The Cipher Brief

Artificial intelligence is moving quickly into national security work. That is not a future trend. It is already happening in analysis, collection support, cyber defense, logistics, language processing, software development, and mission planning.

The real question is no longer whether AI will be used, it is.

The harder question is whether we can trust it inside mission environments where bad data, weak access controls, poor model governance, or untested automation can create real operational risk.

For years, cybersecurity leaders have been trained to think about systems, networks, endpoints, identity, and data. AI changes that model. It does not replace those risks; it adds a new layer of uncertainty on top of them. An AI system can be technically functional yet unreliable, manipulated, over-permissioned, poorly sourced, or impossible to explain.

That is a problem in any enterprise. In national security, it is a significant mission risk. AI assurance is not just a compliance exercise. It is the discipline of proving that an AI-enabled capability is fit for purpose, secure enough for its environment, monitored after deployment, and governed by people who remain accountable for the outcome.

Most organizations still treat AI adoption as a technology deployment. Buy the tool, issue a policy, run a pilot, brief the results. That approach may work for low-risk productivity use cases. It does not work when AI is connected to sensitive data, operational workflows, classified environments, or decision support. The model is just part of the risk. The larger risk is the infrastructure around it. In a traditional system, we asked: who has access to the data? In an AI-enabled workflow, we also have to ask: what can the model infer, summarize, combine, expose, or act upon once access is granted? A user may not be authorized to see every underlying source in a system, but an AI tool connected to that system can, and may generate a summary that reveals sensitive relationships, operational context, or protected information.

The same is true for retrieval-augmented generation (RAG). RAG can make AI more useful by grounding responses in ‘trusted’ data. However, it can also create a new attack surface if source material is stale, poisoned, poorly labeled, or pulled from repositories with weak access controls. If the retrieval layer is not governed, the model can confidently produce bad answers from bad inputs.

The answer is not to slow-roll AI into irrelevance. The answer is to operationalize assurance. There are five things national security organizations and cleared industry should be doing now.First, inventory AI use cases like mission systems. Leaders need to know what AI capabilities are being used, what data they touch, who can access them, and what decisions or workflows they influence. Shadow AI is not a user behavior problem alone. It is usually a signal that the enterprise has not provided secure, usable options fast enough.

Second, treat data provenance and lineage as core requirements for data management. AI assurance starts before the model ever generates an answer. Organizations need to know where training data, reference data, embeddings, and retrieval sources came from, how that data moved through the environment, how it was transformed, who validated it, who can modify it, and whether those changes are logged. Provenance tells us the origin of the data. Lineage tells us what happened to it along the way. Without regimented data management, the organization cannot confidently assess whether the model’s output is accurate, up to date, authorized, or appropriate for the mission. If the data supply chain is weak, opaque, or poorly governed, the AI output is already questionable.

Third, test AI models against mission-specific use cases. This could include adversarial prompts, poisoned documents, prompt injection, tool misuse, and hallucinated citations and references.

Fourth, monitor after deployment. Models change. Data changes. User behavior changes. Threat actors adapt. Assurance has to be continuous and include logging, drift detection, output review, access monitoring, and clear thresholds for when a tool should be paused, updated, restricted, or removed.

Fifth, keep humans accountable. Humans-in-the-loop should have clear and accountable responsibilities defined. What is the reviewer expected to verify? What decisions can never be fully delegated to the AI tool?

The organizations that get this right will be the ones that build disciplined AI operating models. They will have clear use cases, controlled data access, measurable evaluations, audit trails, and documented risk ownership.

AI is becoming one of the most important force multipliers in national security and economic competition. It has the potential to narrow gaps between larger and smaller countries, established and emerging companies, and well-resourced and resource-constrained organizations. Capabilities that once required large teams, specialized infrastructure, or years of institutional advantage are becoming more accessible through AI-enabled tools. That is why assurance matters. For the Intelligence Community and the national security industrial base, AI assurance should become a core discipline. Before we scale AI into mission operations, we need to prove we can govern it, test it, monitor it, and explain when it should not be trusted.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Learning Velocity: The Next Strategic Advantage

Entrepreneurs realize that speed compresses learning. They know some of their initial assumptions will be wrong or only partially right, so going fast allows them to test ideas and move from opinions to evidence to products before they run out of cash or time.

A startup that spends years to get to market may end up solving the wrong problem. The startup that launches in weeks or months figures out what their audience cares about, what is irrelevant and they evolve their approach in real-time. Test, learn, adapt and repeat the cycle.

The most successful entrepreneurs know that the original idea is often less important than the rate at which they improve it.

This thinking has existed for decades. Now, AI enters stage left.

The Importance of Learning Velocity

We are entering an era where learning velocity is reducing the time between a question and an answer, an idea and a test and a mistake and its correction.

Learning Velocity is the speed at which an individual, organization, or nation converts information into capability, decisions, and action. Increasingly, competitive advantage is determined not by who possesses the most information, but by who learns from it fastest.

AI changes the speed and quality of the learning cycle.

Can we understand if a disinformation attack is starting before it succeeds?

Can we routinely build synthetic adversary simulations worldwide to improve our preparation?

Can we see 10,000 new accounts emerge in a few weeks to amplify identical narratives across five platforms in five languages and know exactly who is driving it?

Can we identify the next TikTok or Discord well before it gains altitude?

Adversaries realize the pace at which they learn is often as important as what they learn if they are to win the race to market. From Silicon Valley to Bekaa Valley, the learnings are the same. It’s all a matter of how it is applied.

Are We Ready?

Throughout history, strategic advantage has often belonged to those who learned faster than their adversaries. U.S. military doctrine embraced the OODA Loop—Observe, Orient, Decide, Act—as a model for accelerating decision cycles faster than opponents.

Times have changed. Bad actors are compressing learning cycles from months to days and increasingly from days to hours. The public and private sector too often operates on models of learning that are designed for a slower century.

Their advantage is not necessarily better technology, more information, or greater resources. Their advantage is that they learn faster.

Let’s imagine how they learn for a minute.

Imagine the Fastest-Growing University in the World

It has no campus, no admissions office, no tuition, and no accreditation.

Its students come from every country. Its curriculum updates daily. Its teaching assistants are powered by artificial intelligence.

Its graduates include cybercriminals, fraudsters, influence operators, hostile intelligence services, extremist groups, and increasingly, highly capable lone actors.

Welcome to the New University for Bad Actors

Freshman Year: Open-Source Intelligence

Freshmen begin with open-source intelligence 101.

Their textbooks include LinkedIn, Google Earth, company websites, SEC filings, public procurement records, satellite imagery, and social media.

Their first assignment is simple: learn everything possible about a target without ever touching its network.

They learn how to map executive organizational charts, vendor relationships, facility layouts, and employee behavior patterns almost entirely from publicly available information. Whether or not they put on the “freshman 15”, they will learn how to use commercial satellite imagery, drone footage, all forms of digital media, ship, aircraft and supply chain tracking data, patent filings, geolocation tools and more.

Sophomore Year: AI-Assisted Learning

This is not followed by a sophomore slump. Rather, they rapidly move into AI-assisted learning.

Their professors are ChatGPT, Claude, Gemini, Perplexity, Grok, DeepSeek, and other large language models.

What once required months of research can now be accomplished in hours.

Generative AI enables bad actors to create deepfake videos, cloned voices, fabricated identities, realistic images, and highly personalized communications at scale. AI agents can conduct individualized outreach to thousands of targets simultaneously, making social engineering attacks more believable and more effective.

They learn how people form trust. Why a narrative resonates or fails with an audience. How to choose the right topics, build a plan and create polarization. And they start to see where trust is weak and where attacks may be more successful.

They are becoming better students of human behavior.

Junior and Senior Year: Laboratories and Code

Juniors enter the laboratories ready for one of the most important shifts in intelligence and strategic competition.

Hugging Face, GitHub, ArXiv, Discord developer communities, Papers with Code, Stack Overflow, Reddit, Kaggle, and open-source communities become classrooms where they learn how innovation occurs and where the world is going.

They learn which AI capabilities have the most promise in the next year. They can see which technologies are gaining acceptance and which ones are losing steam. Perhaps most important, they witness which workforce skills will be most valuable. They know the performance benchmarks, which datasets matter and where the problems lie.

These students realize they can see which technologies have promise years before they become mainstream.

They are also keenly aware of the speed of innovation. They can read the signals of repository growth, model releases, publication speed and more.

The graduation ceremony is brief. No champagne, just more learning ahead.

Graduate Studies: Shared Learning Networks

Graduate students enter encrypted networks, private forums, and invite-only communities where ideas, techniques, and lessons learned are exchanged among peers. Successful attacks are dissected and analyzed. Indicators of compromise, response timelines, victim profiles, and operational mistakes are openly discussed so that future attacks become more effective.

Every successful operation becomes a lesson for the next one.

Some students have more to learn.

Doctoral Research: Data as a Weapon

Doctoral candidates study commercial data ecosystems, public records, and digital surveillance.

They discover that some of the most valuable information does not need to be stolen. It can be purchased.

Post-doctoral researchers venture into dark web marketplaces and specialized forums where knowledge, tools, services, and expertise are exchanged at extraordinary speed. Personal information, new malware, breached corporate data, criminal service marketplaces, critical infrastructure targeting and more.

The dark web and shared learning networks provide that competitive advantage – information others don’t have.

Why Are They Learning Faster Than We Are?

Bad actors are not necessarily learning more than we are. The real difference is how fast they learn.

When resources are constrained and survival depends on adaptation, speed of learning becomes a competitive weapon. The most successful entrepreneurs build companies with an idea, often inadequate finance resources and a ticking clock showing they could run out of time.

Speed is not only an asset, it is about survival of the idea.

A New Era Deserves a New Model

The challenge for many established institutions is not a lack of intelligence, talent, or resources. It is resistance to change.

We don’t like failed pilots, so people stop experimenting. Our budgets are annual. Our feedback loops are slow. We may learn quickly, but we act slow.

Behavioral economists refer to this as loss aversion. Humans experience the pain of losing existing processes, authority, expertise, and familiar ways of working more intensely than the potential gains associated with adopting new approaches.

The reality is learning faster than adversaries and adapting faster will be our advantage to create and sustain.

Learning Velocity will become our long-term strategic advantage, which means we need a practical way to evaluate our progress.

The model is defined as the speed at which an individual, organization, or nation converts knowledge into capability.

The Learning Velocity Model

L — Locate

How quickly can we identify emerging threats, opportunities, technologies, and changing conditions?

Measure in days, hours, minutes and seconds.

