“I would never wish death upon anyone, but I have read some obituaries with great satisfaction.” - Winston Churchill

OPINION -- I associate myself with at least the latter part of that quote from Winston Churchill with regard to Aldrich Ames. To my knowledge, I met Ames on only one occasion. It was during a cocktail party in 1989 or 1990 when he oversaw the CIA operations group responsible for what was then Czechoslovakia. I have no clear recollection of that event, but I was later told that fellow traitor Robert Hanssen was also in attendance. If so, to paraphrase Shakespeare: ‘Hell was empty and the devils were there’.

While I can recall little about meeting Ames at that party, my colleagues and I lived – and still live – with the consequences of his betrayal. The loss of an agent is a very personal thing for those responsible for securely handling him or her. I saw that impact up close early on in my career.

Toward the end of my training as an operations officer in late 1982, I was summoned to the office of the then-chief of Soviet Division (SE). In that era, a summons to a meeting with any Division Chief - much less the head of what was then the most secretive operational component – could be unnerving for any junior officer. The initial moments of my appointment with then-C/SE, Dave Forden, were appropriately unsettling. He began by asking me whether I had stolen anything lately. Having never purloined anything ever, I was taken aback. After I answered no, he asked if I could pass a polygraph exam. Again surprised, I responded that I could the last time I took one. ‘Good’, Forden said, ‘you are coming to SE to replace Ed Howard in Moscow’. Howard, whom I had met during training, had been fired from CIA for a variety of offenses. He later defected to the USSR, betraying his knowledge of CIA operations and personnel to the KGB.

After completing training, I reported to SE Division. Shortly thereafter, I was told I would not be going to Moscow after all. Instead, I was informed, I would be going to Prague. Initially, I was a bit disappointed not to have a chance to test my skills against our principal adversary. In hindsight, however, that change in plan was fortuitous. While I could not know it at the time, my SE colleagues who went to Moscow would be there during the grim mid-1980’s period in which our agents were being rolled-up by the KGB. Many CIA officers involved with those cases would have to live for years thereafter wondering what had happened to their agents and whether anything they had done had contributed to their arrests and executions. My colleagues’ ordeals would only end with the revelation that one of our own was a spy.

But Ames was more than a spy. He was a killer. His career floundering and burdened by growing debt, Ames decided to solve his money problems by selling the identities of several low-level CIA agents to the KGB. Consequently, on April 16, 1985 he walked into the Soviet Embassy and passed on the following note: "I am Aldrich H. Ames and my job is branch chief of Soviet (CI) at the CIA. […] I need $50,000 and in exchange for the money, here is information about three agents we are developing in the Soviet Union right now.” He attached a page from SE Division's phone list, with his name underlined, to prove he was genuine. Within weeks, fearful that Soviet spy John Walker had been fingered by a CIA agent within the KGB, and worried that he might likewise be exposed, Ames decided to comprise all of the CIA and FBI Soviet sources he knew of. “My scam,” he later said, “was supposed to be a one-time hit. I was just going to get the fifty thousand dollars and be done with it, but now I started to panic.”

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Accordingly, on June 13, 1985, Ames passed the Soviets what he called “the Big Dump.” That tranche of documents contained the identities of at least 11 CIA agents. Brave men who had risked all in deciding to serve freedom’s cause, many of them would be arrested, interrogated and ultimately executed.

Ames’s rationalization of this act says everything about the kind of man he was. “All of the people whose names were on my list knew the risks they were taking when they began spying for the CIA and FBI,” he said, before adding that, "They knew they were risking prison or death.”

He would repeatedly seek to justify his actions by claiming that his espionage for the USSR was morally equivalent to what Western services had long done against their adversaries. Oleg Gordievsky, a British spy within the KGB and one of the few agents betrayed by Ames who escaped, rightly rejected any such equivalency. "I knew,” he said, that “the people I identified would be arrested and put in prison. Ames knew the people he identified would be arrested and shot. That is one of the differences between us.”

Sentenced to prison, Ames would spend almost 32 years of his life behind bars. I like to think that punishment was worse than death. One hopes he whiled away hours in his cell thinking of what he’d done and the lives he took. He expressed contrition during the plea bargain and sentencing process to ensure leniency for his wife, Rosario, saying, for example, that, "No punishment by this court can balance or ease the profound shame and guilt I bear."

But I very much doubt the sincerity of such statements because he showed no signs of having a troubled conscience thereafter. Instead, in statements while incarcerated, Ames was at pains to give his actions a veneer of ideological justification. "I had,” he said, “come to believe that the espionage business, as carried out by the CIA and a few other American agencies, was and is a self-serving sham, carried out by careerist bureaucrats who have managed to deceive several generations of American policy makers and the public about both the necessity and the value of their work.”

“There is an actuarial certainty that there are other spies in U.S. national security agencies and there always will be.” That statement by former CIA Chief of Counterintelligence Paul Redmond in the wake of the Ames and Hanssen cases reflects a grim reality of the intelligence profession.

Nonetheless, when I joined CIA, it was accepted wisdom that the Agency had never had, and could never have, a spy in its ranks. With the benefit of hindsight, it is hard to understand how such a naïve conviction could have taken hold given the repeated penetration of our predecessor organization, the Office of Strategic Services (OSS), and our British counterparts by Soviet intelligence. “There will,” as CIA Chief of CI James J. Angleton said, “always be penetrations…it is a way of life. It should never be thought of as an aberration. Anyone who gets flustered is in the wrong business.”

Perhaps the downplaying of such a possibility was a natural reaction to the overreach of Angleton himself with his ‘HONETOL’ spy hunts which hindered the Agency’s ability to mount operations against the Soviets for years at the height of the Cold War. It was certainly a reflection of institutional arrogance.

