was not a military operation, but instead a law enforcement operation supported by military action. This was the central premise of the statement made at the Security Council by Mike Waltz, the U.S. Ambassador to the United Nations. Notably, Ambassador Waltz stated that, “As Secretary Rubio has said, there is no war against Venezuela or its people. We are not occupying a country. This was a law enforcement operation in furtherance of lawful indictments that have existed for decades.”
This characterization appears to be intended to disavow any assertion the operation qualified as an armed conflict within the meaning of common Article 2 of the four Geneva Conventions of 1949. That article indicates that the Conventions (and by extension the law of armed conflict generally) comes into force whenever there is an armed conflict between High Contracting Parties – which today means between any two sovereign states as these treaties have been universally adopted. It is beyond dispute that this article was intended to ensure application of the law of armed conflict would be dictated by the de facto existence of armed conflict, and not limited to de jure situations of war.
This pragmatic fact-based trigger for the law’s applicability was perhaps the most significant development of the law when the Conventions were revised between 1947 and 1949. It was intended to prevent states from disavowing applicability of the law through rhetorical ‘law-avoidance’ characterizations of such armed conflicts. While originally only impacting applicability of the four Conventions, this ‘law trigger’ evolved into a bedrock principle of international law: the law of armed conflict applies to any international armed conflict, meaning any dispute between states resulting in hostilities between armed forces, irrespective of how a state characterizes the situation.
By any objective assessment, the hostilities that occurred between U.S. and Venezuelan armed forces earlier this week qualified as an international armed conflict. Unfortunately, the U.S. position appears to be conflating a law enforcement objective with the assessment of armed conflict. And, ironically, this conflation appears to be premised on a prior armed conflict that doesn’t support the law enforcement operation assertion, but actually contradicts it: Operation Just Cause.
Judge Advocates have been taught for decades that the existence of an armed conflict is based on an objective assessment of facts; that the term was deliberately adopted to ensure the de facto situation dictated applicability of the law of armed conflict and to prevent what might best be understood as ‘creative obligation avoidance’ by using characterizations that are inconsistent with objective facts.
And when those objective facts indicate hostilities between the armed forces of two states, the armed conflict in international in nature, no matter how brief the engagement. This is all summarized in paragraph 3.4.2 of The Department of Defense Law of War Manual, which provides:
Act-Based Test for Applying Jus in Bello Rules. Jus in bello rules apply when parties are actually conducting hostilities, even if the war is not declared or if the state of war is not recognized by them. The de facto existence of an armed conflict is sufficient to trigger obligations for the conduct of hostilities. The United States has interpreted “armed conflict” in Common Article 2 of the 1949 Geneva Conventions to include “any situation in which there is hostile action between the armed forces of two parties, regardless of the duration, intensity or scope of the fighting.”
No matter what the objective of the Venezuelan raid may have been, there undeniable indication that the situation involved, “hostile action between” U.S. and Venezuelan armed forces.
This was an international armed conflict within the meaning of Common Article 2 of the four Geneva Conventions of 1949 – the definitive test for assessing when the law of armed conflict comes into force. To paraphrase Judge Hoeveler, ‘[H]owever the government wishes to label it, what occurred in [Venezuela] was clearly an "armed conflict" within the meaning of Article 2. Armed troops intervened in a conflict between two parties to the treaty.’ Labels are not controlling, facts are. We can say the sun is the moon, but it doesn’t make it so.
Prisoner of war status
So, like General Noriega, Maduro seems to have a valid claim to prisoner of war status (Venezuelan law designated him as the military commander of their armed forces authorizing him to wear the rank of a five-star general). And like the court that presided over Noriega’s case, the court presiding over Maduro’s case qualifies as a ‘competent tribunal’ within the meaning of Article 5 of the Third Convention to make that determination.
But will it really matter? The answer will be the same as it was for Noriega: not that much. Most notably, it will have no impact on the two most significant issues related to his apprehension: first, whether he is entitled to immediate repatriation because hostilities between the U.S. and Venezuela have apparently ended, and 2. Whether he is immune from prosecution for his pre-conflict alleged criminal misconduct.
Article 118 of the Third Convention indicates that, “Prisoners of war shall be released and repatriated without delay after the cessation of active hostilities.” However, this repatriation obligation is qualified. Article 85 specifically acknowledges that, “[P]risoners of war prosecuted under the laws of the Detaining Power for acts committed prior to capture . . .”
Article 119 provides, “Prisoners of war against whom criminal proceedings for an indictable offence are pending may be detained until the end of such proceedings, and, if necessary, until the completion of the punishment. The same shall apply to prisoners of war already convicted for an indictable offence.”
This means that like General Noriega, extending prisoner of war status to Maduro will in no way impede the authority of the United States to prosecute him for his pre-conflict indicted offenses. Nor would it invalidate the jurisdiction of a federal civilian court, as Article 84 also provides that,
A prisoner of war shall be tried only by a military court, unless the existing laws of the Detaining Power expressly permit the civil courts to try a member of the armed forces of the Detaining Power in respect of the particular offence alleged to have been committed by the prisoner of war.” As in General Noriega’s case, because U.S. service-members would be subject to federal civilian jurisdiction for the same offenses, Maduro is also subject to that jurisdiction.
This would obviously be different if he were charged with offenses arising out of the brief hostilities the night of the raid, in which case his status would justify a claim of combatant immunity, a customary international law concept that protects privileged belligerents from being subjected to criminal prosecution by a detaining power for lawful conduct related to the armed conflict (and implicitly implemented by Article 87 of the Third Convention). But there is no such relationship between the indicted offenses and the hostilities that resulted in Maduro’s capture.
Prisoner of war status will require extending certain rights and privileges to Maduro during his trial and, assuming his is convicted, during his incarceration. Notice to a Protecting Power, ensuring certain procedural rights, access to the International Committee of the Red Cross during incarceration, access to care packages, access to communications, and perhaps most notably segregation from the general inmate population.
Perhaps he will end up in the same facility where the government incarcerated Noriega, something I saw first-hand when I visited him in 2004. A separate building in the federal prison outside Miami was converted as his private prison; his uniform – from an Army no longer in existence – hung on the wall; the logbook showed family and ICRC visits.
Concluding thoughts
The government should learn a lesson from Noriega’s experience: concede the existence of an international armed conflict resulted in Maduro’s capture and no resist a claim of prisoner of war status. There is little reason to resist this seemingly obvious consequence of the operation.