E — Evaluate

How quickly can we determine what matters and separate signal from noise?

What is in the way of any decision?

Are we learning in the best places?

A — Align

How quickly can insights spread across teams, agencies, departments, and decision-makers?

If any insights are blocked, is this done to improve our security?

R — Respond

How quickly can knowledge be converted into decisions, actions, and measurable outcomes?

Time from moment we know to moment we impact. The full timeline is important.

N — Navigate

How quickly can we adapt when assumptions prove wrong or circumstances change?

How do we learn from failure? Are we improving our ability to anticipate?

Preparing for a World Beyond AI

AI will continue to serve as a learning accelerator. It will be joined by quantum computing, which will make it possible to simulate a problem in minutes or hours. 6G will expand how we connect billions of sensors, vehicles, drones and devices to feed AI systems. Digital twins will create virtual versions of supply chains, aircraft, power grids and more so we can test operational concepts before deployment. The physical world will become measurable in new ways, ranging from advanced sensors to satellites.

And of course, as these technologies converge, new transformational waves will be experienced.

The future competitive advantage will belong to the organization or country with the fastest and most adaptable learning system, not the most information.

Moore’s law was first proposed in 1965. Gordon Moore, co-founder of Intel, predicted that the number of transistors on a chip would double every two years, leading to major improvements in computing power. It illustrated how we compressed the cost of computation.

The skeptics said you can’t keep shrinking transistors forever or the manufacturing costs will be prohibitive or the growth rate is unsustainable.

The skeptics were wrong.

The cognitive security version of this model, which has blanks to fill in, will be something like “learning velocity doubles every X years while the cost of learning falls by half.”

It’s up to us to define this model and turn a theory into an advantage that improves security of our world.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Forty-Year Cyber Policy Failure Congress Refuses to Address

Late last month, the former deputy assistant director of the FBI's Cyber Division testified before the House Homeland Security Committee that the federal government should consider designating ransomware operators as terrorists and pursuing felony murder charges against attackers whose intrusions kill patients. The testimony was a serious response to a serious problem. It was also a measure of how far the cyber policy conversation has drifted from the question that would actually change the threat environment.

Terrorist designations are post-hoc. Homicide prosecutions are post-hoc. Sanctions are post-hoc. Indictments of foreign operators are post-hoc. The entire architecture of American cyber enforcement is built around consequences imposed after the harm has occurred — and for forty years, Congress has steadfastly refused to legislate the one consequence that would matter most to attackers and most to victims: the right to interrupt an attack while it is underway.

A homeowner in most American states may use deadly force to stop an intruder reaching for a television. A hospital CISO watching a confirmed exfiltration leave her network in real time may do exactly one thing: document the theft and call the FBI. If she does anything else — if she reaches one hop downstream to interrupt the transfer in progress — she has committed a federal crime under 18 U.S.C. § 1030.

This asymmetry is not the product of careful legislative deliberation. It is the product of forty years of legislative avoidance. And the avoidance, I will argue, is the most consequential cyber policy choice the United States has ever made.

A legislative record without a victim

Congress has not been idle on cyber. Since the mid-1980s, it has produced a continuous body of federal cyber legislation that is, by any reasonable measure, substantial.

The Computer Fraud and Abuse Act was enacted in 1986 and amended in 1994, 1996, 2001, and 2008. The Computer Security Act of 1987 (Public Law 100-235) established NIST's authority over federal civilian computer security and, in the process, drew the jurisdictional line between civilian and national-security systems that still governs federal cyber organization today. The Federal Information Security Management Act passed in 2002 and was modernized in 2014. The Cybersecurity Information Sharing Act was enacted in 2015. The Cybersecurity and Infrastructure Security Agency was stood up as an operational component of DHS in 2018. The Office of the National Cyber Director was established by statute in 2021.

This is a Congress that has been continuously engaged with cyber for four decades. It has legislated the boundaries of federal system security. It has criminalized unauthorized access in five separate statutory revisions. It has structured the federal-private information-sharing relationship. It has built and rebuilt the organizational architecture of national cyber defense.

In forty years, it has not once legislated whether the victim of an active exfiltration has the right to interrupt the transfer.

The Active Cyber Defense Certainty Act was introduced in 2017 by Representatives Tom Graves and Kyrsten Sinema. It was reintroduced in 2019. Neither version received a floor vote. The bill's existence proves Congress knows the question is on the table. The bill's fate proves Congress has decided to keep it there.

The shape of the asymmetry

The legal vacuum has produced an operational reality that, when stated plainly, is difficult to defend.

A ransomware operator working from a non-extradition jurisdiction faces, in practice, a probability of prosecution approaching zero. Successful prosecutions of foreign ransomware operators in 2025 numbered in the low double digits worldwide, against an industry whose estimated annual revenue exceeds one billion dollars. The victim — typically a hospital, a school district, a mid-market manufacturer, a municipal government — faces the full weight of regulatory liability, civil litigation, board accountability, and operational harm.

One side of this exchange bears nearly unlimited downside risk. The other side bears nearly none. This is not a threat environment. It is a market, and the market is functioning exactly as its incentive structure predicts.

The conventional response is to point to the things we have done. The Treasury Department has sanctioned mixers and exchanges. DOJ has clawed back ransom payments, most notably the partial Colonial Pipeline recovery. FBI and partners have disrupted Hive, LockBit (twice), and the ALPHV/BlackCat infrastructure. CISA has improved baseline guidance. None of this is nothing. All of it, taken together, is too small.

These are tactical wins inside a strategic loss. Sanctions disrupt laundering for measurable but brief windows before volume routes around them. Takedowns are followed by re-branding inside a quarter. Indictments of foreign operators function as press releases. The asymmetry between attacker risk and defender risk is not closing. It is widening.

What the "next hop" means, and what it doesn't

Let me be precise about the legal change I am arguing for, because precision is the only thing that protects this argument from being misread as a call for vigilantism.

I am not arguing for hack-back authorities. I am not arguing for retaliation. I am not arguing for the right to compromise an attacker's infrastructure as a punitive measure, to recover data through offensive operations, or to engage in any conduct whose purpose is to inflict harm on the attacker.

I am arguing for the legal recognition of a category that exists in every other domain of self-defense and exists nowhere in cyber: the right to interrupt a crime in progress.

When an exfiltration is underway, the defender can typically observe the immediate next hop — the command-and-control server, the staging system, the relay — through which the data is transiting. Current law permits the defender to log this traffic, to characterize it, to share indicators of compromise, and to report it. Current law forbids the defender from taking any action against that next-hop system to interrupt the transfer in progress, even when attribution to the attacker's infrastructure is unambiguous and even when the action contemplated is narrowly scoped to interrupting that specific transfer.

This is the gap. Not punishment. Not retaliation. Interruption.

The doctrinal analogue is the long-settled law of defense of property and defense of self. American common law has never required a victim to wait until a crime is completed before responding. The reasonableness standard — proportionality, immediacy, scope — is the mechanism by which we distinguish legitimate interruption from vigilantism. We apply this standard to homeowners, to merchants, to security guards, and to law enforcement. We have declined, uniquely, to apply it to cyber defenders.

The objections, and where they fail

The standard objections to active cyber defense are serious and I want to take them seriously.

Attribution is hard. Sometimes. It is also sometimes trivial. The exfiltration to a known command-and-control server with a known operator and a known wallet, observed in real time from the victim's own network, does not present the attribution problem that the objection imagines. The objection conflates the hardest cases with all cases. A reasonableness standard — the same standard we apply in every other domain of self-defense — would distinguish them.

Collateral damage is real. Yes. The attacker's infrastructure frequently transits compromised third-party systems — hospitals, universities, small businesses whose servers have been weaponized without their knowledge. An action against the next hop could disrupt the operations of an innocent party. This is a genuine concern. It is also a concern that applies, in different forms, to every domain of self-defense we currently permit. The legal response is not prohibition. The legal response is a proportionality requirement.

The CFAA was written for good reasons. It was. The CFAA in 1986 was a response to a specific set of harms — unauthorized access, fraud, malicious intrusion — that the existing criminal code did not adequately address. Its drafters were not contemplating the question of whether a victim observing real-time exfiltration has any right to interrupt the transfer. They could not have been. The threat environment that question arises in did not yet exist. A statute written for one purpose, applied four decades later to a question its drafters did not contemplate, is not legislative wisdom. It is legislative inertia.

Active defense will escalate. Possibly. The same argument was made against every expansion of self-defense doctrine in American legal history. The empirical question of whether a narrowly defined interruption right would produce more harm than it prevented is exactly the question Congress has declined to investigate, by declining to hold the hearings, declining to advance the bill, declining to commission the study.

What the silence costs

The forty-year silence on this question is not a neutral position. It is itself a policy choice, and the choice has a price.

The price is paid in the asymmetry. Every additional year the question goes unanswered, the gap between attacker risk and defender risk grows. The ransomware industry's revenue trajectory is not a mystery and it is not unpredictable. It is a rational market response to a legal environment in which the cost of attacking is approximately zero and the cost of defending is approximately unlimited.

The price is paid in moral coherence. A legal regime that permits deadly force in defense of a four-hundred-dollar television and forbids software-based interruption in defense of a hospital's entire patient record system is not internally consistent. The inconsistency does not become coherent because we have grown used to it.

The price is paid in deterrence. Deterrence requires consequence. There is no deterrence in cyber today, against any actor of any sophistication, because there is no consequence. The consequence that matters most — the one the attacker actually fears — is interruption of the operation in progress. Sanctions, indictments, and takedowns are post-hoc. They impose costs that the attacker can model and price in. Interruption is the consequence the attacker cannot model, because the attacker does not know when, by whom, or how it will arrive.

That is the consequence Congress has declined to authorize for forty years.

A modest proposal

I am not proposing that Congress pass the Active Cyber Defense Certainty Act as written. The 2017 and 2019 versions of that bill were imperfect, and reasonable people disagreed about specific provisions. I am proposing that Congress hold the hearing.

Forty years of avoidance is enough.

The question on the table is narrow, specific, and legally tractable. Does the victim of an active exfiltration, under a reasonableness standard, have the right to take action against the immediate next hop in the transfer chain to interrupt the transfer in progress? It is a yes-or-no question. Congress has answered every other cyber question it has been asked since 1986. It can answer this one.

I expect that when Congress finally holds that hearing, the answer will involve a tightly scoped right, a high reasonableness standard, a mandatory reporting requirement, and meaningful liability for abuse. That is what the legislative process is for. The current answer — that the question is too uncomfortable to ask — is not a legal position. It is an abdication.