Whatever the reason, the idea that a foreign intelligence service could recruit a serving CIA officer as a spy was inconceivable to many. That mindset makes the accomplishment of Redmond and the Agency team led by Jeanne Vertefeuille, concluding that reporting from a Soviet mole – ultimately determined to be CIA officer Aldrich Ames – was the cause of the losses, all the more remarkable.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

The years-long hunt for the agent the KGB called “KOLOKOL” (‘Bell’) ended on February 21, 1994 with the arrest of Ames by the FBI. The assessment of the damage that Ames had inflicted on U.S. national security in exchange for some $2.5 million from Moscow was, not surprisingly, extensive. Even in the analogue era, he was able to pass along voluminous documentary and oral reporting to Moscow. This included reporting on his own debriefing of Vitaliy Yurchenko, who defected briefly to U.S. before returning to the USSR.

But it was the review of Ames’s role in compromising our courageous agents that struck home with us. Their sacrifice is commemorated by the CIA ‘Fallen Agent Memorial’ and other memorials within Agency spaces. And one hopes that someday the Russian people, too, will come to realize that Military/Technical researcher Adolf G. Tolkachev (GTVANQUISH); KGB Line PR officer Vladimir M. Piguzov (GTJOGGER); KGB Line PR officer Leonid G. Poleschuk (GTWEIGH); GRU officer Vladimir M. Vasilyev (GTACCORD); GRU officer Gennadiy A. Smetanin (GTMILLION); KGB Line X officer Valeriy F. Martynov (GTGENTILE); KGB Active Measures specialist Sergey M. Motorin (GTGAUZE); KGB Illegals Support officer Gennadiy G. Varenik (GTFITNESS); KGB Second Chief Directorate officer Sergey Vorontsov (GTCOWL); and the highest-ranking spy run by the U.S. against the USSR; GRU General Dmitry F. Polyakov (TOPHAT, BOURBON and ROAM); sacrificed everything for them and for their country.

“The life of the dead,” Marcus Tullius Cicero wrote, “is placed in the memory of the living.” For my part, I will remember Ames as the base traitor he was and the men he killed as the heroes they were.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

A CIA-linked LM-100J Super Hercules operated by Pallas Aviation landed in Caracas on January 10. The aircraft, using callsign WDE08 and tail number N96MG, departed shortly afterward and returned to Puerto Rico. The aircraft belongs to Pallas Aviation, described as a private company that performs “specialized work worldwide that most others refuse.” The company operates […]

EXPERT PERSPECTIVE — Occasionally, a speech does more than mark a leadership transition or outline institutional priorities. It captures, with unusual clarity, the nature of the moment we are living through and the choices it demands.

Blaise Metreweli’s recent inaugural address as Chief (or more colloquially, C) of the UK’s Secret Intelligence Service was one of those moments. Rather than offering a conventional tour of threats or capabilities, she chose a more demanding path. She spoke about human agency in a world increasingly shaped by machines. About trust, judgment, and integrity at a time when technology is accelerating every dimension of competition and conflict.

I had the pleasure of working with Metreweli while serving as Deputy Director of the CIA for Digital Innovation. I watched her navigate the intersection of operations and technology with a rare combination of rigor and imagination. Her speech reflects that same sensibility. It is operationally grounded, intellectually disciplined, and quietly ambitious in what it asks of an intelligence service. Just as it should be.

What struck me most, reading her remarks, was not simply their alignment with themes I have been working on for years, both inside government and since my departure in 2024. It was the way she wove those themes together into a coherent vision of intelligence suited to the world as it is, not the world we might wish it to be.

At the center of Metreweli’s speech is a proposition that may sound self-evident, yet is increasingly contested in practice: even in a technology-mediated world, human beings must still decide outcomes.

Artificial intelligence can surface patterns, illuminate possibilities, even accelerate analysis. It cannot decide what matters. It cannot weigh moral tradeoffs. It cannot assume responsibility for consequences. Intelligence, in her framing, remains a human endeavor, even as it becomes ever more technologically enabled.

This is a conclusion I reached years ago while leading digital transformation efforts inside the CIA. As our tools became more powerful, the temptation to treat output as authority grew stronger. We resisted that instinct deliberately. The most effective systems we built were those designed explicitly to support human judgment, not replace it. They forced users to ask better questions or to challenge assumptions, and to understand context before acting.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

I have described this in multiple speeches and articles as human–machine partnering, and Metreweli’s speech reflects the same conviction. The future of intelligence is not technological supremacy alone. Nor is it the return to a romanticized vision of the intelligence mission before the digital revolution. It is the disciplined integration of technology into human decision-making, with clarity about where judgment must reside.

Metreweli is equally clear about the character of modern conflict. We are no longer operating in a world neatly divided between war and peace. Instead, we inhabit a persistent space between the two, where states seek advantage through pressure that is continuous, deniable, and often difficult to attribute.

Cyber operations, sabotage, influence campaigns, and coercive economic measures all live comfortably in this grey zone. They are designed to intimidate and to erode confidence without triggering a conventional response.

One aspect of this competition that deserves particular attention is the emergence of what I have called digital chokepoints. These are points of leverage embedded in digital infrastructure, data ecosystems, platforms, standards, and supply chains. They do not announce themselves boldly as instruments of power, yet they have increasingly come under attack in recent years as a tool of geopolitical competition. In 2024-2025 alone, there were numerous anomalous “incidents” that damaged or cut 13 undersea cables around Taiwan and the Baltic Sea.

Grey-zone conflict, viewed through this lens, is not episodic. It is cumulative. And we will see more of it. Intelligence services must therefore understand not just individual operations, but the architecture of pressure that builds quietly and persistently across domains.

