Pentagon Sets New Framework for Security Policy
The Department of Defense this week established a new Defense Security Enterprise that is intended to unify and standardize the Department’s multiple, inconsistent security policies.
The new security framework “shall provide an integrated, risk-managed structure to guide DSE policy implementation and investment decisions, and to provide a sound basis for oversight and evolution.”
The Defense Security Enterprise, launched October 1 by DoD Directive 5200.43, is a response to the often incoherent and internally contradictory state of DoD security policy.
An Inspector General report earlier this year said that there were at least 43 distinct DoD policies on security that could not all be implemented together.
“The sheer volume of security policies that are not coordinated or integrated makes it difficult for those at the field level to ensure consistent and comprehensive policy implementation,” the DoD IG wrote. (“DoD Security Policy is Incoherent and Unmanageable, IG Says,” Secrecy News, September 4, 2012.)
But under the new Defense Security Enterprise, “Standardized security processes shall be implemented, to the maximum extent possible and with appropriate provisions for unique missions and security environments,” the DoD directive said.
The new structure is supposed to “ensure that security policies and programs are designed and managed to improve standards of performance, economy, and efficiency.”
But the directive does not explain how to proceed if “performance, economy, and efficiency” prove to be incompatible objectives.
Nor does it provide a working definition for the crucial concept of “risk management.” This term, often contrasted with “risk avoidance,” implies an increased tolerance for risk (i.e. risk of failure). But the practical meaning (or the limit) of this tolerance is nowhere made explicit.
The Defense Security Enterprise will be managed by “a core of highly qualified security professionals,” the DoD directive said.
It is in the interests of the United States to appropriately protect information that needs to be protected while maintaining our participation in new discoveries to maintain our competitive advantage.
The question is not whether the capital exists (it does!), nor whether energy solutions are available (they are!), but whether we can align energy finance quickly enough to channel the right types of capital where and when it’s needed most.
Our analysis of federal AI governance across administrations shows that divergent compliance procedures and uneven institutional capacity challenge the government’s ability to deploy AI in ways that uphold public trust.
From California to New Jersey, wildfires are taking a toll—costing the United States up to $424 billion annually and displacing tens of thousands of people. Congress needs solutions.