The grandmother in Ohio has more enforceable rights tonight than the hospital CISO watching her patient records leave the building.

That is not a security policy. That is a forty-year-old silence.

It is time to break it.

The author is a former Commander of the U.S. Army Computer Emergency Response Team with 25 years experience in information technology, cyber operations, cybersecurity and compliance. The views expressed are his own.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

A Historic Summit between China and North Korea

There was no absence of Chinese and North Korean media coverage of Chinese President Xi Jinping’s visit to North Korea for meetings with Chairman Kim Jong Un. Mr. Xi’s last visit was in 2019, and what a difference seven years makes when you are dealing with North Korea.

Mr. Xi received royal treatment during his two-day visit in June 2026. Chinese and North Korean media coverage spoke of expanding cooperation on trade, agriculture, construction, and technology and enhancing exchanges in diplomacy, law enforcement and military affairs. Interestingly, China’s Minister of Defense, Dong Jun, and his North Korean counterpart, No Kwang-Chol, also participated in some of the meetings.

During the visit to the North Korea-China Friendship Tower to honor fallen soldiers from the 1950-1953 Korean War, Messrs. Xi and Kim stressed the importance of carrying forward their traditional friendship, with the “spirit of resistance against the U.S.”

Discounting the symbolism, what did China accomplish from the visit, the first foreign trip in 2026 for Mr. Xi?

1. Reaffirmation that North Korea is China's only ally, pursuant to the 1961 Treaty of Friendship, Cooperation and Mutual Assistance. Following Mr. Xi’s visit, it’s likely North Korea will receive an impressive gift from China.

2.North Korea’s recommitment to a one-China policy over the Taiwan issue.

3.A message to Russia’s Vladimir Putin that China will ensure that North Korea remains economically and strategically tethered to China. North Korea keeps China apprised of their military support to Russia for its war in Ukraine.

4.A message to President Donald Trump that China retains considerable leverage over North Korea and any U.S. effort to seek rapprochement with North Korea will be transparent to Beijing and dependent on China’s support.

What did North Korea accomplish from the visit of Mr. Xi?

1.De facto recognition that North Korea is a nuclear weapons state.

2.The prestige accrued to Mr. Kim from the visit of Mr. Xi.

3.A likely uptick in trade and agricultural assistance, pursuant to commitments Mr. Xi made during the visit. Also, likely closer collaboration between the Korean People’s Army and China’s People’s Liberation Army.

Clearly, what Mr. Kim got from the visit was the prestige of having two great powers – China and Russia – vie for North Korea’s attention. The September 2025 Victory Day celebration in Beijing, with Mr. Kim standing next to Messrs. Xi and Putin, preceded by the visit of Mr. Putin to Pyongyang and now Mr. Xi’s visit to Pyongyang all contribute to an enhanced profile for a North Korean leader who is building more nuclear weapons that can be mated to ballistic missiles that can target South Korea, Japan, and the U.S.

It’s likely the U.S. was discussed in private discussions between these two leaders. Mr. Kim probably made the case for North Korea’s nuclear program and counseled against China overtly again calling for the denuclearization of the Korean Peninsula.

In fact, Mr. Kim probably made it clear to Mr. Xi that the construction of the new Uranium Enrichment facility at Yongbyon was a message he was sending to the U.S. : North Korea’s nuclear program will make it clear (to the U.S.) that the Yongbyon nuclear complex now has a new facility that is spinning sophisticated centrifuges to produce more Highly Enriched Uranium (HEU) for nuclear weapons. Indeed, the Yongbyon facility was the facility that Mr. Kim offered to dismantle in February 2019 at the Hanoi Summit with Mr. Trump, in exchange for the lifting of sanctions imposed in 2016. Mr. Kim’s message to the U.S.: You missed an opportunity and now we will use this new HEU facility to build more nuclear weapons.

It is interesting that Mr. Xi’s last visit to North Korea was in June 2019, a few months after Mr. Trump’s summit with Mr. Kim in Hanoi. It’s clear that China was expecting a briefing on the summit and the status of U.S. relations with North Korea.

Having a friendly North Korea as a buffer state with a South Korea aligned with the U.S. is important to Beijing. Expecting China to facilitate contact between Mr. Trump and Mr. Kim is unrealistic and not in China’s interest. The ball is in the U.S. court.

The author is a former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This article was originally published in The Washington Times and is republished here with the author's permission.

DNI Day One: Three Strategic Decisions for National Security Evolution

Authors’ Note:

This paper is intended to frame a discussion, not settle one.

Too often, debates about intelligence reform begin with organizational charts and predetermined solutions. We believe the more important starting point is identifying the strategic decisions that should not be avoided. The next Director of National Intelligence will have to address questions surrounding enterprise leadership, resource alignment, technological modernization, and strategic competition. This first paper examines those issues and the questions that should be asked. A second paper will explore potential answers.

Introduction

The next Director of National Intelligence inherits an Intelligence Community facing simultaneous technological, geopolitical, and institutional disruption.

The post-9/11 reforms that created the DNI helped solve many of the Intelligence Community's integration challenges. Those reforms were designed for a world still shaped by the aftermath of 9/11, where the primary concern was improving information sharing and coordination among intelligence agencies. They did not anticipate the strategic environment the next DNI will face.

Today, artificial intelligence is changing and improving how intelligence is collected, analyzed, and consumed. Commercial providers increasingly own capabilities once reserved for governments. Space has become a critical intelligence domain and a contested warfighting environment. Adversaries exploit the seams between foreign and domestic authorities, using cyber operations, influence campaigns, technology theft, and economic coercion to achieve strategic objectives below the threshold of armed conflict.

At the same time, the Intelligence Community faces growing fiscal pressures associated with the costs of advanced technologies, commercial data, and modern collection systems. The Community must modernize while sustaining a full operational tempo. Intelligence professionals continue to support ongoing crises and competition across the Middle East, Russia's war against Ukraine, strategic competition with China and tensions surrounding Taiwan, challenges throughout the Southern Hemisphere, and emerging frontiers such as the Arctic and space. The next DNI will not have the luxury of choosing between today's missions and tomorrow's investments; success will require doing both.

This paper identifies three strategic decision areas that deserve immediate attention from the next DNI. The question is no longer whether the Intelligence Community must evolve. The question is whether it can evolve fast enough to stay relevant.

Scenario 1:
Resist the Urge to Build New Bureaucracies

Core Question

Is the Intelligence Community suffering from a lack of organizations—or a lack of integrated management?

Discussion

Since its creation in 2004, ODNI has steadily taken on missions, oversight responsibilities, and coordinating functions. While these additions addressed legitimate needs and emerging challenges, they also have raised a more fundamental question: has ODNI become too focused on expanding its own mission responsibilities and not focused enough on its primary responsibility to lead, integrate, and support the existing functions of the Intelligence Community?

The DNI was created to serve as the nation's senior intelligence integrator, bringing together the capabilities, expertise, and resources of a diverse Intelligence Community. Its value was never intended to come from building large operational organizations or owning missions. Its value comes from setting priorities, convening stakeholders, aligning resources, resolving disputes, and ensuring that the Intelligence Community functions as a coherent enterprise.

As new challenges emerged, the Intelligence Community often responded by creating new centers, offices, governance structures, and oversight mechanisms. While many have delivered value, the cumulative effect has been to draw ODNI toward mission execution and away from its core service imperative: enabling the success of the organizations that conduct intelligence collection, analysis, operations, and support to policymakers and warfighters every day.

The central question for the next DNI is whether ODNI is best positioned as another mission-focused organization within the Intelligence Community or whether it should recommit to its original role as the leadership, integration, and convening body for the enterprise.

The next DNI should examine whether the current structure is optimized to lead the Intelligence Community as a unified enterprise or whether a renewed focus on Community Management would better support integration.

KEY ISSUES:

·Should ODNI return to a Community Management model focused on enterprise leadership, integration, and resource alignment?

·Has the growth of ODNI strengthened the Intelligence Community or diluted ODNI's ability to serve as the enterprise integrator?

·What functions are uniquely appropriate for ODNI, and what functions should remain with existing intelligence agencies and departments?

·How should the DNI exercise leadership across the Intelligence Community without creating additional layers of bureaucracy?

·What mechanisms are needed to align collection, analysis, technology adoption, workforce development, partnerships, and budgets across the enterprise?

·Should National Intelligence Managers be empowered as true enterprise leaders responsible for integrating mission execution across agencies?

·How should ODNI lead the integration of emerging priorities such as Artificial Intelligence, commercial data, and space capabilities without becoming the owner or operator of those missions?

·What is the appropriate role of ODNI in supporting Defense Intelligence, NCTC, NCSC, and other mission organizations while avoiding duplication of effort?

Scenario 2:
Resource the Intelligence Community for the AI and Space Age

Core Question

Can the United States afford fragmented investment decisions in an era where artificial intelligence, commercial data, and space capabilities are becoming decisive intelligence advantages?

Discussion

In Washington, strategy ultimately becomes a resource question. Priorities, authorities, organizational responsibilities, and technology adoption all follow the allocation of resources. In FY2026 alone, the Administration requested approximately $115.5 billion for intelligence activities, including $81.9 billion in the National Intelligence Program and $33.6 billion in the Military Intelligence Program, increases of $8.5 billion and $5.4 billion respectively over the previous year. One of the most important issues facing the next DNI is whether the Intelligence Community's current resource structure is aligned with how intelligence is actually produced, consumed, and operationalized today.Complicating this challenge is the longstanding divide between funding in the National Intelligence Program (NIP) and the Military Intelligence Program (MIP). While often treated as distinct funding streams with separate constituencies, the reality is considerably more complex. The current arrangement is rooted less in strategic design than in a series of historical compromises intended to balance the authorities of the Secretary of Defense, the Director of National Intelligence, and the broader Intelligence Community.

Today, that framework increasingly obscures more than it clarifies. What many outside the Intelligence Community do not realize is that substantial portions of intelligence resources funded through the National Intelligence Program directly support military operations, combat support activities, and defense intelligence functions. Likewise, many intelligence capabilities developed to support military missions provide strategic warning, indications and warning, and national-level intelligence for policymakers across the government.

The distinction between "national" and "military" intelligence made more sense in an era when intelligence missions, collection platforms, customers, and operational environments were more clearly separated. Today, the same satellite constellation may support strategic warning, operational planning, targeting, humanitarian assistance, maritime awareness, and battlefield operations. Commercial data is consumed by analysts and warfighters alike. Artificial intelligence models may support national policymakers, combatant commanders, and tactical operators simultaneously.