The convergence of artificial intelligence, biotechnology, and quantum computing, and the way these advances are reshaping both opportunity and risk was featured prominently in Metreweli’s speech. She avoids the dual traps of easy optimism and easy alarmism alike.

I have often framed technology as both shield and sword. It accelerates intent, but it does not generally determine outcomes. Technology itself is neutral. What matters is how it is governed, deployed, and constrained by human choice, as well as which values are encoded into its digital foundations

This distinction is not academic. The same AI system that accelerates medical discovery can enable surveillance at scale. The same digital infrastructure that connects societies can be (and is) used to monitor and control them. Metreweli’s speech is careful to emphasize mastery of technology alongside responsibility for its effects.

That balance is essential. Technological determinism strips leaders of agency and excuses poor judgment. Metreweli’s approach does neither.

One of the most sobering elements of Metreweli’s address is her discussion of trust. Information, once a unifying force, is now routinely weaponized. Falsehood spreads faster than fact. Algorithms reward outrage and reinforce bias. Shared reality seems increasingly elusive.

I have spent significant time in recent years examining the implications of synthetic media, deepfakes, and AI-enabled influence operations. Today, identity itself has become contested space. Voice, image, and presence can be fabricated convincingly and at scale. Seeing is no longer believing.

This presents intelligence services with challenges that extend well beyond traditional counterintelligence or cyber defense. When trust collapses, when one can no longer discern truth from fiction, societies risk losing much more than confidence in institutions. They risk losing the ability to reason collectively about the world they inhabit.

Metreweli’s insistence that defending the space where truth can still stand as a core intelligence mission reflects a deep understanding of what is at stake.

Another strength of Metreweli’s speech is her refusal to treat today’s challenges as isolated problems. She describes an interlocking threat landscape that spans physical and digital domains, from seabed cables to space systems, from code to cognition.

This holistic view is critical. Too often, Western governments have approached cross-domain issues in separate policy lanes. Next-generation communications, artificial intelligence, digital infrastructure, cyber intrusions, disinformation campaigns. All treated as distinct, individual issues. Our principal strategic competitor, the People’s Republic of China, has not made that mistake. These domains are understood as mutually reinforcing components of a comprehensive national digital strategy tied directly to a grand geopolitical ambition.

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

I have argued for years that we must respond in kind, not by mirroring authoritarian models, but by approaching this competition in a more holistic fashion and by offering global partners a credible alternative. Countries around the world want to harness new technologies to accelerate development and improve lives. Many also want to protect sovereignty and human freedom. Meeting that demand requires seeing the digital contest as a whole, not as a collection of technical projects about which individual and disconnected policy decisions are made.

Though not stated in such terms, Metreweli’s framing reflects this reality.

As an operational commander who became a technical leader, Metreweli brings unusual authority to her discussion of technology within intelligence tradecraft. She envisions a service where officers are as comfortable using digital tools as they are recruiting and running human sources.

This is not about turning intelligence officers into engineers. It is about understanding technology as both a tool and a terrain. Digital literacy becomes foundational, not because everyone must code, but because everyone must grasp how technology shapes the operational environment and adversary behavior. In modern intelligence, ignorance of technology becomes a vulnerability.

Metreweli also speaks directly to the question of legitimacy. Intelligence services in democracies operate with extraordinary authorities. Their effectiveness ultimately depends on trust.

Her commitment to openness, where it can responsibly exist, is not about transparency for its own sake. It is about sustaining a relationship with the public rooted in shared values. Accountability, in her formulation, is a strength, not a constraint.

This is a principle I championed consistently inside the Agency and since my departure. In democratic societies, trust can never be taken for granted. It must be earned and maintained, especially as intelligence services operate in the shadows, out of view of the citizens they serve.

A particularly powerful portion of Metreweli’s speech focuses on audacity and “hustle,” reflecting a clear understanding of the environment intelligence services face today. In a world defined by exponential change, moving slowly does not preserve relevance. It accelerates decline.

I have spoken often about urgency, about the reality that institutions unwilling to adapt will become obsolete. That does not mean abandoning discipline or ethics. It means recognizing that delay carries its own significant risks. In today’s dynamic, high-threat landscape, inaction is perhaps the biggest risk.

Metreweli closes her speech where she began, with values. Courage. Creativity. Respect. Integrity. She recounts a conversation with a long-term foreign agent who worked with the UK precisely because of these values. This is not a sentimental anecdote. It is a strategic insight into how intelligence services in western democracies must navigate today’s complexity. Leveraging our core strength. Values.

We are living through the rise of digital authoritarianism, where technology is used to monitor, manipulate, and control populations at unprecedented scale. The most profound threat this poses is not technical. It is moral. It erodes human agency incrementally, often invisibly, until freedom becomes difficult to reclaim.

I have warned repeatedly that societies rarely lose freedom in dramatic moments. They lose it through systems that optimize for efficiency or security while stripping away consent, accountability, and choice.

Metreweli’s insistence that none of us have a future without values is therefore a statement of strategic reality, and it gets to the very heart of the issue.

Blaise Metreweli’s speech deserves close reading, not because it is eloquent (though it is), but because it is consequential. It articulates a vision of intelligence that is technologically fluent without being technologically captive, operationally aggressive without abandoning principle, and deeply human in a world that increasingly tempts us to forget what that means.

For intelligence professionals, policymakers, and citizens alike, it is a reminder that even as our tools evolve, the most important choices remain ours to make.

Read the full speech here.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

For decades, the federal government has relied on sector-specific regulations to safeguard critical infrastructure. As an example, organizations including the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) set standards for the energy sector, while the Transportation Security Administration issues pipeline directives and the Environmental Protection Agency makes water utility rules.