Persisting in the assertion that the conflation of a law enforcement objective with a law enforcement operation as a way of denying the obvious – that this was an international armed conflict – jeopardizes U.S. personnel who in the future might face the unfortunate reality of being captured in a raid like this.
Indeed, it is not hard to imagine how aggressively the U.S. would be insisting on prisoner of war status had any of the intrepid forces who executed this mission been captured by Venezuela.
There is just no credible reason why aversion to acknowledging this reality should increase the risk that some unfortunate day in the future it is one of our own who is subjected to a ‘perp walk’ as a criminal by a detaining power that is emboldened to deny the protection of the Third Convention.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
THE WEEKEND INTERVIEW —As Venezuela faces a moment of profound uncertainty following a dramatic U.S. operation that removed longtime strongman Nicolás Maduro from power, policymakers and intelligence professionals are grappling with what comes next for a country long plagued by authoritarian rule, with Washington signaling an unprecedented level of involvement in shaping Venezuela’s political future.
To help unpack what's ahead, Cipher Brief CEO Suzanne Kelly spoke with former CIA Senior Executive David Fitzgerald, a veteran intelligence officer whose career spans decades of operational, leadership, and policy roles across Latin America. Drawing on firsthand experience as a former Chief of Station and senior headquarters official overseeing the region, Fitzgerald offers a sobering assessment of Venezuela’s challenges, from rebuilding its institutions and oil sector to managing internal security threats while navigating the competing interests of China, Russia, Cuba, and Iran. The conversation has been lightly edited for length and clarity.
A 37-yr. CIA veteran, David Fitgerald retired in 2021 as Chief of Station in a Middle Eastern country, which hosted CIA’s largest field station. As a seven-time Chief of Station, Fitzgerald served in numerous conflict zones to include Africa, Latin America, the Middle East and South Asia. He also held senior HQS positions that included Latin America Chief of Operations and Latin America Deputy Division Chief. He also served as the senior DCIA representative at U.S. Military’s Central Command from 2017-2020, where he participated in several tier 1 operations as the intelligence advisor to the commander.
The Cipher Brief: How are you looking at Venezuela at this moment through a national security lens? What do you see as the next real challenge the U.S. is likely to face there?
Fitzgerald: As President Trump has said, the U.S. intends to run Venezuela. I'm still waiting for how the U.S. government intends to define 'running Venezuela'. I'm going to assume, and I hate to assume, but I'll assume that the goal will be to work closely with the current Venezuelan government to transition to a democracy and allow elections, something like that. So that will just be my assumption in lieu of any comments or any guidelines coming out of the White House.
The Cipher Brief: You understand the history, the politics, the culture of Venezuela better than most Americans. Where do you think some of the bumps in the road will come as the U.S. tries to figure out and define, as you put it, what running Venezuela really means?
Fitzgerald: It's a very diverse country. It's an incredibly rich resource country. People talk about the oil and the petroleum, but it's not only that. It could be one of the largest gold producers in the world. It's amazing the amount of natural resources that Venezuela has, yet 25 years after President Chávez was elected as president, it's one of the poorest countries in Latin America.
I think one of the hurdles that they're going to have is the brain drain. You don't have a strong cadre. A great example is Pedevesa, [Petróleos de Venezuela],the state run oil company. Back in the 90's, Pedevesa was considered one of the most efficient and best run oil companies in the world. Compared to even the private companies, it was a machine because they owned everything from downstream to upstream. They owned the drilling, they owned the pipelines, they owned the refineries, they owned the oil tankers, they owned the refineries in the U.S., they owned the distribution through their Citco company here. It was just an amazing company, and it was always held up as a model for state run companies. Of course, with the election of President Hugo Chávez, and then in 2002, the general strike when he just fired all of the Pedevesa members - even today, if you look around at the Chevrons, Exxons, the BPs, you'll find a large amount of former Pedevesa employees because they all migrated to the private petroleum companies because they were that good.
So, one of the biggest challenges is that Venezuela's going to need the financial means to really rebuild itself. I was last in Venezuela in 2013, and I'd been there in the early '90s, and it looked exactly the same. The infrastructure was terrible. Nothing had been modernized or built. So instead, what the Maduro and the Chavez government had done, was basically used Pedevesa as their cash cow to really distribute that money to themselves, steal the money, or distribute it to their followers. There was no effort to modernize the infrastructure or to do the necessary maintenance in the oil fields. That's why I think they're producing maybe 10% to 15% of the amount of oil they were at their peak.
So for me, that's really the key. How do you get Pedevesa up and running so it becomes a profitable company again that can actually provide the necessary resources for the country to rebuild itself?
Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
The Cipher Brief: If you were looking into your crystal ball, and you had to guess, will there be enough political stability with the U.S. involvement to be able to allow for this infrastructure to be rebuilt? How difficult is that political component going to be?
Fitzgerald: I think it's twofold. Not only the political component, but the security component. How do you transition from basically a dictatorship to some form of transparent democracy, which I think is the White House's goal. You do that via Delcy Rodríguez and the current Venezuelan government. As you know, the PSUV, which is the United Socialist Party of Venezuela, which is Maduro's party, they control every apparatus of government, whether it's the Supreme Court, the judicial branch, the legislative branch, the executive branch, it's owned by them. There is no transparency right now. How do you get away from that? How do you rebuild these institutions so they become functional again and in some type of democratic transparent manner? That has to be a principal goal.
Number two, the security situation. You have maybe 20% to 25% of the population supporting Maduro and the PSUV. I would argue most of these people are supporting the party because they benefit from the party. They're either on the payrolls, they have some type of sweetheart deal, or they're able to conduct their illegal activities. The security forces are not hardcore ideologues. I think with the death of Chávez in 2013, he was the last ideologue you had as far as the Bolivarian revolution. My experience working with these people is that they're just in it for their own self-enrichment. Nobody really drank the Kool-Aid and said, "I want to be a Bolivarian revolutionary." I mean, this might have happened during the earlier stages when Chávez was first elected, but through the decades, it's become just an empty suit. Nobody really believes in any type of revolution.
On the security side, getting back to that, you have a disruptive element. You have this organization called the Colectivos, which is kind of a non-official goon squad that is supported by the government, basically comprised of criminals and local bullies. During demonstrations, they're the ones who go out there and start beating people and stuff like that. But you have the security services themselves as well. The rank and file. I think if you can do something like we did maybe in the Haiti occupation and in Panama where we actually formed an interim security force — I can't talk about the Haitian National Police nowadays as an effective force — but at the time in 1994, they became an effective enough security force, which provided security to the populace. That led the whole population to believe that there was hope.