The more important question is not how funding is labeled, but whether the Intelligence Community is organized to make coherent investment decisions across the enterprise. The next DNI should examine whether the current MIP-NIP construct encourages integrated capabilities and enterprise modernization or reinforces organizational boundaries that no longer reflect operational reality.

This question has become increasingly urgent as the Intelligence Community enters a period in which technological advantage may matter as much as traditional intelligence tradecraft. Artificial intelligence, commercial data, advanced sensors, and space-based capabilities are reshaping how intelligence is collected, analyzed, and consumed. The challenge is no longer simply acquiring information. The challenge is processing, validating, integrating, and acting upon unprecedented volumes of data at operational speed.

At the same time, the Intelligence Community faces fiscal pressures and rapidly rising costs associated with artificial intelligence infrastructure, commercial data, cloud computing, advanced collection systems, and space capabilities. The challenge is establishing common priorities, investment strategies, and architectural principles across an Intelligence Community that remains divided among multiple agencies, departments, funding streams, priorities, and acquisition authorities.

For much of the Intelligence Community's history, the government drove intelligence innovation through its own research, development, and procurement activities. Today, that dynamic has fundamentally changed. Artificial intelligence, commercial remote sensing, cloud computing, advanced analytics, and many of the data sources increasingly relied upon by intelligence professionals are being developed and scaled by industry. For the first time in Intelligence Community history, a significant portion of future intelligence advantage will be derived from capabilities developed, built, and funded outside government.

This reality presents both opportunity and risk. The opportunity lies in unprecedented access to innovation, competition, and commercial investment. The risk is fragmentation: duplicative purchases, incompatible architectures, inconsistent security standards, vendor lock, and missed opportunities to leverage enterprise buying power. At no point in Intelligence Community history has the opportunity for partnership with industry been greater. Equally, at no point has the need for enterprise discipline been more important.

Taxpayers should expect intelligence resources to produce secure, interoperable, and mission-driven capabilities regardless of which budget line funds them. Achieving that outcome will require greater alignment across intelligence priorities, acquisition decisions, technology architectures, and commercial partnerships than the current construct was originally designed to support.

Key Issues

• Would National Intelligence Program and Military Intelligence Program merger be more cost effective or is increased alignment enough?

• The Department of Defense is the largest consumer of intelligence, owns most of the nation's collection infrastructure, and operates the largest intelligence enterprise. What is the appropriate relationship between the DNI, OUSDI&S, the Joint Staff, and Combatant Commands in setting intelligence priorities?

• Who should establish enterprise collection investment priorities?

• How should the Intelligence Community approach commercial GEOINT, commercial data, and emerging commercial intelligence capabilities?

• What is the right balance between AI-enabled analysis and human expertise?

• What role should open-source and commercially available information play in future intelligence architectures?

• How can the Intelligence Community modernize technology and data architectures while avoiding duplication, vendor lock, and fragmented acquisition strategies?

• What common standards, security frameworks, and enterprise investments are required to maximize taxpayer value and mission effectiveness?

Scenario 3:
Competing Without Borders

Core Question

Are U.S. intelligence institutions aligned with the realities of modern strategic competition?

Discussion

America's principal adversaries do not recognize the traditional boundaries between foreign intelligence, domestic security, law enforcement, cyber operations, economic competition, and influence campaigns.

China conducts technology acquisition, influence operations, cyber espionage, economic coercion, and military modernization as part of a coordinated national strategy. Russia blends intelligence operations, cyber activities, disinformation, political influence, and proxy networks to shape perceptions and undermine democratic institutions. Iran and other actors increasingly exploit digital platforms, transnational networks, and non-state actors to advance strategic objectives while remaining below the threshold of armed conflict.

These activities are not isolated intelligence challenges. They are components of long-term campaigns designed to influence decision-making, shape global narratives, acquire technology, weaken alliances, and gain strategic advantage without resorting to conventional war.

Yet many of the institutions responsible for defending the United States remain organized around distinctions that are becoming increasingly difficult to separate in practice even if rooted in well-intentioned constitutional constructs. Foreign intelligence, counterintelligence, law enforcement, economic security, cyber defense, and influence operations often fall under different authorities, organizations, and policy frameworks despite being employed simultaneously by America's adversaries.

The challenge for the next DNI is not simply improving intelligence collection. It is confronting the reality that America's principal adversaries have learned to exploit the seams between intelligence, law enforcement, counterintelligence, cyber defense, economic security, technology protection, and influence operations. These gaps are no longer theoretical vulnerabilities. They have become operational opportunities for foreign adversaries seeking strategic advantage below the threshold of armed conflict.

While America's adversaries increasingly pursue integrated national campaigns, the United States often responds through separate organizations, authorities, and policy frameworks. Foreign intelligence, counterintelligence, economic security, cyber defense, influence monitoring, and law enforcement remain divided among multiple institutions, even as adversaries employ them simultaneously.

For much of the post-Cold War era, the Intelligence Community focused on warning, collection, and analysis. Those functions remain essential, but strategic competition demands something more. The Intelligence Community must help identify, expose, disrupt, and provide options to impose costs on adversary campaigns that span diplomatic, economic, informational, cyber, and military domains. This requires not only intelligence excellence, but also stronger integration across government and a renewed focus on irregular warfare and strategic competition.

Key Issues

·Are U.S. intelligence, law enforcement, and national security institutions organized to compete against adversaries that operate across traditional bureaucratic and legal boundaries?

·How should the Intelligence Community support whole-of-government campaigns for strategic competition and irregular warfare?

·What role should counterintelligence play in protecting U.S. technology, research institutions, critical infrastructure, and economic competitiveness?

·How should the United States balance civil liberties and openness while countering foreign influence, manipulation, and information operations?

·Is the current division between intelligence and law enforcement authorities optimized for the realities of modern strategic competition?

·What role should economic security and technology protection play in Intelligence Community priorities and how does ODNI handle this work?

·Should the United States consider new institutional models, including an expanded counterintelligence architecture or an MI5-like construct, to address foreign influence and hostile state activity?

Conclusion

A successful DNI will not be measured by how many organizations are created, merged, renamed, or eliminated.

Success will be measured by whether the Intelligence Community becomes more integrated, more technologically agile, more operationally relevant, can defeat our adversaries, and be more capable of providing options for decision-makers during strategic competition.

The next DNI's greatest challenge will not be managing the Intelligence Community inherited from 2004. It will be preparing the Intelligence Community required for 2045.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

AI Is Speeding Up Intelligence, But Not the System Around It

AI is compressing parts of the intelligence cycle, but modernization is occurring unevenly across collection, analysis, validation, dissemination, and policymaker integration. The resulting friction—not the technology itself—creates the defining opportunity for IC leaders.

It’s tradecraft, not technology, that is a primary constraint on intelligence performance in the AI era. This piece examines where that constraint is already being tested and what IC leaders can do about it.

Compression is Already Happening

In some areas, AI is already reshaping intelligence work in meaningful and measurable ways. Former NGA Director Vice Adm. Trey Whitworth (Ret.) has repeatedly highlighted how AI is revolutionizing GEOINT. Full-motion video analysis that once required extensive manual exploitation is increasingly automated and continuous. Project Maven fundamentally changed the economics of GEOINT warfighter support by applying computer vision to operational imagery workflows. Some AI-generated products are being disseminated to senior policymakers with minimal human involvement.

Even before Anthropic’s game-changing Mythos product, SIGINT and cyber operations similarly benefited from AI. NSA's Human Language Technology program automates speaker identification and translation across more than 90 languages—enabling analysts to triage millions of intercepted communications and focus only on the relevant fraction. Cyber Command and NSA increasingly operate in what Former NSA Director Gen. Paul Nakasone (Ret.) called "persistent engagement"—environments where collection, analysis, decision-making, and cyber effects occur continuously rather than sequentially.

Open-source intelligence has arguably made the strongest strides. During recent conflicts, policymakers leveraged commercially available satellite imagery, social media, and public telemetry data in near real time. CIA's OSIRIS platform uses LLMs to synthesize vast volumes of open-source data, deliver summaries, and support analyst engagement through a chatbot. Former Open Source Enterprise Director Randy Nixon argued that these advances enabled OSINT to become “the INT of first resort”—a model for all-source intelligence collection and analysis.

But Compression Is Uneven

GEOINT, SIGINT, and OSINT lend themselves to AI adoption: they are data-rich, measurable, and in OSINT's case, unclassified. Clandestine tradecraft and rigorous analytic tradecraft are harder to accelerate.

The Beginning of a Strategy

Deputy Director Michael Ellis recently said that CIA expects AI to become an everyday “co-worker” for analysts within the next few years. He described a future where AI systems help analysts draft reports, identify patterns across massive datasets, test conclusions, and surface threats. Ellis also said that analysts are already experimenting with how to evaluate, validate, and cite AI-enabled insights. Questions that were largely theoretical only a few years ago are becoming practical tradecraft challenges:

How should AI-assisted analysis be sourced and validated?
What level of confidence should accompany machine-generated insights?
How should analysts distinguish between AI-enabled synthesis and human judgment?
What standards should govern the use of AI-generated content in finished intelligence?

These are important developments because they signal that intelligence leaders are thinking about how technology adoption requires tradecraft modernization.

Coordination, Validation, and Analytic Workflows

Deploying AI tools for isolated analytic tasks (e.g., search, discovery, drafting) is relatively straightforward. An analyst may now receive machine-generated correlations in seconds yet still wait hours or days for cross-agency coordination, sourcing validation, or product approval. Reimagining those surrounding workflows—how information moves, how trust is established, how products are reviewed, and how analysts interact with machine-generated outputs—is substantially more difficult.

The opportunity is enormous but requires redesigning the processes themselves—while continuing to deliver on policymakers’ daily needs.

Policy Integration and Decision Support

The compression challenge becomes even more visible when intelligence intersects with policymaking.

The traditional model of intelligence dissemination was built around periodic delivery and daily briefing cycles like the President’s Daily Brief. However, policymakers now consume intelligence alongside operational updates, open-source reporting, and social media—and make decisions at the edge, often faster than traditional dissemination cycles allow. To adapt, intelligence agencies will need to provide continuously updated context, machine-assisted forecasting, and dynamic collaboration embedded directly into policymaking workflows.

Consider what this looks like in practice: a combatant commander or ambassador can query an AI-enabled analytic system for a continuously refreshed threat picture, stress-test an assumption against alternative scenarios, and receive a validated assessment—all in the 30 minutes before he walks into a meeting with his foreign counterpart. Elements of this reality exist today. During Operation Epic Fury, the 38-day air campaign against Iran, AI synthesized targeting data across the battlespace in real time to support strikes on roughly 13,000 targets in just over a month—a pace of machine-assisted decision-making with no precedent in U.S. operations.