While these frameworks were designed to protect individual sectors, the digital transformation of operational technology and information technology has made such compartmentalization increasingly risky.

Today, the boundaries between sectors are blurring – and the gaps between their governance frameworks are becoming attackers’ entry points.

The problem is the lack of harmony.

Agencies are enforcing strong but disconnected standards, and compliance often becomes an end in and of itself, rather than a pathway to resilience.

With the rollout of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) and the release of the National Institute of Standards and Technology’s Cybersecurity Framework 2.0, the United States has an opportunity to modernize oversight, making it more adaptive, consistent and outcome based.

Doing so will require a cultural shift within federal governance: from measuring compliance to ensuring capability.

Overlapping mandates, uneven protection

Every critical infrastructure sector has its own set of cybersecurity expectations, but those rules vary widely in scope, maturity and enforcement. The Energy Department may enforce rigorous incident response requirements for electric utilities, while TSA might focus its directives on pipeline resilience. Meanwhile, small water utilities, overseen by the EPA, often lack the resources to fully comply with evolving standards.

This uneven terrain creates what I call “regulatory dissonance.” One facility may be hardened according to its regulator’s rulebook, while another connected through shared vendors or data exchanges operates under entirely different assumptions. The gaps between these systems can create cascading risk.

The 2021 Colonial Pipeline incident illustrated how oversight boundaries can become national vulnerabilities. While the energy sector had long operated under NERC CIP standards, pipelines fell under less mature guidance until TSA introduced emergency directives after the fact. CIRCIA was conceived to close such gaps by requiring consistent incident reporting across sectors. Yet compliance alone won’t suffice if agencies continue to interpret and implement these mandates in isolation.

Governance as the common language

Modernizing oversight requires more than new rules; it requires shared governance principles that transcend sectors. NIST’s Cybersecurity Framework 2.0 introduces a crucial element in this direction: the new “Govern” function, which emphasizes defining roles, responsibilities and decision-making authority within organizations. This framework encourages agencies and their partners to move from reactive enforcement toward continuous, risk-informed governance.

For federal regulators, this presents an opportunity to align oversight frameworks through a “federated accountability” model. In practice, that means developing consistent taxonomies for cyber risk, harmonized maturity scoring systems and interoperable reporting protocols.

Agencies could begin by mapping common controls across frameworks, aligning TSA directives, EPA requirements and DOE mandates to a shared baseline that mirrors NIST Cybersecurity Framework principles. This kind of crosswalk not only streamlines oversight, but also strengthens public-private collaboration by giving industry partners a clear, consistent compliance roadmap.

Equally important is data transparency. If the Cybersecurity and Infrastructure Security Agency , DOE and EPA share a common reporting structure, insights from one sector can rapidly inform others. A pipeline incident revealing supply chain vulnerabilities could immediately prompt water or energy operators to review similar controls. Oversight becomes a feedback loop rather than a series of disconnected audits.

Engineering resilience into policy

One of the most promising lessons from the technology world comes from the “secure-by-design” movement: Resilience cannot be retrofitted. Security must be built into the design of both systems and the policies that govern them.

In recent years, agencies have encouraged vendors to adopt secure development lifecycles and prioritize vulnerability management. But that same thinking can, and should, be applied to regulation itself. “Secure-by-design oversight” means engineering resilience into the way standards are created, applied and measured.

That could include:

• Outcome-based metrics: Shifting from binary compliance checks (“Is this control in place?”) to maturity indicators that measure recovery time, detection speed or incident containment capability.
• Embedded feedback loops: Requiring agencies to test and refine directives through simulated exercises with industry before finalizing rules, mirroring how developers test software before release.
• Adaptive updates: Implementing versioned regulatory frameworks that can be iteratively updated, similar to patch cycles, rather than rewritten every few years through lengthy rulemaking.

Such modernization would not only enhance accountability but also reduce the compliance burden on operators who currently navigate multiple, sometimes conflicting, reporting channels.

Making oversight measurable

As CIRCIA implementation begins in earnest, agencies must ensure that reporting requirements generate actionable insights. That means designing systems that enable real-time analysis and trend detection across sectors, not just retrospective compliance reviews.

The federal government can further strengthen resilience by integrating incident reporting into national situational awareness frameworks, allowing agencies like CISA and DOE to correlate threat intelligence and issue rapid, unified advisories.

Crucially, oversight modernization must also address the human dimension of compliance. Federal contractors, third-party service providers and local operators often sit at the outer edge of regulatory reach but remain central to national resilience. Embedding training, resource-sharing and technical assistance into federal mandates can elevate the entire ecosystem, rather than penalizing those least equipped to comply.

The next step in federal cyber strategy

Effective harmonization hinges on trust and reciprocity between government and industry. The Joint Cyber Defense Collaborative (JCDC) has demonstrated how voluntary partnerships can accelerate threat information sharing, but most collaboration remains one-directional.

To achieve true synchronization, agencies must move toward reciprocal intelligence exchange, aggregating anonymized, cross-sector data into federal analysis centers and pushing synthesized insights back to operators. This not only democratizes access to threat intelligence, but also creates a feedback-driven regulatory ecosystem.

In the AI era, where both defenders and attackers are leveraging machine learning, shared visibility becomes the foundation of collective defense. Federal frameworks should incorporate AI governance principles, ensuring transparency in data usage, algorithmic accountability and protection against model exploitation, while enabling safe, responsible innovation across critical infrastructure.

A unified future for resilience governance 

CIRCIA and NIST Cybersecurity Framework 2.0 have laid the groundwork for a new era of harmonized oversight — one that treats resilience as a measurable capability rather than a compliance checkbox.