I think that's going to be key along with the political transition. Can you provide security? Can you provide faith that people will adhere to the rules and regulations? How you do that? It's a good question.
Venezuela's a little different than most Latin countries. There is no national police force, other than the National Guard, which currently, if you talk to our DEA colleagues they'd probably say it's one of the largest drug cartels on the continent right now. Like the United States, Venezuela is divided into the state and municipal police forces.
For example, Caracas has two major police forces. You have the city of Caracas Police Force, and then you have the Miranda State Police Force, which is about maybe a third of Caracas, and then the rest is by the city of Caracas. Then you go out to the different states in Venezuela. They each have their own police force, and the large cities all have their police force. Years ago, they tried to form this Bolivarian national police agency. We're trying to incorporate this. It's never really worked because these police forces are all influenced and run by the local politicians.
So, that could work to our advantage as far as being able to work independently of the government and work with these local institutions to not only enhance their capability, but kind of vet them, cleanse them.
The Cipher Brief: How do you think Russia and China are assessing what''s next in Venezuela? What are the losses here and what are the opportunities here for each of them?
Fitzgerald: Let's talk about China first because that's probably going to be the most important for Venezuela. China must be extremely careful about how they handle this because they have literally billions and billions of dollars in loans that they provided the Bolivarian government. And one of their concerns, no doubt is that if you have a new democratic government, they could come in and say, "You know something? These loans that you signed with China, we don't consider them valid. We think they're illegal, and we're going to nullify all the loans." And right now, China's getting paid back in petroleum. So, China's got to be worried.
That means that if you're China, you're going to make nice with any new government because you don't want to be in a situation where they just say, "We consider these agreements you made with former government officials as illegal, and we will no longer honor them." So I don't see China being a spoiler. I see them willing to work with any new government coming into power because they have a lot of financial stake in what happens in Venezuela.
Russia, on the other hand, has very little commerce here. Russia's main trade with Venezuela is in arms. Venezuela's never even been able to pay back the loans or the purchases they made on some of the weapons systems they bought. Iran's another one. Iran's been there for decades now. It's entrenched. They've been allowed to work pretty much without limits in Venezuela, going back to, I think it was 2012, and the assassination attempt on the Saudi Ambassador in Washington. That was all being run out of, or being facilitated by, the Iranian embassy in Caracas.
So, it's going to affect all of their relationships. Iran's been more important than they realize for their oil industry as far as providing the parts and the 'know how' to maintain the oil fields and some of their refineries. A lot of that's coming from Iran. The big thing here that people don't realize is that there's one ingredient that's important for Venezuelan petroleum and if you don't have this, you really can't produce the amount of petroleum you need. Even at today's rate, you can't produce it. So Iran's been a major provider of this substance.
The Cipher Brief: How are drug cartels likely looking at this? And what about Cuba?
Fitzgerald: I would love to be in Cuba right now and listen to what they're saying about this. I mean, this really must be a shocker for them. Number one, for their security service. They just had a major failure because it's very well known that all of President Maduro's inner security was being provided by the Cubans. They're the only people he trusted. To a greater extent, they're out of security. Plus all their security services were being managed by the Cuban CI officers. The Cubans don't do it for free. So Venezuela pays the tab for that, and no doubt it's a greatly enhanced bill that they were getting from the Cuban government for President Maduro's security.
On the other end, as you know, Suzanne, the petroleum is just as vital to the Cuban economy. It's not all of it, but it's a major percentage of the petroleum that Cuba uses to include refined products that are provided by Venezuela at incredibly reduced rates that Venezuela knows Cuba will never repay. So, they have billions of dollars in debts to Venezuela and although they're technically selling the petroleum to Cuba, there's pretty much an understanding that it's not going to be repaid. So that's going to be a big blow to Cuba right now.
The Cipher Brief: What are the indicators that you're going to be watching for next that give you some clue as to where things might be headed?
Fitzgerald: Well, my big indicator is what's the plan? I'm sure they're huddling together both in the IC and in the State Department and the White House trying to figure out, 'Okay, how can we transition the current government to some type of viable democratic government and allow for a free election?' And there's probably been a million plans thrown out there. They just haven't figured out which one they're going to use. So I think that's what I'm waiting for is what the administration intends to roll out as their plan and how they intend to run Venezuela.
I think one of the big things here as far as Venezuela goes, is how to actually rebuild the country. It's going to require the private sector. The U.S. government is not going to be some nation builder like we tried to do in Iraq. And the great thing is that Venezuela has the resources that are quite sought after in the world where I think you're going to get a lot of interest from the private sector.
For example, a friend of mine asked the other day about the construction that would be needed. You're going to see some of the major construction companies needed to go in there and just rebuild the cities and the streets and everything. It's just the infrastructure there that hasn't been really modernized or updated in decades. So I think there is going to be a lot of interest in that. I think that interest by the private sector will also encourage the government to become as transparent and as democratic as it can be. So look for that too. And it's just not all about oil — it's minerals, construction, and the electric grid - it's across the board.
The Cipher Brief is your place for expert-driven national security insights. Read more in The Cipher Brief because National Security is Everyone’s Business
THE IRON TRIANGLE — Welcome to the inaugural edition of “The Iron Triangle”, my new Cipher Brief column that serves the three pillars of modern defense: Procurement Officers tasked with buying the future, Investors who fund the technology, and Policy Wonks who analyze the impact of technology on the global order.
My first column explores the shift from "Chatbots" to "Agents." In Washington, they call it Agentic AI. In the Valley, they call it Action-Oriented LLMs. In the field, it’s the difference between a system that tells you a storm is coming and one that autonomously moves your fleet to a safe harbor before the first raindrop falls.
The Technology: From "Prediction" to "Agency"
For years, AI in defense has been about Computer Vision, tasks such as labeling tanks in a photo. While Computer Vision has saved countless hours of labor, it doesn't address the challenges associated with overloading analysts with data.
Agentic AI (Agentic) is a generational leap. For clarity, Agentic refers to systems capable of:
Analyzing the commander’s intent.
Identifying and evaluating subordinate tasks.
Executing a sequence of actions across multiple platforms without human prompting.
Agentic processes vast amounts of data into knowledge, exponentially increasing each user’s effectiveness. With Agentic, teams of analysts will no longer pour through volumes of irrelevant information searching for a few key indicators. Agentic will distill torrents of data, a side effect of exponential increases in the number of sensors (drones), down to just the essential elements. In some cases, Agentic may even make decisions without user input.
Several questions come to mind. First, what will my analysts do with this windfall of time? That's a discussion for another article. Instead, let’s make this relevant.