The challenge for intelligence leaders is driving development and adoption to make it systematic, trusted, and governed. As OSIRIS proved, AI-enabled platforms are already beginning to empower policymakers to interact with intelligence this way. In that environment, intelligence is no longer a product delivered to decision-makers. It is the environment in which they decide.

That does not mean abandoning rigor or replacing strategic analysis with real-time reporting. In fact, the opposite is true. As information velocity increases, the value of trusted analytic judgment, validation, and expert perspectives will increase.

The Emerging Risk: Asynchronous Modernization

The danger is that different parts of the system are modernizing at different speeds. Accelerating functions does not eliminate friction between functions. In some cases, it can increase it.

·Faster collection can overwhelm coordination processes.

·Faster analysis can outpace dissemination workflows.

·Automated insight generation can challenge validation, trust, and decision integration.

The Leadership Challenge

Leading companies discovered that AI could not remain a standalone innovation initiative. As AI began reshaping workflows, governance, and strategy, responsibility migrated from CIOs and innovation teams to CEOs and boards. Intelligence leaders must make a similar pivot. Modernization cannot be outsourced to technologists, innovation offices, or isolated teams. Pockets of ‘AI money’ and lists of ‘AI projects’ are technocratic, not strategic.

To fundamentally modernize how the system operates, IC leaders must be directly involved in reimagining the intelligence cycle, redefining tradecraft expectations, reshaping decision models, and aligning institutional incentives. That means three things.

First, leaders must connect the technology agenda to the mission agenda. The private sector learned that AI transformation fails when it is treated as an IT problem rather than a strategic one. The IC faces the same risk. The goal is decision advantage at the speed of policymakers and warfighters. Keeping that mission orientation at the center of the technology agenda is a leadership responsibility that cannot be delegated.

Second, leaders must own the coherence problem. It is not enough to authorize AI investments and track deployment metrics. Leaders must make architectural choices about which parts of the cycle to accelerate together, how to manage the seams between them, and what governance structures are needed to ensure the system absorbs new capability without creating new failure modes.

Third, leaders must redefine what tradecraft means in an AI-assisted environment. The standards that govern sourcing, analytic confidence, and product integrity were built for human workflows. They need to be deliberately redesigned—not abandoned—for an environment where machine-generated insights are embedded throughout the production chain. Deputy Director Ellis’s four questions are the right starting point.

AI may compress intelligence production, but only leadership can compress the distance between insight and decision.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why Human Intelligence Matters More in an AI World

An impending casualty of artificial intelligence, we are told, is the human spy. The conventional wisdom is that in our AI future, there’s little need to recruit agents, plan secret rendezvous, or conduct dead drops—the old-school tradecraft of espionage. “Human spies in the field will become rare,” wrote David Ignatius after surveying the growing field of AI intelligence startups. “The future of espionage is written in zeros and ones.”

Yes, AI will become an indispensable tool for case officers, agents, fabricators, counterintelligence services, and the rest of the intelligence world. But this will have the paradoxical effect of increasing the importance of old-fashioned human intelligence.

Economics tells us that the value of something is determined by the benefit it provides on the margin—not by its raw power or pervasiveness. We should expect that AI will lower many barriers to technical intelligence collection and analysis. This has happened in other spheres: Open-source encryption put tools once reserved for states into everyone’s hands. Likewise, you no longer need a national space program — just a credit card — to order up high-resolution satellite photography and buy AI-powered software to analyze the results.

Human intelligence is scarcer and harder to replicate, and so its marginal value will rise. Vast amounts of data alone cannot reveal what a foreign leader intends to do, nor what is happening inside an “air-gapped” network. Human sources can.

Human intelligence has always helped validate technical collection. That role will grow in importance as AI poisons the information environment. Electronic channels will be flooded with fabricated phone calls, forged documents, and other convincing synthetic media. Signals intercepts will be harder to trust on their own. A human agent can help cut through that deluge of disinformation—and help distinguish authentic source material from forgeries.

Finally, AI is making digital communications less trustworthy, as we already see with scammers using deepfake images, audio, and video calls for fraud. As deepfakes get harder to detect, the rational response will be to distrust electronic communications. The corollary? Secure, person-to-person communication will rise in value. Case officers have long relied on dead drops, brush passes, and brief meetings to communicate with their agents. In an AI-saturated world, these traditional techniques may be the most reliable methods of communication we have.

None of this means that technical intelligence will become unimportant. And AI will certainly transform human intelligence operations—for better and for worse. It will help case officers select operational sites, prepare for agent meetings, and improve their ability to persuade foreigners to commit espionage. At the same time, AI will supercharge surveillance, provide fabricators with an unlimited source of plausible but false information, and help counterintelligence services predict the activities of case officers operating in their countries.

Still, as AI makes technical collection cheaper, deception easier, and digital communication less trustworthy, the value of human sources will rise. And the case officer, working in the shadows of our artificial future, will matter more than ever.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The AI Race Won't Be Won by the Best Model—But by the Fastest Military

The United States Intelligence Community does not ordinarily deal in hyperbole. When the Office of the Director of National Intelligence released its annual threat assessment on March 18, artificial intelligence featured prominently among a complex array of challenges — elevated, alongside quantum computing, to what the IC now treats as a central driver of power and strategic risk.

The document concluded that Beijing “is the most capable competitor in this field” and aims to displace the United States as the global AI leader by 2030, warning that AI has already been used in recent conflicts to influence targeting and streamline decision-making.

How Washington responds, and whether its current posture matches the urgency its own intelligence community has outlined, came into sharp relief in May, as President Trump touched down in Beijing alongside Nvidia CEO Jensen Huang for a high-stakes summit that put AI and semiconductors at the center of United States-China diplomacy.

The three-month problem

According to some assessments, open-source Chinese AI models currently trail the most advanced American proprietary systems by roughly three to six months — DeepSeek’s own V4 release acknowledged that gap, which broader estimates from Epoch AI place closer to seven months. Yet that sliver of a lead is effectively meaningless from a military standpoint, because it takes not months but years for armed forces to absorb AI technology and translate it into a genuine battlefield advantage.

Carlos Perez, Director of Security Intelligence at TrustedSec, says the public numbers may not tell the full story.

“It is also important to recognize that China operates models that are not publicly available, so we have limited visibility into their true capabilities,” he tells The Cipher Brief. “Companies such as Alibaba and Tencent operate under significant government oversight and legal obligations tied to state investment and regulation. As a result, the actual capability gap may be smaller or larger than public comparisons suggest.”

China is not waiting for Washington to sort out its strategy.

The 2026 threat assessment describes Beijing’s approach as a coordinated, national-level strategy aimed at displacing the United States as the most influential AI power by 2030. Beijing is deploying autonomous drone programs at speed, integrating swarm intelligence into military doctrine, and leveraging a centralized governance architecture that allows civilian AI firms to be folded directly into People’s Liberation Army modernization efforts.

Alibaba and Baidu were both added to the Pentagon’s Chinese Military Companies list in February. DeepSeek has since become part of the People’s Liberation Army’s efforts to modernize its military healthcare infrastructure, according to analysis by the Foundation for Defense of Democracies. The House Select Committee on China concluded last year that the company was built, at least in part, on restricted American semiconductor chips and that its app functions as a direct pipeline for foreign intelligence collection on American users.

Aaron Estes, vice president of product management at Binary Defense and a former defense and intelligence official with 25 years of experience, tells The Cipher Brief the threat is more nuanced than a simple capability gap.

“The danger is that once these models are ‘good enough,’ the advantage shifts from model quality to speed of deployment, access to operational data, integration with command systems, and willingness to use AI in real-world workflows,” he explains. “A three-month gap in frontier model performance can disappear quickly if the other side is better at turning AI into operational tempo.”

Indeed, the real gap is not in the models. China can put its tech sector to work for its military tomorrow. The United States has to pass a bill first.

A policy vacuum in the middle of a race

On January 9, Defense Secretary Pete Hegseth signed the Department of War’s AI Acceleration Strategy — a document that declared speed wins, that the risks of moving too slowly now outweigh the risks of moving imperfectly, and that 2026 was the year the Pentagon would get serious about military AI dominance. Overlapping innovation offices were folded into a leaner CTO Action Group.

The document landed with fanfare. Yet, the budget did not follow. Washington keeps declaring AI a national security imperative while trimming the agencies and funding lines that would actually make it one — a contradiction the Bloomsbury Intelligence and Security Institute flagged in its recent read of the annual threat assessment.

Congress passed a more than 3,000-page National Defense Authorization Act that touched on AI across dozens of provisions — banning both the Defense Department and intelligence agencies from using DeepSeek and directing the Pentagon’s chief digital officer to build a department-wide AI assessment and procurement framework — yet defense analysts say it falls well short of the enforceable legal architecture the military needs.

Matthew Wein, a former policy advisor to the Department of Homeland Security, underscores that the White House’s March National Policy Framework for AI does not fill that gap.

“A strategy would be helpful to indicate where the government thinks we have an edge over competitors and how to maintain national security priorities as the technology landscape continues changing,” he tells The Cipher Brief. “It would also help the private sector understand how the government assesses China’s capabilities and give a blueprint for the frontier labs to use as a foundation to maintain their edge going forward.”

However, Leah Siskind, Director of Impact and AI Research Fellow at the Foundation for Defense of Democracies, argues that the threat itself is being mis-framed.

“There isn’t one AI threat, there’s a whole portfolio,” she tells The Cipher Brief. “Adversaries using AI for influence operations and cyber. Adversaries stealing or distilling American models. Adversaries racing us to military applications. A coherent strategy has to work all three at once, and right now Congress is moving faster than the executive branch on the first two.”

Siskind points to two bipartisan bills sitting on the floor — the AI OVERWATCH Act, which would codify congressional review of advanced chip sales to adversaries, and the Deterring American AI Model Theft Act, which creates a statutory framework to address Chinese model distillation attacks.

“The question is whether the White House, Commerce, and the AI czar’s office get behind them or fight them,” she continues.

The dispute between the Pentagon and Anthropic made that governance vacuum concrete. Anthropic was the first AI company to deploy frontier models on classified government networks, a position formalized by a $200 million DoD contract in July 2025. Talks broke down after the company refused to waive restrictions on autonomous weapons and mass domestic surveillance.

