Reports & Papers

This paper provides a framework for a program to advance IC ethics professionalization, to better serve the national interest, avoid ethical lapses or moral pitfalls, and strengthen US national security and the Intelligence Community against the risk of politicization. The program would serve as catalyst for national security intelligence officials to better perceive, reflect on, make judgments about, and potentially act on ethical lapses in the midst, in adjacent units, or higher in the chain of command. The program would provide a means for officials to deliberate on real or hypothetical ethical dilemmas, both as individuals or in groups.

Establishing norms for state behavior in cyberspace is critical to building a more stable, secure, and safe cyberspace. Norms are defined as “a collective expectation for the proper behavior of actors with a given identity,” and declare what behavior is considered appropriate and when lines have been crossed. Cyberspace is in dire need of such collective expectations. However, despite efforts by the international community and individual states to set boundaries and craft agreements, clear and established cyber norms for state behavior remain elusive. As early as 2005, the UN Group of Governmental Experts (GGE) and UN Open-Ended Working Group (OEWG) both aimed to create shared “rules of the road,” but fundamental disagreements between states and a lack of accountability and enforcement mechanisms have prevented these initiatives from substantively implementing cyber norms. As a result, the international community and individual states are left with no accountability mechanisms or safeguards to protect civilians and critical infrastructure from bad actors in cyberspace.

The Intelligence and Applied History Projects hosted a National Security Act Essay Contest in 2022 entitled: “Imagining a New National Security Act for the 21st Century.” The contest sought to generate new ideas for improving the intelligence and national security community in the US based on the dynamic security environment we face in the 21st century. The essay prompt offered a variety of hypothetical scenarios where intelligence failure contributed to catastrophic failure and posed the question: what you would change now to improve the intelligence and national security posture of the US?

The winning essays, from a field of approximately 75 applicants, were authored by (1) Russell Travers, (2) Sophie Faaborg-Andersen, and (3) Marie Couture and Laurie LaPorte. The authors' winning essays appear in this report.

In more than seven decades of study after study, the U.S. Intelligence Community (IC) has identified a lack of diversity in the workforce as a problem. Beginning with a 1953 Central Intelligence Agency (CIA) report on women in the agency, tellingly titled “The Petticoat Panel,” organizations have documented a lack of presence and opportunity for women, minorities, and other groups including people with disabilities. Recommendations and actions were repeated over the years with marginal results. This paper reviews efforts of what has been done, what has succeeded, and what has failed as an important starting point for building a robust intelligence workforce for the latter half of the twenty-first century. It then offers recommendations for overcoming systemic challenges and fostering culture change to improve diversity across the community.

This essay makes three arguments. First, the US government will need to establish a coronavirus commission, similar to the 9/11 commission, to determine why, since April 2020, the United States has suffered more coronavirus fatalities than any other country in the world. Second, the COVID-19 pandemic represents a watershed for what will be a major national security theme this century: biological threats, both from naturally occurring pathogens and from synthesized biology. Third, intelligence about globalized challenges, such as pandemics, needs to be dramatically reconceptualized, stripping away outmoded levels of secrecy.

"When government agencies discover or purchase zero day vulnerabilities, they confront a dilemma: should the government disclose such vulnerabilities, and thus allow them to be fixed, or should the government retain them for national security purposes?"