The Cipher Brief applies expert-level context to national and global security stories. Grant yourself full-access to Cipher Brief expert insights, analysis and private briefings in the new year by becoming a Subscriber+Member.
For the Procurement Officer
Procurement officers should be wary of "Black Box" Contracts. If a vendor claims their agent uses "proprietary reasoning" that’s difficult to audit, walk away. Consider commanders whose primary concern is managing risk. In the inevitable post-accident investigation, "the algorithm made a choice" will not serve as strong legal defense. The Pentagon must demand Chain of Preference Transparency. The software must log why it chose one course of action over another, and the decision tree must be continually refined.
The Pentagon should also move away from Firm-Fixed-Price contracts. Agentic requires Continuous Authority to Operate, not only to remain functional, but in a competitive context (war with a global power). If The Pentagon buys a "static" version, the system will be obsolete by the time the invoice is cleared, especially considering the Pentagon bureaucracy. Procurement Officers should buy the pipeline, not the package.
The Investment Thesis
The challenge for investors is distinguishing between a "thin wrapper" on AI and a foundational defense operating system. Investment firms often hire retired officers to evaluate defense technology. These officers retired years ago, and may not have had first-hand experience with technology while they were active. Now the investment firm expects them to provide advice on emerging technology that many 20-year-old practitioners are just learning about. It’s not a fair expectation, and will lead to investments in irrelevant technologies.
Proximity breeds opportunity. Investors should get involved with practitioners. I’m not suggesting that VCs attend National Training Center rotations, though I do enjoy that mental picture. There are other opportunities to interact with end users; small-scale exercises, trade shows and demonstrations are some.
Beware of the moat. The value isn't in the Large Language Model; it’s in the Action Layer. Investors should look for startups who are building "high-side" integrations—companies that have security credentials to plug into actual data. Only then will it become clear how the technology performs.
Look for the exit. Some "Big Primes" are hardware-heavy and software-poor. They are looking to acquire "Agentic Middleware" to make legacy systems more relevant in an autonomous age. The "Defense Unicorn" of 2026 will be a company that provides the universal brain for antiquated hardware. There are some promising companies focused on exactly this challenge. Whatever is created should be collaborative, to promote and not stifle innovation.
The Policy Wonk’s Warning
In the early days of AI, policy was concerned about AI’s potential effects on strategic stability. If both the U.S. and a peer competitor deploy Agentic to manage strategic command and control–or frontline skirmishes–we might enter a "Speed of Relevance" trap. When AI reacts to AI, the window for diplomatic de-escalation shrinks from hours to milliseconds, effectively disappearing and devolving into a machine on machine conflict where humans suffer the consequences.
To prevent this devolution, there should be a foreign policy shift, a move from Arms Control to Algorithm Control. The next great treaty should not focus on the number of warheads, but the verification of "Human-on-the-loop" safeguards and universal standards.
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
My Take. This where I get to discuss what excites me about this new technology.
Military Planning. Agentic AI will fundamentally change “course of action development” during military planning. Military Officers, like everyone, suffer from functional fixedness. Their creativity can be limited by their experiences. Agentic will see thousands of potential pathways for conducting new missions. I like to think that this will lead to more creative solutions being applied to emerging challenges. Look out executive officers, AI is coming for your jobs!
The Risk. There is a chance that our government becomes reliant on Agentic. The Military plans for everything. I’ve seen Staff Officers plan for how and when to make plans. Reducing planning to a button click could diminish critical analysis, a fundamental skill for effective leaders, which will have a compounding negative effect on future generations.
Mission Rehearsals. Agentic will enable warfighters to rehearse missions based on real time intelligence. Imagine flying a drone simulator where the terrain, the targets, and the weather are all precisely the same as those in the target area of interest. What’s more, Agentic will enable simulated adversaries to react more realistically. Combat Training Centers may be the next casualty of Agentic. I don’t think any soldier will be sad to learn that their NTC rotation is cancelled…
The Risk. Agentic might get it wrong, leading to gross overestimations–or underestimations–of adversarial capabilities. And what happens when a commander decides to ignore their AI, then suffers a defeat? Punishing the commander in this situation would encourage future leaders to blindly follow Agentic guidance. The government must build rules which preserve and promote independent decision authority, ensuring that Agentic complements, but does not replace the commander’s judgment.
Agentic is the first technology that I can recall that doesn't just make our weapons better; it makes our decision-makers faster. For the Procurement Officer, it's a liability to manage; for the VC, it's the ultimate "sticky" SaaS play; and for the Wonk, it’s a terrifying new variable in the balance of power. Current international laws of war are based on human intent and accountability. But it remains legally unclear who is responsible—the developer, the operator, or the commander—when an autonomous agent makes an error. The most pressing requirement now is not for the best new technology, but for our legal and policy frameworks to keep pace.
Joey Gagnard is a Cipher Brief columnist who regularly shares his perspective on national security and technology via his Iron Triangle column.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
EXPERT OPINION —The Iranian people are saying they want new leadership. And it’s not too hard to understand why so many merchants, university students and young people in Iran are on the streets calling for political change and an end to the current Islamic Republic rule.
It was the merchants in Tehran’s Grand Bazar that initially closed their shops because they couldn’t make a living with soaring inflation and the collapse of the national currency, the rial. Merchants in over 32 cities quickly followed suit, with university students and the public joining in protests calling for change.
This is not new for Iran. In 2009, the government ensured that incumbent Mahmood Ahmadinejad was reelected president, despite the popular opposition leader, Mir-Hossein Mousavi, having widespread support from the public, promising hope and change. The government’s heavy hand in ensuring their man was reelected, regardless of what the public wanted and voted for, understandably angered the public, resulting in Iran’s “Green Movement.” Protesters, who adopted green as the symbol of hope and change, claimed the election was rigged. When they demanded greater democracy, the rule of law, and an end to authoritarian practices, the government responded violently. Peaceful protesters were beaten, with thousands arrested and dozens killed.
In September 2022, Jina Mahsa Amini, a 22-year-old Kurdish Iranian was arrested for improperly wearing her head scarf (hijab). She died in police custody, with eyewitnesses saying she was beaten and died because of police brutality. The death of Amini resulted in nationwide protests, with Iran Human Rights reporting that at least 476 people were killed by security forces. Amnesty International reported that the Iranian police and security forces fired into groups with live ammunition and killed protesters by beating them with batons. Amini’s death gave rise to the global movement of: Women, Life, Liberty.