The Pentagon designated Anthropic a supply-chain risk—the first time that authority, historically reserved for foreign adversaries, had been applied to an American company —and Anthropic subsequently sued. As Siskind puts it: “Treating American frontier labs like Anthropic as national security supply chain risks is a strategic gift to Beijing.”

From experimentation to the edge

There is a basic problem that receives insufficient attention. Most military AI systems only work when connected to the internet. In a war, an enemy will cut that connection fast. OpenAI’s Pentagon contract actually reflects this limitation — its models can only be accessed through the cloud, meaning they cannot be built into weapons, sensors, or equipment troops use in the field.

The Army’s Project ARIA, Army Rapid Implementation of Artificial Intelligence, announced in March, explicitly aims to develop AI capabilities designed to function in denied, communications-degraded environments, but that effort remains in early development. Perez points out that AI is already deployed operationally on the intelligence and planning side, largely through platforms developed by companies such as Palantir, but stresses that the greater challenge is at the tactical level.

“Ukraine has demonstrated how AI can be integrated into autonomous drone operations and real-time battlefield adaptation, and this is an area where the U.S. is still learning and evolving rapidly,” he says.

Meanwhile, the Stanford AI Index, an annual comprehensive measurement of global AI progress published in April by Stanford University’s Institute for Human-Centered Artificial Intelligence, found that the United States ranks 24th globally in AI adoption at 28 percent. Singapore sits at 61. The UAE is at 54. Those figures reflect the civilian economy, not the military, but the pattern maps uncomfortably onto the Pentagon’s own trajectory.

Estes emphasizes that fixing it requires more than a strategy document.

“The Pentagon’s biggest obstacle is not a lack of AI technology. It is the gap between prototype and trusted operational use,” he continues. “Battlefield AI needs clean data, secure deployment environments, clear authorities, auditability, human accountability, and integration into existing systems that were never designed for this pace. That is where most AI programs get stuck.”

The Beijing question

Against that backdrop, President Trump’s arrival in Beijing in May was particularly important. He landed with a delegation that included Apple CEO Tim Cook, Tesla CEO Elon Musk, and Nvidia CEO Jensen Huang — the latter a last-minute addition whose presence signaled that semiconductors and AI were central to the agenda alongside tariffs, rare earths, Taiwan, and the Iran war.

Treasury Secretary Scott Bessent announced that Washington and Beijing would establish a protocol on AI best practices aimed specifically at preventing the most powerful models from falling into the hands of non-state actors. Pressed on why substantive dialogue with China was even possible, Bessent was candid.

“The reason we are able to have wholesome discussions with the Chinese on AI is because we are in the lead,” he responded. “I do not think we would be having the same discussions if they were this far ahead of us.”

How durable that lead is remains an open question. The Commerce Department has cleared roughly 10 Chinese companies — including Alibaba, Tencent, ByteDance, and JD.com — to purchase Nvidia’s H200 chips. However, no deliveries have been made: Beijing has quietly been steering its major tech platforms away from purchases to support domestic chipmakers instead.

China hawks on the Hill see the chip approvals as proof of exactly the problem they have been warning about — that Washington has no coherent line between competing commercially with Beijing and containing it militarily. The United States named AI the defining challenge of the era. It is now debating whether to sell China the chips that define it.

Wein says the path forward requires the government to be a better customer, not just a louder regulator.

“A more lax regulatory environment may be helpful for labs’ commercial growth, but a government strategy would also give them a useful framework from one of their largest customers, and position the United States as a standard setter in the space,” he asserts.

The cost of getting that wrong is not theoretical.

“The risk of relying too heavily on general-purpose commercial AI is that we end up with tools optimized for broad productivity, not contested military environments,” Estes adds. “Military AI has to work with incomplete data, deception, adversarial manipulation, degraded communications, classified context, and life-or-death accountability. What the United States actually needs are AI systems built from the ground up for the realities of warfare, not adapted from products designed for the consumer market.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Can the Pentagon Buy Faster Before the Next War Arrives?

“The reasons why DoD (the Defense Department) accepts flawed business cases are both structural and cultural in nature. Poor acquisition decisions are compounded by a budget planning process that requires DoD to secure long-range funding commitments before a program’s business case is fully understood. The current process incentivizes ‘starting fast’ -- awarding massive development contracts quickly, often in the name of preserving the industrial base, and obligating funds rapidly to ensure the budget is not ‘lost’ to another program. Success is all too often measured by activity (money spent), not by outcomes (capability delivered).”

That’s a quote from a Government Accountability Office (GAO) report released June 9, entitled, Weapon Systems Acquisition: Beyond Business as Usual -- Using Leading Practices to Curb Waste and Save Billions. It describes long-term problems within the military procurement systems that have emerged from U.S. arms use in the Iran and Ukraine wars that in turn has drawn the attention of the White House, the Pentagon and the Congress.

The June 9, GAO report said, “DoD plans to invest over $2.4 trillion to develop and acquire its costliest weapon systems. The need for smart spending and increased urgency and innovation for these acquisitions are national imperatives to help DoD maintain a competitive edge over adversaries. But DoD continues to struggle with delivering timely, cost-effective solutions to the war-fighter, and slow, linear development approaches persist.”

The result, according to the GAO, is “the expected time frame for major programs to deliver an initial [operational] capability now exceeds 12 years. Every month of delay in a weapon system acquisition program causes a war-fighter to rely on aging, less-capable equipment for longer.”

The GAO found, “In contrast, leading commercial companies iteratively develop business cases to respond to users’ needs and finish fast, helping them stay on budget. They re-assess business cases regularly to avert problems sooner. They also ramp up investments as products demonstrate progress.”

In contrast, the GAO said, “DoD has yet to fully adopt these leading practices because acquisition policies do not treat iterative development as a founding principle for all weapon system acquisitions programs.”

However, as the GAO points out, “As noted in its November 2025 policy memorandum aimed at revamping the defense acquisition system, DoD now plans to maximize acquisition flexibility, among other changes.”

Perhaps the poster child for DoD procurement issues is the built F-35 aircraft, whose prime contractor has been Lockheed Martin.

The F-35 Lightning II is a family of fifth-generation strike fighters – with versions in the Air Force, Navy and Marines -- that integrate low-observable (stealth) technology with advanced sensors and computer networking capabilities. According to the GAO, DoD completed the final phase of the original F-35 development program in March 2024 -- over a decade later and at a cost of $250 billion more than originally planned. Now, DoD is upgrading F-35 capabilities by adding technology innovations under modernization efforts.

The GAO said, “In recent years, the program paid contractors hundreds of millions of dollars in incentive fees that were intended to improve on-time delivery. However, the structure of on-time delivery incentives allowed the contractor to deliver aircraft up to 60 days late, and still earn some of the fee.”

In addition, since 2017 there have been disputes over software with Lockheed claiming certain portions of the software were developed at the company’s expense and could not be used by the military unless it paid licensing fees. At the same time the Pentagon claimed that the government had paid for the F-35’s software development, and the military should not pay twice for access to it.

According to a 2025 GAO report, the Pentagon did not have the data rights needed to perform software diagnostics and some maintenance activities on the F-35s, including engine repairs, without an authorized contractor, because Lockheed Martin owned key intellectual property.

The newest GAO report on the F-35, sent last Wednesday to the House and Senate Armed Services Committees, said, “DoD operates and sustains over 800 F-35s and plans to buy about 1,700 more aircraft by the mid-2040s. DoD uses the F-35 to perform a wide range of missions and it is vital to the success of U.S. combat operations and homeland defense, according to DoD.”

GAO also said sustainment costs for the planned life of the overall F-35 program through 2088 have been estimated at $1.6 trillion.

However, the main finding of last week’s GAO report is: “Since 2021, F-35 sustainment costs have increased as fleet size has grown, but the F-35 fleet continues to not meet sustainment performance goals, with mission capable (MC) rates and full mission capable (FMC) rates declining.”

For example, according to the GAO, while operating costs have grown, the Air Force full mission capable rate for its F-35A aircraft in 2025 was 28.5 percent; the Navy F-35Cs were 15.3 percent, and the Marine F-35B and C versions were 16.2 percent and 22 percent respectively.

The GAO report said the F-35 Joint Program Office (JPO) “identified depot repair speed and the ability to procure parts as root causes driving low sustainment performance rate.” It also added that “an investment of about $13.7 billion in addition to previously planned spending through fiscal year 2031 to meet performance objectives. Overall, the strategy aims to achieve a fleet-wide [F-35] readiness level of an 80 percent MC rate and a 65 percent FMC rate by 2030.”

In 2025, GAO found that, according to JPO officials and maintainers, “the F-35 has faced significant corrosion issues that maintainers cannot repair without contractor support due to a lack of technical data.” The GAO recommended the DoD determine whether it had access to technical data needed from manufacturers, but last week’s new GAO report said they had not.

“We have consistently found,” the GAO said, “that technical data issues have hindered F-35 sustainment. While the [Defense] Department has taken some incremental steps to address these issues, significant challenges remain without a clear timeline for resolution.”

This is a problem recognized on Capitol Hill. The Senate Armed Services Committee, in its Friday press release describing the panel’s approved version of the Fiscal Year 2027 National Defense Authorization Act listed “Shifts burden of proof to contractors to justify restrictions on technical data” as one of its several major legislative reforms for the Pentagon.

Another DoD reform approved by the Senate committee: “Requires acceleration of the adoption and purchase of low-cost munitions, including a pilot program on air defense interceptors.”

Picking up on this issue last Friday was former-Joint Chiefs Chairman, Air Force General C.Q. Brown Jr. Speaking at the Center for a New American Security’s 2026 National Security Conference, Brown said, “The challenge we have is when you look at munitions, we don't prioritize those as much and they become the numbers [that] will go up and down. The numbers are enough just to keep the stockpile, but not enough to actually execute [if you are in a war].”

Brown went on to say, “Resourcing is an issue. If you can't get a budget on time, you can't write a contract.” That’s a reminder that the last time Congress passed a defense appropriations bill before October 1, when the federal fiscal year begins, was in 2010, for the fiscal year 2011 Pentagon budget. In each of the past 16 years, the DoD has had to rely on continuing resolutions and omnibus reconciliation packages, which delay defense funding for months into the fiscal year.

Brown called for “consistency and delivery” by which he meant how quickly you're able to scale numbers of items and deliver them, knowing funds are available.

“One of the things that I was pushing for as the Air Force chief and again as a [Joint Chiefs] Chairman is multi-year procurement,” Brown said.

He went on, “If you did multi-year procurement with a floor, you're always producing X number. You can always go above that, but never go below a certain number. That keeps industry with some level of certainty and that builds that trust so they can continue to deliver.”