Achieving that vision will require a mindset shift at every level of governance. Federal regulators must coordinate across agencies, industry partners must participate in shaping standards, and both must view oversight as a dynamic, adaptive process.

When frameworks align, insights flow freely, and regulations evolve as quickly as the threats they are designed to mitigate, compliance transforms from a bureaucratic exercise into a national security asset. Oversight modernization is the blueprint for a more resilient nation.

 

Dr. Jerome Farquharson is managing director and senior executive advisor at MorganFranklin Cyber.

The post Harmonizing compliance: How oversight modernization can strengthen America’s cyber resilience first appeared on Federal News Network.

© The Associated Press

EXPERT PERSPECTIVE — About a week before being interviewed by Richard Bruce Cheney about whether I would be the right person to serve as his national security briefer, I broke a bone in my left foot. While bounding down the stairs at home in a rush not to be late to a meeting at the National Security Council, I missed a step. So, rather than spending the morning at The White House, I spent it at a doctor’s office getting a big, goofy, purple cast on my left leg. Fantastic. How better to exude to the Vice President of the United States that I would be competent as his President’s Daily Brief (PDB) briefer, than hobbling into the interview with a cast? Somehow, I got the job.

During the presidency of George W. Bush, the President and Vice President’s PDB briefers met and traveled with them six days a week, sometimes seven. We would awaken every morning around 1:00am to prepare what is known as the “Book” and accompanying material. The Book was the President’s Daily Brief itself, a brutally concise, relatively short collection of intelligence analyses produced at that time, by just the CIA; it went to a short list of designated policymakers. All who received it also got morning briefers to accompany and expand on the content as needed and to take taskings, but only those for the President and Vice President routinely traveled with them. In addition to the PDB, there was “behind-the-tab” material for all recipients except the President. In Cheney’s case, I decided—with zero supervision or coordination—what he also needed to see, per my judgement. Raw intel, press pieces, book summaries, graphics, and anything else that I thought could be useful.

I generally briefed the then-Vice President at the Naval Observatory, the official residence for U.S. vice presidents. But just a week into the job, I accompanied him on Marine Two to Camp David, where he would attend some meetings. Thus began a rapid, daily learning curve into who this man was - starting with how he treated others.

“Others” fell generally into two categories with little gray area between—those he respected and those he did not. People in both categories usually knew where they stood, and Cheney didn’t manifest different orientations toward people based on their societal stations in life. This was a man whose default setting was to show courtesy and respect toward others unless they convinced him otherwise. Every one of his ushers, central members of the residence staff, told me individually - with zero nudging from me - that they liked the Cheneys much more than they liked their predecessors. Why, I asked. Because the Cheneys always showed respect to them, their time demands, they told me. As for those in the other category? Many of us recall Cheney telling Senator Patrick Leahy to “go f*** yourself” on the Senate floor in 2004. He also bluntly expressed his opinions on a wide range of actors and even nations to me during our time together. Few if any fell into gray area.

Nominations for outstanding leaders in national security and intelligence are now open for the 2026 Cipher Brief Honors Dinner. Find out more here.

Cheney consistently hosted the longest of the PDB sessions across all PDB recipients of that Administration, a reflection of his intellectual curiosity, the endless stacks of books and other things he read, his many years of navigating the U.S. Government and geopolitics, and the fact that on most mornings, he went from his briefings with me to attending PDB sessions with his boss. I always had at least 30 minutes with him, and on mornings when events or travel altered the President’s schedule, my sessions could stretch beyond 90 minutes.

Something that was reflected in his time commitment to those PDB sessions was that, among being many things, Dick Cheney was an overachiever of the world-class order. Whatever task, duty, mission, strategic pursuit that might be in his cross hairs, he would be utterly prepared. This part of him of course helped land his stint as the youngest White House Chief of Staff in history, under President Gerald Ford.

Much has been written about Cheney’s role and actions in the immediate wake of 9-11; I came after, during the run up to and consequences following America’s second invasion of Iraq. Because of when I briefed him and the job I took immediately afterward in July 2003 - Chief of CIA’s Iraq enterprise covering military, political, leadership, and economic analysis - I draw from a unique combination of perspectives to offer context on the Iraq, Dick Cheney story. Some will be surprised by what I saw including during NSC meetings chaired by President Bush and attended by Cheney when I sat in as the 'plus-one' for the CIA Director or for the Director of National Intelligence.

On March 16, 2002, Dick Cheney said on NBC’s Meet the Press, “I think things have gotten so bad inside Iraq, from the standpoint of the Iraqi people, my belief is we will, in fact, be greeted as liberators . . . I think it [the invasion] will go relatively quickly . . . weeks rather than months.” As we now know, he - and other seniors in the Bush Administration - could not have been more wrong.

Not long after we invaded Iraq in March of 2003, violence there began to swell up, and soon thereafter the CIA enterprise I headed gave President Bush and Cheney - their first and highly unwelcome dose of the “I” word: insurgency. Early on, Bush and other Administration seniors explained the sources of the violence as “criminals, regime dead-enders, or trouble-makers” pushed into the country by Iraq and Syria as operatives. But in the summer of 2003, we put a PDB into the Oval Office arguing that an organized and indigenous insurgency was quickly developing. Feedback from Bush’s PDB briefer that morning was “The President was so angry he came off his chair. He wants a memo tomorrow morning recounting when we warned him this was coming.” A lot people worked overnight to produce that 4.5-page piece, which delivered what was asked.