Since then, Iran has conducted a war against its own people, with widespread arrests of anyone protesting widespread government corruption and human rights abuses.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Today’s protests were sparked by Iran’s severe economic crisis and water shortages, but also by Iran’s humiliating defeat by Israel in its 12-day war of June 2025 and the subsequent U.S. bombing of Iran’s nuclear facilities in Natanz, Fordow, and Isfahan. This was after the people were told that Israel would never dare to attack Iran. But they did, with impunity.
The hundreds of millions of dollars spent on Iran’s nuclear program, building thousands of spinning sophisticated centrifuges, enriching uranium at 60% purity, concealed in deeply buried underground facilities -- and related scientific work— certainly contributed to Iran’s economic collapse. The resultant global sanctions imposed on Iran also contributed to the crumbling of Iran’s economy. Indeed, Iran’s long history of pursuing nuclear weapons and then claiming they ceased such a pursuit, although continuing to enrich uranium while denying IAEA access to suspect nuclear facilities ensured that the global community viewed Iran with deep suspicion and was supportive of the biting sanctions imposed on Iran. Iran’s nuclear pursuits and the resultant sanctions led to Iran’s failed economy. And it was the people who suffered when the rial lost its value.
Iranian President Masoud Pezeshkian acknowledged the legitimacy of the protesters’ complaints, while announcing the appointment of a new central bank chief.
Reportedly, 36 people have been killed during the demonstrations, with hundreds arrested and thousands on the street saying they want change.
Supreme Leader Ayatollah Ali Khamnei, in an address on Saturday, blamed foreign interference and said that “rioters must be put in their place.”
President Donald Trump had warned Iran that if Iran “violently kills peaceful protesters” the U.S. “will come to their rescue.”
What these and previous demonstrations tell us is that the people have suffered enough. They’ve taken to the street because they want change, hope and a leadership that cares for the people. The protesters carry signs saying, “the mullahs must leave Iran.” It’s clear: the government has mismanaged Iran’s economy; has made Iran a pariah nation. The Iranian theocracy, led by supreme leader Ayatollah Ali Khamenei, apparently no longer has the support of the Iranian people.
Is a democratic secular Iran possible?
The author is a former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.
This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
EXPERT PERSPECTIVE — Occasionally, a speech does more than mark a leadership transition or outline institutional priorities. It captures, with unusual clarity, the nature of the moment we are living through and the choices it demands.
Blaise Metreweli’s recent inaugural address as Chief (or more colloquially, C) of the UK’s Secret Intelligence Service was one of those moments. Rather than offering a conventional tour of threats or capabilities, she chose a more demanding path. She spoke about human agency in a world increasingly shaped by machines. About trust, judgment, and integrity at a time when technology is accelerating every dimension of competition and conflict.
I had the pleasure of working with Metreweli while serving as Deputy Director of the CIA for Digital Innovation. I watched her navigate the intersection of operations and technology with a rare combination of rigor and imagination. Her speech reflects that same sensibility. It is operationally grounded, intellectually disciplined, and quietly ambitious in what it asks of an intelligence service. Just as it should be.
What struck me most, reading her remarks, was not simply their alignment with themes I have been working on for years, both inside government and since my departure in 2024. It was the way she wove those themes together into a coherent vision of intelligence suited to the world as it is, not the world we might wish it to be.
At the center of Metreweli’s speech is a proposition that may sound self-evident, yet is increasingly contested in practice: even in a technology-mediated world, human beings must still decide outcomes.
Artificial intelligence can surface patterns, illuminate possibilities, even accelerate analysis. It cannot decide what matters. It cannot weigh moral tradeoffs. It cannot assume responsibility for consequences. Intelligence, in her framing, remains a human endeavor, even as it becomes ever more technologically enabled.
This is a conclusion I reached years ago while leading digital transformation efforts inside the CIA. As our tools became more powerful, the temptation to treat output as authority grew stronger. We resisted that instinct deliberately. The most effective systems we built were those designed explicitly to support human judgment, not replace it. They forced users to ask better questions or to challenge assumptions, and to understand context before acting.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
I have described this in multiple speeches and articles as human–machine partnering, and Metreweli’s speech reflects the same conviction. The future of intelligence is not technological supremacy alone. Nor is it the return to a romanticized vision of the intelligence mission before the digital revolution. It is the disciplined integration of technology into human decision-making, with clarity about where judgment must reside.
Metreweli is equally clear about the character of modern conflict. We are no longer operating in a world neatly divided between war and peace. Instead, we inhabit a persistent space between the two, where states seek advantage through pressure that is continuous, deniable, and often difficult to attribute.
Cyber operations, sabotage, influence campaigns, and coercive economic measures all live comfortably in this grey zone. They are designed to intimidate and to erode confidence without triggering a conventional response.
One aspect of this competition that deserves particular attention is the emergence of what I have called digital chokepoints. These are points of leverage embedded in digital infrastructure, data ecosystems, platforms, standards, and supply chains. They do not announce themselves boldly as instruments of power, yet they have increasingly come under attack in recent years as a tool of geopolitical competition. In 2024-2025 alone, there were numerous anomalous “incidents” that damaged or cut 13 undersea cables around Taiwan and the Baltic Sea.
Grey-zone conflict, viewed through this lens, is not episodic. It is cumulative. And we will see more of it. Intelligence services must therefore understand not just individual operations, but the architecture of pressure that builds quietly and persistently across domains.
The convergence of artificial intelligence, biotechnology, and quantum computing, and the way these advances are reshaping both opportunity and risk was featured prominently in Metreweli’s speech. She avoids the dual traps of easy optimism and easy alarmism alike.
I have often framed technology as both shield and sword. It accelerates intent, but it does not generally determine outcomes. Technology itself is neutral. What matters is how it is governed, deployed, and constrained by human choice, as well as which values are encoded into its digital foundations
This distinction is not academic. The same AI system that accelerates medical discovery can enable surveillance at scale. The same digital infrastructure that connects societies can be (and is) used to monitor and control them. Metreweli’s speech is careful to emphasize mastery of technology alongside responsibility for its effects.
That balance is essential. Technological determinism strips leaders of agency and excuses poor judgment. Metreweli’s approach does neither.
One of the most sobering elements of Metreweli’s address is her discussion of trust. Information, once a unifying force, is now routinely weaponized. Falsehood spreads faster than fact. Algorithms reward outrage and reinforce bias. Shared reality seems increasingly elusive.
I have spent significant time in recent years examining the implications of synthetic media, deepfakes, and AI-enabled influence operations. Today, identity itself has become contested space. Voice, image, and presence can be fabricated convincingly and at scale. Seeing is no longer believing.