Brown added, “How well do we understand across all our various weapon systems? Who are the primes [prime contractors] to do this work? Who are the subs [sub-contractors] and what [does]] the supply chain looks like. And then on top of that, what is the workforce or whatever automation you're going to use. It was a work I was doing as the [Joint Chiefs] Chairman to identify as we looked at all of our operational plans.”

Brown then continued, “So if you buy affordable mass [of weapons and munitions] today and put it on the shelf, will it still be viable five years from now, or five weeks from now? And so the key part here is how can you actually have a level of affordable mass that's adaptable that you can continue to upgrade over time and change out -- either software or parts or hardware and then you can scale it very quickly.”

Brown said at one point, “The aspect of [defense] production is also part of deterrence,” adding, “and showing that you can surge capability” is an important part.

As Brown and others have pointed out, Ukraine and Iran have suddenly focused more attention on innovation at the lower weaponry and munitions levels, at the same time that costly changes are continuing to be needed in the more complicated air and space armament such as the F-35.

Like it or not, the American people may have to learn to live with spending $1 trillion-plus, hopefully for a Department of Defense, rather than a Department of War.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Warning Paradox: Why Correct Intelligence Often Fails

In the months before Russia’s February 2022 invasion of Ukraine, the U.S. Intelligence Community did something remarkable. It got the call right—and said so out loud, rather than only in classified internal documents.

Intelligence assessments identified the likely invasion, the timing window, and plausible operational scenarios with a level of confidence the IC rarely displays outside classified channels. The CIA director flew to Moscow to deliver the warning directly. Intelligence was declassified at a pace and volume rarely seen in modern American practice. By any fair measure, the warning was a success.

Yet the policy response did not match the clarity or urgency of the warning.

That is the Warning Paradox: the recurring pattern in which intelligence correctly anticipates strategic events, but institutions fail to convert warning into preventive action before the forecast becomes a crisis.

My experience during the run-up to the Ukraine invasion showed that the Warning Paradox is not inevitable. The corporate intelligence team I led at the time reached the same conclusion. My team’s pre-invasion assessment correctly identified the likely move, the timing window, and the implications for our people, facilities, and supply chains across the region. The Wall Street Journal later documented that work on the front page of its December 12, 2022, print edition. Our assessment placed the start of hostilities within the twenty-four-hour window in which the invasion ultimately began.

Decision-makers took the warning seriously. Contingency posture was raised. People were moved. By the time Russian tanks crossed the Ukrainian border, the enterprise was in a defensible position. On the corporate side, our warnings translated into action.

The policy response in governments around the world, however, did not match the clarity or urgency of the warning.

Although sanctions planning was underway before the invasion, the most consequential measures were imposed only after Russian forces crossed the border. Lethal aid to Kyiv increased substantially only after the invasion became reality, not while it remained a contested forecast. Alliance posture stiffened in response to the war rather than in anticipation of it. The warnings were correct and early. The response was neither.

Ukraine was not an anomaly. It was one of the clearest recent examples of the Warning Paradox: intelligence got the threat right, but institutions failed to act with the urgency of the warning.

The August 6, 2001, Presidential Daily Brief did not produce a different September 11th outcome. The accumulating signal on Hamas before October 7, 2023, did not produce a different response inside the Israeli system. Crimea in 2014, COVID-19 in late-2019/early 2020, and the Afghan collapse in 2021 are each, in their own way, variations on the same theme. These cases differ in scale, context, and institutional setting. However, they point to the same recurring failure that warnings can be analytically valid and still die before they become a decision. A correct warning is not a sufficient condition for preventive action.

The bottleneck is rarely analytical. Intelligence producers often identify emerging threats with more accuracy than later public narratives allow. The gap persists between what the intelligence community sees and what the policy customer can absorb, decide on, and act on under uncertainty. That gap is structural. It persists for three reasons that appear to be features of the system, not bugs.

First is the asymmetric cost of acting on a warning that does not materialize. A policymaker who acts on a high-confidence warning that turns out to be wrong pays a visible, attributable price, often in squandered political capital, damaged relationships, or the “cried wolf” label. A policymaker who fails to act on a warning that turns out to be right pays a price too, but it is diffused across the system, shared with predecessors and peers, and absorbed by the institution rather than the individual. The incentive structure does not reward preventive boldness. It rewards explainable caution. Until that asymmetry is acknowledged and consciously offset, intelligence will continue to land in front of consumers whose private calculus rewards waiting over action.

Second is the consumer literacy gap: the uneven ability of decision-makers to understand probabilistic warnings and convert them into action. Intelligence is a product designed for a customer. Yet the customer is often a decision-maker whose training in absorbing probabilistic warnings is uneven at best. “We assess with high confidence” is a precise analytic statement; the structures to translate it into a specific decision tree, a sequenced set of preventive moves, and a named owner are not consistently present on the consumer side. This is less a criticism of individual policymakers than of the system around them, one that has invested heavily in producing intelligence and very lightly in building the institutional muscle memory to both receive and act upon it. The same pattern repeats in the corporate world. Boards are briefed on threats they could not, if asked, translate into a Monday morning action item.

The third is the governance gap between warning and decision. Inside both government and large corporate enterprises, no single office holds the authority to convert warnings into preventive action. The intelligence producer’s job ends with the warning. The policymaker’s job begins with a decision. The implementer’s job begins at execution. Between warning and decision is a coordination space nobody owns by name. This is the same governance gap that organizational risk practitioners describe in different vocabulary, and it is the most consistent reason correct intelligence fails to produce appropriate preventive action.

After nearly three decades in the Intelligence Community, including fourteen years at the Defense Intelligence Agency, I have seen what correct warning looks like when it lands well — and when it reaches decision-makers who cannot or will not convert it into action. The years since leaving public service, now leading corporate intelligence at a Fortune 50 enterprise, have taught me that the pattern is not peculiar to government. The exact vocabulary may differ, but the grammar remains the same.

The intelligence does not need to change as much as the consumer system around it does.

First, assign ownership. Someone in the room, by title, must be responsible for converting warnings into preventive action and be measured on it. In the absence of named ownership, a warning is a briefing, not a decision input.

Second, build the institutional muscle memory to receive information as a decision input. Decision-makers should rehearse the conversion of warnings into action, as operators or emergency services personnel do with contingency responses. Tabletop exercises, decision drills, and scenario planning before a crisis are inexpensive relative to the cost of surprise. They are also irregular at best in most organizations.

Third, lower the political cost of acting on a warning that doesn’t materialize. This is the hardest of the three because it is cultural rather than procedural, and it requires senior leaders, whether in government or in the C-suite, to defend subordinates who acted prudently on sound intelligence even when the worst-case scenario does not occur. Until acting on a warning is professionally survivable when the warning proves overcautious, the incentive structure will continue to punish exactly the behavior we say we want.

Chuck Randolph, a colleague in the corporate security community, puts the point more directly: “Intelligence without action is just information.” The line is uncomfortable because it is correct.

In many of the most consequential cases, the U.S. Intelligence Community is not failing simply because it cannot see the risk. The failure lies in the consumer system, which cannot act on what it is shown. Until that changes, we will continue to be surprised by events we warned ourselves were coming. We will continue to mistake analytical success for policy success, and policy failure for intelligence failure.

The Warning Paradox is not a forecasting problem. It is a consumer problem. Like most consumer problems, the people best positioned to solve it are the ones least accustomed to thinking of themselves as the bottleneck.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America's Veterans Are a Defense-Tech Asset — We're Wasting Them

I spent my formative adult years in service to my country—from seventeen to twenty-nine—and the core of how I identify myself remains that of a United States Marine. When I separated, the playbook was clear: suit up for the boardroom. Investment banks and consulting firms were the promised land, where top talent was expected to go.

It was not an easy transition. Few banks at the time viewed a Marine infantry officer's background as preparation for a career in finance. Frustrated by what my peers and I experienced, I helped found Veterans on Wall Street in 2009—a consortium of Bank of America, Citigroup, Credit Suisse, Deutsche Bank, and Goldman Sachs, led by veterans at each institution and focused on veteran hiring, transition support, and charitable giving. It was the right response for that moment.

That moment has passed.

The world has shifted decisively beneath our feet. Artificial intelligence, autonomous systems, cybersecurity, space, and advanced manufacturing are reordering the global balance of power and creating one of the most acute talent shortfalls in modern economic history. America's strategic competition with near-peer adversaries is no longer primarily a contest of battalions. It is a race to build, deploy, and operate AI systems, autonomous platforms, and secure communications infrastructure faster and more effectively than any rival. The conflicts unfolding today across the Middle East and beyond are shaped as much by autonomous systems, electronic warfare, sensors, and AI-enabled targeting as by boots on the ground.

The organizations building these systems need people who understand not only the technology, but the operational environments in which it will be used. Veterans who have worked in signals intelligence, operated in contested communications environments, or commanded logistics chains in austere conditions bring something no computer science curriculum can replicate: they have been the end user. They understand which failure modes matter.

The numbers are striking. More than 200,000 servicemembers separate from active duty every year. Meanwhile, technology occupations are projected to grow roughly twice as fast as overall employment over the next decade, with particularly acute demand in AI, data science, cloud infrastructure, and information security—roles that remain structurally undersupplied.

Yet the existing Transition Assistance Program (TAP) often functions as a checklist rather than a tailored pathway. Only about 52 percent of servicemembers complete the recommended one-year TAP timeline—a program designed for an economy that has itself moved on from the jobs it was built to funnel veterans into.

The irony is that veterans may be better positioned for the defense-tech economy than almost any other talent cohort—if we invest in the translation layer. Their skill sets naturally lend themselves to roles where human judgment, leadership under uncertainty, and adversarial thinking are most valuable: precisely the roles least susceptible to AI disruption and most critical to national security. They did not just study modern conflict. They fought it.

This is not a resume-translation problem. It is a strategic investment problem.

I learned this in a different context. In October 2004, my battalion deployed in support of what would become Operation Phantom Fury—the Second Battle of Fallujah, the bloodiest battle of the Iraq War. Eight days before the assault, we received an attached Iraqi Army company: 36 men out of an original 146, the rest having deserted. I didn't speak Arabic. My interpreter was a 55-year-old former physics teacher. Their weapons handling was dangerous. Their loyalties were uncertain. The decision before me was whether to lead them into combat or tuck them behind our movement through the city, as my peers planned to do. I led them from the front. And what emerged was an effective fighting unit—clearing houses alongside us, gathering intelligence no one else could access, saving lives on both sides.