At some point between that initial shock and late summer, fall of 2003, Cheney - whom we had briefed in more detail on the insurgency, told us “The President needs to hear this.” Consider that one of the Administration’s most vocal and influential advocates of invading Iraq, who had been on record saying the effort would be easy and short, had now turned to persuading Bush and his entire NSC that we faced an insurgency in Iraq. Cheney knew that this information, once it entered the public arena, would likely get himself as well as President Bush eviscerated by the media and by critics. But that seemed to matter little to him; the United States was underestimating what it was now facing in Iraq, and Cheney’s focus became aligning policy with reality.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

A few days before Veterans Day in 2003, someone in the CIA Director’s office told me there would be a briefing that day for Bush’s NSC on Iraq that I would lead. Cheney had facilitated this. I also was told I could take one analyst of my choice, but I knew some on the NSC would push back hard and would expect "in the weeds" details of our analysis, so I subbed myself out and sent two senior analysts who knew the weeds - a superlative military expert and a political-analyst counterpart.

It was a PhD and former Marine CIA military analyst in my Iraq enterprise who forced then Secretary of Defense Don Rumsfeld and others to accept that an insurgency was emerging in Iraq. The analyst’s most persuasive moment came when Rumsfeld argued forcefully that there were several and differing definitions of insurgency, making use of the word confusing at best and inaccurate at worst. That military analyst calmly but firmly summarized the two most widely accepted definitions and illustrated that the CIA’s conclusion was based on the one observed by Rumsfeld’s Department of Defense. The analyst also laid out premises needed to justify that definition, all of which all in the room were seeing. Bush declared acceptance, noted that NSC members had to be square with this reality among themselves, and requested all to avoid the word insurgency in public.

Let me close with an insight that sheds light on Cheney’s near obsession with going into Iraq to find WMD and then showing a level of comfort with enhanced interrogation techniques that many find appalling.

One morning after a PDB briefing with me, Cheney sat back and recounted some history following the Gulf War, during which he was Secretary of Defense. He reminded me with some energy that during interrogations of Saddam Hussein’s son-in-law Hussein Kamel, who defected temporarily, we learned that Iraq’s nuclear-weapons program was further along than we had assessed. Rather than a form of scolding for off-the-mark CIA analysis back then, this perspective he was sharing signaled an acknowledgement that I knew the weight of his role in persuading Bush ’43 to invade Iraq—and in his mind, he had good reason. If we were underestimating Saddam’s WMD program again and Osama bin Laden gained access to any part of it, the consequences for Americans would be catastrophic.

The Economist Magazine recently summarized the unwavering sense of duty to nation felt by Cheney. In the closing words of its obituary in reference to criticism about his posture toward countering terrorism, and on being wrong about WMD in Iraq, The Economist wrote: “He was unmoved . . . He was, as always, just doing his job. Trying to protect America.”

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

• In 2003, the Department of Defense established the Under Secretary for Intelligence (amended in 2020 to the Under Secretary for Intelligence and Security); the office acts as a chapeau for Defense Intelligence. Its role in oversight of the Military Intelligence Program arguably could give it influence over the defense intelligence agencies and services, if the office leaned into its leadership role.
• In 2004, Congress amended the 1947 National Security Act and created the Director of National Intelligence (DNI), taking the role of manager for community intelligence from the Director of the CIA. This move did not reengineer how the IC is organized.

For nearly eighty years, we have been tinkering and adding to the IC but we have not fundamentally redrawn or refocused it. Now is the time to do that. Three critical junctures make it imperative that we rethink how the IC is organized and functions. Important technological advancements need to be the heart beat of how the IC does its work. Global conditions are emphasizing the need for gray zone work/cognitive warfare which currently is a side hustle of the IC and needs to become a focus. Finally, the IC has become too unwieldy and dispersed to have the impact it should.

Congress is proposing changes to the DNI, legislating procurement, and legislating definitions of covert warfare versus irregular warfare, but that remains piecemeal and not far reaching enough. As a whole, the IC has been directed to downsize. This is sorely needed as the overlap and bloated bureaucracies help to develop the go it alone mindset. A leaner IC will force integration.

Now is the time to go back to the drawing board and reimagine what our intelligence community should look like:

• Technology forward.
• More emphasis on publicly available information.
• More integrated and driven by USG foreign policy strategies that have clear goals.
• Closer ties between the Department of Defense and the rest of the intelligence community.
• Focus on irregular warfare, cognitive warfare, and gray zone activities.

A Technology-Driven IC

The heart of the new IC should be embodied in two new organizations that are retooled from existing structures: one that is an Open Source Center that curates all Open-source data; and one that is a technology hub that oversees and develops technology for the entire IC—a one stop shop.

The Open Source Center would be the heart of analysis for the new IC. It would be loosely modeled after the old Foreign Broadcasting Information Service (FBIS) that procured important open source articles and books and provided translations for the entire government during the Cold War era. Individuals working in this new agency would range from those without clearance to those with high clearance levels but the data would be all unclassified—until merged into a comprehensive story board. The data and tools would be accessible to the entire IC. The center would include the latest AI technology to help highlight anomalies. It would include data analysts from government, tech companies, and companies that are already working commercial data open source analysis.

The Open Source Center currently housed at the CIA and DIA’s Open Source organization would be the nucleus of the personnel for this work. Analysts and technology specialists would work together to gather the latest trends to feed the rest of the government. The center would work with partners and allies to bring in their data and share patterns. Eventually, the patterns and anomalies procured in this center would be merged with U.S. exquisite intelligence, but more routinely, this publicly available or procured unclassified data would be used to provide warning at the strategic, operational, and tactical levels across government agencies, to partners, and when appropriate, to the American people. This data would feed the U.S. IC and military watch centers across the world as a first notice of concerning anomalies.