This presents intelligence services with challenges that extend well beyond traditional counterintelligence or cyber defense. When trust collapses, when one can no longer discern truth from fiction, societies risk losing much more than confidence in institutions. They risk losing the ability to reason collectively about the world they inhabit.
Metreweli’s insistence that defending the space where truth can still stand as a core intelligence mission reflects a deep understanding of what is at stake.
Another strength of Metreweli’s speech is her refusal to treat today’s challenges as isolated problems. She describes an interlocking threat landscape that spans physical and digital domains, from seabed cables to space systems, from code to cognition.
This holistic view is critical. Too often, Western governments have approached cross-domain issues in separate policy lanes. Next-generation communications, artificial intelligence, digital infrastructure, cyber intrusions, disinformation campaigns. All treated as distinct, individual issues. Our principal strategic competitor, the People’s Republic of China, has not made that mistake. These domains are understood as mutually reinforcing components of a comprehensive national digital strategy tied directly to a grand geopolitical ambition.
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
I have argued for years that we must respond in kind, not by mirroring authoritarian models, but by approaching this competition in a more holistic fashion and by offering global partners a credible alternative. Countries around the world want to harness new technologies to accelerate development and improve lives. Many also want to protect sovereignty and human freedom. Meeting that demand requires seeing the digital contest as a whole, not as a collection of technical projects about which individual and disconnected policy decisions are made.
Though not stated in such terms, Metreweli’s framing reflects this reality.
As an operational commander who became a technical leader, Metreweli brings unusual authority to her discussion of technology within intelligence tradecraft. She envisions a service where officers are as comfortable using digital tools as they are recruiting and running human sources.
This is not about turning intelligence officers into engineers. It is about understanding technology as both a tool and a terrain. Digital literacy becomes foundational, not because everyone must code, but because everyone must grasp how technology shapes the operational environment and adversary behavior. In modern intelligence, ignorance of technology becomes a vulnerability.
Metreweli also speaks directly to the question of legitimacy. Intelligence services in democracies operate with extraordinary authorities. Their effectiveness ultimately depends on trust.
Her commitment to openness, where it can responsibly exist, is not about transparency for its own sake. It is about sustaining a relationship with the public rooted in shared values. Accountability, in her formulation, is a strength, not a constraint.
This is a principle I championed consistently inside the Agency and since my departure. In democratic societies, trust can never be taken for granted. It must be earned and maintained, especially as intelligence services operate in the shadows, out of view of the citizens they serve.
A particularly powerful portion of Metreweli’s speech focuses on audacity and “hustle,” reflecting a clear understanding of the environment intelligence services face today. In a world defined by exponential change, moving slowly does not preserve relevance. It accelerates decline.
I have spoken often about urgency, about the reality that institutions unwilling to adapt will become obsolete. That does not mean abandoning discipline or ethics. It means recognizing that delay carries its own significant risks. In today’s dynamic, high-threat landscape, inaction is perhaps the biggest risk.
Metreweli closes her speech where she began, with values. Courage. Creativity. Respect. Integrity. She recounts a conversation with a long-term foreign agent who worked with the UK precisely because of these values. This is not a sentimental anecdote. It is a strategic insight into how intelligence services in western democracies must navigate today’s complexity. Leveraging our core strength. Values.
We are living through the rise of digital authoritarianism, where technology is used to monitor, manipulate, and control populations at unprecedented scale. The most profound threat this poses is not technical. It is moral. It erodes human agency incrementally, often invisibly, until freedom becomes difficult to reclaim.
I have warned repeatedly that societies rarely lose freedom in dramatic moments. They lose it through systems that optimize for efficiency or security while stripping away consent, accountability, and choice.
Metreweli’s insistence that none of us have a future without values is therefore a statement of strategic reality, and it gets to the very heart of the issue.
Blaise Metreweli’s speech deserves close reading, not because it is eloquent (though it is), but because it is consequential. It articulates a vision of intelligence that is technologically fluent without being technologically captive, operationally aggressive without abandoning principle, and deeply human in a world that increasingly tempts us to forget what that means.
For intelligence professionals, policymakers, and citizens alike, it is a reminder that even as our tools evolve, the most important choices remain ours to make.
All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
EXPERT PERSPECTIVE — Each of my eight trips to Ukraine since retiring from the CIA in the summer of 2023 has been filled with unique challenges. Each time I’ve witnessed first-hand the sacrifices the Ukrainians are making on a daily basis to fight for their country’s independence. And while each trip has been physically exhausting, each one has also been highly inspiring because the Ukrainians are fighting to protect many of the traditional American values that I grew up believing in, including the right to self-determination, liberty and national sovereignty.
But my latest visit to Ukraine was by far the most difficult. Not just because the Russians are significantly increasing their air attacks on Ukrainian towns and cities or because Ukraine is once again going through a very cold winter while facing significant power shortages caused by Moscow’s attacks against energy infrastructure targets. But mainly because for the first time, I heard Ukrainians questioning my country’s commitment to helping them defend their country. Because I heard Ukrainian interlocutors conclude that the U.S. was not a reliable partner and because Ukrainians who are fighting to protect their country, questioned whether the U.S. was willing to abandon support for their cause in order to secure potential business deals with Russian dictator Vladimir Putin and his regime.
Remembering all the Americans I had served with over the years, especially those who made the ultimate sacrifice defending liberty and the honor of our country, it is extremely painful to consider the possibility that my country might choose to placate someone like Putin and, in doing so, turn its back on those who have suffered from Putin’s aggression.
After more than 10 years of being at war, the Ukrainians are clearly fatigued. Russia's constant attacks against civilian targets are taking a toll. Families throughout the country are living without regular access to electricity and are subjected to daily mass Russian drone and missile attacks.
Ukraine's own internal corruption challenges, including the "Operation Midas" investigation, which resulted in the resignation of President Zelensky’s longtime advisor and head of the Presidential Office, Andriy Yermak, have raised questions among many Ukrainians about Zelensky and his Administration. The scandal also opened the door for many of the opponents of continued support to Ukraine to claim that Ukraine is a corrupt country led by corrupt leaders.
Of course, these critics forget that the Midas investigation is actually evidence of Ukraine’s efforts to deal with corruption and a development that highlights Kyiv’s determination to create a more transparent government based on “rule of law” principles. And there is no comparison between Ukraine’s efforts to deal with corruption, and Russia’s lack of transparency and complete rejection of “rule of law” governance.