In order to speed up technology procurement and ensure that leading-edge technology is being used by the IC, we need an IC technology center or hub. Much like the parts and pieces of IARPA, DARPA, and IN-Q-TEL that compete, this unit should bring in all the technology experiments and investments so that the successes can be shared across the IC more quickly. This would allow government and industry to focus on the IC’s technology priorities, make pricing of new technologies more competitive, and cut down on boutique answers to requirements that cannot be scaled IC wide. It would also speed up technology acquisition by bringing in some of the authorities for quick procurement that the above agencies have. This Center would support both Defense and civilian intelligence organizations and be manned by personnel from across the entire IC.

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

DNI for All

Turn the DNI into the organization that it was made to be—the leader focused on oversight, guidance, and integration of the entire IC. This does not need to happen with a lot of bureaucracy. The right leaders and experts can do this work.

The DNI has never been given the powers that it needs to fulfill its mandate. To do this, the DNI must have say over the entire National Intelligence Program budgeting. Currently, the DNI’s oversight is watered down by having little budget decision making authority. If they do not like the direction that the DNI is providing, the other intelligence agency Directors go directly to Congress who will earmark specific funds and the DNI, who answers directly to the President, is thwarted. This needs to change.

Defense intelligence makes up the largest part of the intelligence community with each service having its own intelligence unit, each COCOM having its own, and the collection support agencies technically being under the Secretary of Defense. To oversee this enterprise, the Office of the Secretary of Defense created the Undersecretary for Intelligence and Security (OUSDI&S) in 2003. This office continues to struggle to find its footing in the IC. As stated previously, it has some power that the DNI does not in that it has sway over the Military Intelligence Program (MIP) budget. However, the CSA Directors have their own avenues of communication to the Secretary of Defense, the DNI, and Congress. To fix this issue, the I&S Under Secretary simultaneously should act as the DNI Deputy. The Director for Military Affairs at the DNI should be the Department’s and I&S’ in-house consultant on a day-to-day basis and act as conduit between DNI and OUSDI&S. This arrangement would streamline the multiple meetings that CSA Directors are invited to attend separately with I&S and DNI—they could be held at the same time. It would also make it clear that OUSD I&S brings the rest of the defense intelligence agencies to the table and sets joint IC priorities.

A key issue in the IC is that there is no comprehensive strategy for countering our adversaries. While the NSC sometimes tries to play the role of the strategy developer, most NSC Directors do not thoroughly understand the capabilities of each of the intelligence agencies and IC agencies are not compelled to follow the direction of such strategies, especially when the NSC provides competing priorities. Either the IC is left out or there are multiple IC entities who compete with each other to try to develop the strategy. It makes most sense to have the DNI embrace its integration role and represent the entire IC to the NSC to develop the IC portion of strategic competition strategies. The DNI, with its National Intelligence Managers, would lead IC strategic competition teams so that these teams could be prioritized by resources and personnel.

By retasking and focusing the DNI workforce, the above work can be accomplished without growing the workforce and with more streamlined personnel numbers. The IC also needs to entice the best and brightest to work at the DNI. The IC needs those individuals who truly are experts both in their functional area and as intelligence professionals. Agency directors must recognize the importance of interagency work and reward that work. Over time, the real IC experts and leaders no longer go to DNI on rotation because they have seen their home agencies shut them out upon return.

All Source Agencies Should Double Down on Core Competencies

CIA and DIA have spread into each other’s lanes so that there is now a duplication of analysis and, in some cases, collection. CIA should focus on nonmilitary issues such as political stability and economics, and DIA should focus its workforce on military and military technology issues. Of course, there will be a gray area but that should be worked out between the Directors of the two agencies. Some would say that we should have only one all-source analytical organization. The issue with that is that the needs of the Department of Defense for niche military analysis would overwhelm the economic, medical, and political stability issues that CIA focuses on. Both need to be done and both have their customers.

During my time as a young analyst at CIA, my focus was on political stability and when I had to brief or write on a specific military issue that required anything more than basic knowledge, I would call my DIA counterpart to provide his/her expertise. That individual would be able to discuss all aspects of a weapon system, military personalities, and readiness, etc. When DIA analysts were asked to discuss stability issues, they would bring me with them and together we could paint a holistic story.

Single Source Agencies

The National Geospatial Agency and the National Security Agency are both U.S. treasures. We need to keep them focused on their core competencies by feeding them commercially available data—do not make them go out and develop analytics, buy data sets, etc. We also need to keep them focused on their genre. They should not be doing all source analytics.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Emphasizing Irregular and Cognitive Warfare

Irregular warfare must be a focus of U.S. national security policy going forward. This concept needs to include cognitive warfare as a regular tool for national security leaders. Instead of the steel-eyed focus on dominating an opponent’s military, with the covert and clandestine arts as a small subset of our national security, we must focus on positively influencing governments and populations as much as we focus on overcoming an adversary’s weapon system. We must excel at denial and deception and information operations that give our adversaries pause during peacetime and make them think hard about any offensive engagement with the U.S.

We also must use all the gray zone tactics to be prepared in case the worst happens and we are in a kinetic fight. This gets accomplished through the use of irregular warfare and well thought out strategic campaigns. This requires a "whole-of-government" approach. No single government entity can win an irregular war on its own. With a DNI that is truly leading the IC and partnering with the Department of Defense, the DNI’s, National Intelligence Managers would work with COCOMs to help develop these irregular warfare or competition strategies and bring in intelligence units from all the agencies to include state, treasury, energy, military services, etc.

To further support a whole of government effort in this area, we need to develop an OSS-like agency that has oversight of CIA HUMINT and covert capabilities with DoD HUMINT and clandestine capabilities. This small but mighty organization would focus on deconfliction and training. It would respond to gaps and requirements using the best athletes from the appropriate agency or department. The current office of Community HUMINT could be the nucleus for this new entity but it must move from CIA to DNI so that DNI can play its leadership/integrator role.