Ukrainian fears about being abandoned by Washington are linked to the perception that the U.S. is going to end its support for Kyiv. Fears that are amplified by the recent leaking of the "28 Point Plan" that was initially presented to Kyiv by the U.S. as part of Washington’s efforts to bring the war to an end and revelations that the bulk of the plan was written by the Kremlin and then delivered to the U.S. Special Envoy for the Middle East and Russia Steve Witkoff by Russian Sovereign Wealth Fund head Kiril Dmitriyev.
These leaks bore many of the hallmarks of a Russian disinformation campaign, and whether or not the Kremlin leaked this information, there is little doubt that Moscow is using the leaks to undermine the U.S. internationally; to drive a wedge between the U.S. and its allies in Europe; to undermine the morale of the Ukrainian population; and to deceive international and domestic audiences into believing Russian President Vladimir Putin is trying to find a peaceful resolution to the war that he started.
Moscow has worked relentlessly to create the impression in Washington, Brussels and Kyiv - that the Ukrainian Armed Forces are on the verge of collapse, and it is only a matter of time before Putin achieves his military objectives.
The Ukrainians, on the other hand, are trying to counter this narrative and demonstrate that the Russians continue to make minimal battlefield gains while paying a tremendous price in terms of personnel and resources.
While people are tired, few appear ready to surrender or give up. Many equate surrender to betrayal of the memories of those Ukrainians who have died since 2014 fighting to defend the country from Russia.
Putin’s effort to control the narrative on Ukraine is partially linked to his desire to cover up how bad his own hand is at present. Putin does not want the West to focus on how the Russian military continues to struggle to take small amounts of territory, while suffering high casualty rates. He does not want others to focus on Russia’s own struggles with growing financial, economic and social problems that threaten the long-term stability of his regime and the future of Russia itself.
In recent years, the Kremlin has shifted its limited financial resources to the Military-Industrial complex, resulting in cutbacks to social spending and bringing an end to support of critical civilian infrastructure projects. While this policy has resulted in an increase in defense production, it is bankrupting the country and in recent months even Russia’s defense industry has had to implement spending cutbacks. Many factories and production sites across Russia are unable to pay workers and have been forced to reduce their work week to three or four days per week.
The money that Putin was once able to use to incentivize Russians to join the military and fight Ukraine is drying up, forcing him to once again consider mobilization plans, which will no doubt be highly unpopular with many Russians, especially with the “elites” living in the country’s main population centers.
The war has also drained off workers, resulting in significant labor shortages. Putin’s war is threatening to plunge Russia into the chaotic and painful social and economic conditions that the country faced in the early and mid-1990s.
Before leaving on my latest trip to Ukraine, I was asked to speak at an event in Washington D.C. focused on the future of U.S.-European relations. During that event, one attendee told me that recent polling in the U.S. showed that - since President Trump’s January 2025 inauguration - support for Ukraine among Republicans had risen significantly. This claim was supported by a report published by Defense One based on polling conducted by the Ronald Reagan Institute and a previous report published by the Chicago Institute on Global Affairs. These signs are heartening. In a system where the population’s interests should be considered by elected leaders, this means that the United States Government should be continuing its support for Ukraine.
The growing public support for Ukraine should give Ukrainians some hope that the U.S. is not going to abandon them. But it is hard for the Ukrainians to hear that message when it is often drowned out by much more negative news about alleged backroom deals made between Putin’s couriers and individuals close to President Trump and the very real possibility that those couriers are using their access to actively pursue a whisper campaign to influence the President and his policy decisions. That, combined with targeted leaks and distortions of facts to exaggerate the perception that Washington now prefers Moscow to Ukraine and the Europeans is painting a Russian-preferred narrative.
What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.
It is correct when President Trump says that he inherited a terrible situation in Ukraine. I also agree that as the elected leader of the most powerful country in the world, President Trump has a responsibility to try to end the bloody and senseless conflict.
The President deserves credit for trying, although I do not agree with his periodic claims that the Ukrainians, or their President, are guilty of starting the war - or that Kyiv does not want to end the war. Vladimir Putin is guilty of starting the conflict and despite all of President Trump’s efforts and the Ukrainians willingness to try to find a compromise, Putin has continued to make maximalist demands and drag out the conflict in hopes of stealing more of Ukraine’s territory and feeding Russia’s defense industrial complex, which is now the sole functioning part of Russia’s struggling economy.
It appeared President Trump recognized this reality in October, when he canceled plans to meet with Putin in Budapest and levied new sanctions on the Russian Energy sector. Unfortunately, the President allowed Putin to manipulate the U.S. team into thinking Putin was ready to negotiate in November, opening the door to a lot of Russian disinformation and information warfare designed to undermine the U.S., Ukraine and its allies - but not designed to bring the war to an end.
Over the past year, I have seen the level of political infighting within Ukraine increase. During a discussion with one Ukrainian General in September of 2024, the General opined that historically, Ukraine had never lost a war to Russia but had lost many wars to itself. He warned that internal political struggles in the country allowed the Russians to identify and exploit the political ambitions of some leaders and use these ambitions to divide the country and undermine national unity.
Ukraine is again facing the threat of serious internal divisions that the Kremlin will manipulate and use to achieve its military and political objectives. It appears likely that the Ukrainian government will hold elections in 2026, and the U.S. and the West should be ready to help Kyiv protect those elections from Russian interference. There is also little doubt that Russia itself will not hold fair elections in 2026 or as long as Putin remains in power.
As an American, I pray that our elected leaders will not repeat the mistakes made by British Prime Minister Neville Chamberlain when trying to deal with Adolf Hitler. The appeasement of Hitler by forcing allies to cede territories to the Nazi regime in Berlin did not lead to “Peace in our Time”. It led to a much greater and more horrific World War that could have been stopped if the English and French had taken decisive action against Hitler at that time.
To “Make America Great Again”, Americans need to stand up for what is right. Right - is not appeasing Putin. Justice is not allowing Putin to get away with stealing large portions of Ukraine’s territory and then benefit from killing more than a million Ukrainian and Russian citizens in a war that was designed to protect Putin’s personal power and re-establish an empire that has collapsed twice in the last 150 years.
As an American, I pray that we find our way through this very confusing and troubled period, hold the aggressor, Putin, accountable for his crimes, and successfully bring this war to an end while protecting Ukraine’s sovereignty and America’s reputation in the world.
All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author's views.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
OPINION — A new location transparency feature on X isrevealing foreign influence on American discourse just as federal agencies designed to deal with such threats are being dismantled.
Toward the end ofNovember, X began listingaccount locations in the “About this account” section of people’s (or bots’) profiles. X also can list the platform through which users access the social media site, such as the web app or a region-specific app store.
With these new transparency features, X exposed that majorMAGA influencers are likely operating from Eastern Europe, Africa, and Southeast Asia. And while anti-Trump profiles posing as Americans on X haven’t made headlines, the authors found onelisting itself in Charlotte, NC that X indicatesconnected via the Nigeria App Store.
One factor driving foreign accounts to masquerade as domestic political commentators could be commercial gain. Heated political debate, abundant in the United States, drives engagement, which can be monetized. Account owners posing as Americans may also be funded or operated by America’s adversaries who seek to shape votes, increase social divisions, or achieve other strategic goals.
The problem of foreign adversaries pretending to be American is not new. During the cold war, Soviet KGB agents evenposed as KKK members and sent hate mail to Olympic athletes before the 1984 summer Olympics. What is different now is the scale and speed of influence operations. The internet makes it dramatically easier for foreign adversaries to pose as Americans and infiltrate domestic discourse.
X’s new country of origin feature is a step in the right direction for combatting these operations. Using it, aBBC investigation revealed that multiple accounts advocating for Scottish independence connect to the platform via the Iran Android App. On first blush, this makes little sense. But Iran has adocumented history of promoting Scottish independence through covert online influence operations and a track record of sowing discord wherever it can.
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
Disclosing origin alone paints an incomplete picture. Identifying an account’s location does not always tell you who directs or funds the account. For example, Russia has previouslyoutsourced its attempts to influence Americans to operators in Ghana and Nigeria. America’s adversaries continue to leverage proxies in their operations, as seen in arecently exposed Nigerian YouTube network aggressively spreadingpro-Kremlin narratives.
Additionally, malign actors will likely still be able to spoof their location on X. Virtual private networks (VPNs) mask a user’s real IP address, and while X appears to flag suspected VPN use, the platform may have a harder time detectingresidential proxies, which route traffic through a home IP address. Sophisticated operators and privacy enthusiasts will likely find additional ways to spoof their location. For example, TikTok tracks user locations but there areeasy-to-find guides on how to change one’s apparent location.
The additional data points provided by X’s transparency feature, therefore, do not provide a shortcut to attributing a nation-state or other malign actor behind an influence operation. Proper attribution still requires thorough investigation, supported by both regional and technical expertise.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Social media platforms, private companies, and non-profits play a significant role in combatting online influence operations. Platforms have access to internal data — such as emails used to create an account and other technical indicators — that allow them to have a fuller picture about who is behind an account. Non-profits across the United States, Europe, Australia, and other aligned countries have also successfully exposed many influence operations in the past purely through open-source intelligence.
The U.S. government, however, plays a unique role in countering influence operations. Only governments have the authority to issue subpoenas, access sensitive sources, and impose consequences through sanctions and indictments.
Washington, however, has significantly reduced its capabilities to combat foreign malign influence. Over the past year, it has dismantled the FBI's Foreign Influence Task Force, shut down the State Department’s Global Engagement Center, andeffectively dismantled the Foreign Malign Influence Center at the Office of the Director of National Intelligence. These changes make it unclear who — if anyone — within the U.S. government oversees countering influence operations undermining American interests at home and abroad.
X’s new transparency feature reveals yet again that America’s adversaries are waging near-constant warfare against Americans on the devices and platforms that profoundly shape our beliefs and behaviors. Now the U.S. government must rebuild its capacity to address it.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.
EXPERT OPINION — Reports came out last week that claim the Chairman of Joint Staff, General Dan Caine, is preparing a new unified command plan (UCP) that will reorganize and consolidate the regional combatant commands. According to press reports, the proposal, which is to go to the Secretary and the President soon, would combine U.S. Central Command, U.S. European Command and U.S. Africa Command under a new U.S. International Command. U.S. Southern Command and U.S. Northern Command would be combined as U.S. Americas Command. For now, the functional commands, U.S. Cyber Command, U.S. Special Operations Command, U.S. Space Command, U.S. Strategic Command and U.S. Transportation Command and U.S. Indo Pacific Command would remain the same.
If this happens, it would be the biggest command shake up in decades. However, to truly have the greatest effect, more needs to happen than just a reorganization and consolidation of combatant commands. The work to change and upgrade the combatant commands must be more consequential.
For this to happen, these commands must have all the tools at their disposal to develop military relationships and oversee operations in their regions. To be most effective, that means that their intelligence and their interagency arms must be bolstered.
On the intelligence side, Washington should push out the work to the combatant commands that the analysts, targeters and operators are doing in D.C. Before the early 2000s, the combatant commands hired their intelligence professionals through the services. In the early 2000s, the Defense Intelligence Agency (DIA) took over the requirement to integrate all the combatant commands’ intelligence professionals and those professionals became DIA employees.
There has been great success with increased and more consistent training and more sophisticated intelligence work at the combatant commands. More defense intelligence enterprise professionals now have a first-hand understanding of providing support to military activities. However, there is much more work to do in this area. A vast majority of the Washington DIA employees do not have direct experience working with warfighters on tactical issues or have forgotten their experience in this area. There is also often a duplication of efforts on analysis, reporting, and collection between DIA headquarters and the combatant commands.
This all can be streamlined by pushing those DC-based professionals to the combatant commands. DIA headquarters should be small and highly focused on manning, training, equipping, and integrating. The analysts, operators and targeters should be working directly with the warfighters under the direction of the combatant commander or at the Pentagon directly for the Chairman, Joint Staff.
More specifically, DIA headquarters should provide the HR, the training programs, the data, and the technology for the rest of the DIA enterprise to support each combatant Commander and his warfighters directly.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
In the early 2010s, there was a discussion in policy circles about how to make combatant commands more effective. A key role for Combatant Command senior leaders is to develop relationships with military partners in their region. This will become more difficult as a Combatant Commander’s geographic outreach grows. Each Commander will need more tools and senior professionals to help develop those relationships. To assist in this and to underscore the need for interagency coordination, Combatant Commands should have dual leadership from the civilian sector and military.
Most regional commands now have a senior foreign policy advisor, usually at Ambassador rank, who advises the commander on foreign relations. This position needs to be enhanced to a true deputy position vice an advisor. At the same time, the combatant commands need senior representatives from major government departments such as the Department of Homeland Security, Treasury, Commerce, and FBI. This will enhance the U.S.’ ability to compete against our adversaries by offering tools to use with foreign governments that are integrated and coordinated across the U.S. government.
The time is right to make more consequential changes to a system that needs to modernize.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
Login