Defense Intelligence

DIA began as an all-source agency to support the warfighter. It has developed into a large bureaucracy. DIA headquarters needs to be refocused and slimmed down to a staff that provides support to the Pentagon (OSD and Joint Staff) and to the COCOMs. Headquarters should only provide those supporting functions such as training, resources, personnel, infrastructure, and data. They should also deconflict and integrate the work of the individuals in the field and at the COCOMs. COCOMs, OSD, and Joint Staff should be plussed up with analysts and collectors currently at DIA headquarters. They would work on the issues that the operators and military decisionmakers need to be worked on.

Conclusion

This new IC would have a clear leader and be refocused on technology, publicly available information, and developing strategies for gray zone competition. The other proposed changes clean up ongoing issues that add to some dysfunction and distraction in the IC. This focus on technology and publicly available information leaves the most sensitive activities that any global power must perform to a smaller, more focused group of individuals who would be experts in the field of covert and clandestine activities. The plan also stops some of the redundancies across the three important areas of analysis, technology, and sensitive activities. It clarifies leadership roles and allows enough overlap to encourage some internal IC competition while providing for better oversight.

Who’s Reading this? More than 500K of the most influential national security experts in the world. Need full access to what the Experts are reading?

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

This No Fuss No Knead Focaccia Recipe with walnuts, garlic and rosemary is very very forgiving and very delicious too. I love the moistness it offers, the flour to water ratio baking up a beautiful crumb.

The post No Fuss No Knead Focaccia Recipe with walnuts, garlic and rosemary… simple and delicious appeared first on Passionate About Baking.

In an anonymous statement, a Tor administrator explains how the Dutch intelligence agency AIVD attempted to recruit him. His story gives a detailed insight into the expanding power of the security state, whose influence now reaches into the business world, prestigious universities, and (international) hacker communities.

Marco*, the provider of the statement, is a 30-year-old Dutchman with a Master of Science degree from the Delft University of Technology. He is an expert concerning the Tor network who – for research purposes – runs some Tor exit nodes. Marco states:

“Suddenly, I was approached by a man and woman at a gym I frequented at that time. They identified themselves with a badge from the Ministry of Interior and explained they were working for the AIVD. I felt somewhat overwhelmed, and I was afraid I had got myself into trouble.”

That is a common tactic used by intelligence agencies. They do not announce their visit in advance so that they can overwhelm their targets. It also gives them an edge before the recruitment process has started.

“First, they asked all sorts of questions related to my education. They had read my thesis regarding IT security and complimented me extensively.”

‘Ego boosting’ is yet another tactic to make the target feel important and comfortable. It also makes you somewhat forget that you are talking to an intelligence officer.

“At one point, they offered me all types of jobs at the AIVD. I could work from their office, but I could also do fieldwork as an informant or infiltrator. They explained they were creating a special team called the Joint Sigint Cyber Unit (JSCU).”

The JSCU is a special department that encompasses employees from the AIVD, as well as the military intelligence agency MIVD. In the past few years, the department has grown significantly to 700 employees, including fifty hackers. Their task is to intercept radio and satellite communications and to engage in cyberwarfare. The JSCU is known to share intelligence with foreign agencies, such as the CIA and the NSA.

“Their approach clarified to me that the intelligence agencies are monitoring IT students in the final stages of their education. They are also looking for individuals who are slightly older – but still connected with younger generations – for management positions.”

At that point, the intelligence officers become more open about the intended targets of the unit:

“Subsequently, they asked me if I was interested in traveling for several years. I could also work for a German technological company. The idea was to travel to Germany and visit Hackspaces of the Chaos Computer Club. I had to report on these events, and the agency would cover all costs.”

The Chaos Computer Club (CCC) was founded in West-Germany in 1981. It is the largest European hacker organization, with approximately 7700 members. The CCC is an independent association that, among other things, shows a strong commitment to (online) privacy, cryptography, and anonymity. Given the expertise and activities of some members, the CCC acts as a magnet for intelligence agencies.

“They kept offering me proposals. They promised me ‘unparalleled opportunities’ if I decided to work for the AIVD. They told me I could attend hacker parties in Spain, Italy, and Austria, and consider those events as paid holidays.”

Then, more targets were mentioned:

“The male intelligence officer explained the AIVD was interested in the developers of Tor and Tails. What he meant was that they need informants and infiltrators, but he said this in a lengthy way. According to the officer, this was part of an international operation.”

Aside from paid expenses and travel costs, Marco was offered a substantial starting salary.

“I could determine my salary, as long as it was no more than 5000 euros per month.”

Despite these generous offers, Marco was able to see through the grooming efforts. He refused, but initially, the officers kept attempting to convince him. When Marco persisted, the tone of the conversation changed. Now, the time for compliments was over.

“We know you are building Tor exit nodes. If you do that while working for us, you can make a living out of it. If you do not work for the intelligence agency and something illegal occurs, we cannot prevent the police from raiding your house and confiscating your equipment. Finally, the officers explained to Marco that talking about the meeting was a criminal offense. After giving me their number, they left.”

Marco’s story demonstrates the priorities and dedication of intelligence agencies. And already they have achieved success. In 2017, the Dutch authorities announced they had taken over, dismantled, and deleted Hansa Market, at that point, one of the largest markets on the dark web.

If intelligence agencies succeed in infiltrating service providers such as Tor and Tails, this will be a severe blow to online privacy and anonymity.

*Marco is a fictitious name.

The post How intelligence agencies recruit Tor administrators appeared first on Rana News.