The lesson I carried forward: the hardest leadership decisions are rarely about resources or capability. They are about the will to build the bridge between what you have and what the mission demands. That is exactly where we stand today on veteran transition.

The emerging defense-tech sector is already recognizing this. Firms such as Anduril and Shield AI—both co-founded by veterans—are hiring aggressively from military ranks. Organizations like MVA Foundation (MilVet Angels) have backed these up and coming defense tech startups, along with others like Hermeus, Ursa Major, and Cowboy Space Corp—a portfolio that maps almost precisely onto the Pentagon's own list of mission-critical technology priorities. What makes their model distinctive is its structure: all carried interest from exits flows back into a foundation funding veteran transition and entrepreneurship programs, creating a self-reinforcing cycle between investment returns and the next generation of veteran technologists. Palantir has taken a complementary approach through its American Tech Fellowship—a high-intensity program recruiting transitioning veterans and enlisted leaders, requiring no tech degree, and connecting graduates directly with defense tech employers. The core insight mirrors the best veteran transition efforts: the most persistent barrier is translation, and veterans routinely underestimate how directly their military experience maps to the roles AI-era employers can't fill. These are promising efforts. They are not yet at scale.

What would scale look like? Three things.

First, rebuild TAP around defense technology pipelines. The NSCAI and CNAS have argued for years that the program underdelivers, but they frame it as a workforce-quality problem. It is a national security routing problem. Statute already requires counseling to begin twelve months before separation, yet GAO finds 70 percent of servicemembers miss that threshold and commanders routinely waive attendance against their own services' rules. The answer is not another reform package layered onto a $500 million interagency program. The Secretary of War should use existing authority and appropriated dollars to redirect counseling toward critical-technology tracks, strip waiver discretion below the general-officer level, and replace completion rates with twelve- and twenty-four-month placement metrics tied to commanders' evaluations.

Second, fix SkillBridge's throttling problem. More than 25,000 servicemembers participated in fiscal year 2025 across 6,000-plus partners, but GAO's 2024 review found commanders deny or discourage participation because losing someone for 180 days reads as a readiness hit while the national security benefit accrues elsewhere. The Department of War should change how participants are counted against unit manning in their final 180 days, set a service-wide floor on approval rates with denials reviewable above the immediate commander, and require outcome reporting tied to placement in critical-technology sectors. The talent bench exists; the accounting rules are what keep commanders from releasing it.

Third, the private sector must signal that this is a strategic priority, not a corporate social responsibility initiative. Emerging defense tech companies competing for government contracts should be first movers. They have both the operational need and the patriotic case. When I helped found Veterans on Wall Street, the animating insight was that the private sector had to lead—that institutions with resources and relationships had to build the bridge before the government could cross it. The same logic applies now, in a sector with far higher national stakes.

A generation ago, top talent was expected to go into finance and consulting. Today, technology—and America's defense-tech companies—are building the arsenal of democracy for the 21st century. The people who know best how that arsenal must perform are already among us: 200,000 men and women separating from service every year, looking for someone to show them where they fit in the new economy.

The answer is in front of us. We just need the will to build the pipeline.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Economic Security in an Age of Strategic Competition

There is a growing perception among long-standing US allies that they need to expand commercial relations with the People’s Republic of China (PRC). A thaw or détente with the PRC brings both rewards, particularly for a sluggish economy like Britain’s, but also major risks. History shows that a superpower can ruthlessly exploit détente with the West.

Economic Security and Intelligence

Economic security and intelligence are nothing new. Before the Second World War, for example, Britain ran a small outfit known as the Industrial Intelligence Centre (IIC). Run by a former MI6 officer, Desmond Morton, the IIC provided a coordination of intelligence on German rearmament and, working with MI5, assessed Britain’s commercial vulnerabilities. British intelligence helped to devise the UK government’s War Book, which set out emergency regulations to protect critical national infrastructure in the event of war. After the Second World War, during the Cold War, it became a staple of British and other western intelligence to assess the size and strength of economies behind the Iron Curtain.

Risky Business

In 1972 President Nixon and his national security advisor, Henry Kissinger, ushered in a policy of détente with the Soviet Union. Its purpose was to further divide the Soviet Union from China. Papers at the Nixon library show that Kissinger was under pressure from British firms, in particular, to open up markets behind the Iron Curtain. Britain was in a dire economic doldrum following an oil shock due to a war in the Middle East.

Kissinger and Nixon knew that not all commercial technologies could be transferred to America’s main strategic enemy, the Soviet Union. The White House was accurately afraid of dual use technologies, namely those that were civilian but could also be used for military purposes. Kissinger limited the sale of high end computers and microchips, for example, only allowing second tier components to be sold to the Soviets.

Although Nixon and Kissinger accurately guessed that US industries would be targets for Soviet espionage, the extent to which the Soviets exploited détente would have been beyond their wildest imaginations. The collection of scientific and technical intelligence from the US was conducted by Soviet military intelligence (GRU) and the KGB, whose operating arm, Line-X, reported to Directorate T (Technology). In 1973 the KGB assigned an officer to New York whose full-time job was to collect (steal) US scientific and technical intelligence (S&T). By 1980 the US was producing more S&T intelligence for Moscow than the rest of the world combined. Visiting Soviet trade delegations to US research centers, laboratories and fortune 500 companies, for example, were packed with undeclared Soviet intelligence officers. In an agricultural delegation of a hundred Soviet officials about one third were known or suspected Soviet intelligence officers. In one visit to a Boeing laboratory a delegate applied adhesive to his shoes to obtain metal samples. The size of the Soviet onslaught was so large that entire fields of US research and development became replicated in the Soviet Union. The East German spy master, Markus Wolf, recalled the East German computer company, Robotron, was, thanks to Soviet espionage, an unofficial subsidiary of IBM.

Soviet S&T espionage was often facilitated by sloppy security at US defense contractors. An employee of TRW Corporations in Redondo Beach, CA, which manufactured a US spy satellite, recalled that workers “regularly partied and boozed it up during working hours with the ‘black vault’ housing the Rhyolite [spy] satellite project”. Bacardi rum, he claimed, was kept behind the cipher machines and a cipher-destruction device was used as a blender to mix banana daiquiris and Mai-Tais.

Soviet espionage was so far reaching that, ironically, by the end of the Cold War both sides of the conflict, NATO and the Soviet Union, were dependent on US S&T.

Business Risk

Fast forward to the present day – a time when the world is vastly more complicated than the last century’s Cold War. Western countries did not need the Soviet economy. By contrast, China is intertwined with the world economy.

Beijing is seeking to portray Washington’s new approach to economic, defense, and foreign policies as undermining the post war rules based international order that it created. Meanwhile the PRC, which, has previously railed against the international order (though in reality it vastly benefited from that order), is holding itself out to be the stable player on the world stage. The PRC’s attitude is that it will play by the rules when it suits it but is happy to break them whenever it decides to do so.

Recent diplomatic outreach to Beijing by Western leaders include agreements framed as pragmatic economic wins. If middle powers, like Britain, for example, pursue a strengthening of commercial relations with China, they will need a strategy to mitigate risk like Nixon and Kissinger developed. Britain does not have a strategy for doing so. Even China hawks, like former US ambassador in Beijing, Nicholas Burns, have stated that for economic growth the US will need to continue to trade with China, but will need to carve out elements of national security and critical infrastructure. The latter is a principle stretching back to the UK government War Book.

There is no reason why the PRC would not seek to exploit a détente with the west as the Soviets did before. The Chinese state and its intelligence services have never encountered a western business whose intellectual property they did not want. The Chinese Communist Party (CCP) uses a constellation of front companies to do business with the outside world. Often such companies will enter into business ventures to obtain intellectual property from their western counterparts, but then pull the plug, bankrupting their western counter parties. To add insult to injury, Chinese firms will often sell the product they have stolen back to western markets.

The name of the game for western businesses must therefore be risk mitigation regarding China. In the last century, governments held the monopoly on the know-how and intelligence critical to the technologies that shaped our world – nuclear weapons. It took state resources to detect technology transfer. Soviet S&T espionage was only discovered when French intelligence recruited an agent in KGB Line-X in the 1980s. The same is not true today. Private sector companies today hold the keys to innovations that will shape our lives this century – microchips, A.I., quantum and bioengineering. It is therefore private sector companies that are best placed to mitigate risk of stolen intellectual property. And unlike in the past, this can be done by using A.I. driven publicly available data.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Future of Intelligence Space Assets: SAR, Electro-Optical and AI Fusion

The combination of synthetic aperture radar (SAR) and electro-optical reconnaissance is changing modern intelligence collection. What was once a competition between sensor systems has turned into an integrated targeting system that can provide constant almost real-time global surveillance. The future of space-based intelligence is not one or the other. It is about using both SAR and optical imagery together with artificial intelligence, multiple satellites and automated targeting systems.

For a time, electro-optical satellites were the best for strategic reconnaissance. Systems like the KH-11 series provided very detailed visual information allowing analysts to identify aircraft types, monitor missile deployments and assess enemy military infrastructure with great accuracy.

Optical systems have always had limitations.

Clouds, smoke, darkness and bad weather could make it hard or impossible to collect information. Enemies knew about this weakness and often used weather to hide their movements. Synthetic aperture radar completely changed this. Unlike electro-optical satellites, SAR systems send out radar pulses and measure the energy that bounces back from the earth’s surface. Because radar waves can go through clouds and work in any light, SAR satellites can provide surveillance in any weather, day or night. This made radar reconnaissance more important. The real change is happening now with both systems working.

A modern intelligence cycle often starts with SAR detection.

Radar satellites continuously monitor areas looking for unusual activity, movement patterns or changes in infrastructure that might indicate military activity. A SAR satellite might detect soil near a missile field, unusual patterns at a naval base or the movement of launchers in bad weather. Because SAR is good at monitoring areas it's a great way to detect suspicious activity. Once something suspicious is detected optical systems are used to get information. Electro-optical satellites can then determine whether a detected object is a decoy, a logistics vehicle, a formation or a ballistic missile launcher. SAR provides detection and persistence; optical systems provide confirmation and attribution. Together they create a more powerful intelligence system.

This fusion is becoming more important as mobility increases.

During the Cold War strategic targets were often predictable. Today’s battlefield is mobile spread out and deliberately deceptive. Hypersonic missile launchers, ship ballistic missile units, mobile ICBMs and rapidly relocatable air defense systems require continuous tracking rather than periodic observation. Combined SAR/ electro-optical targeting enables custody of such targets across multiple environmental conditions. The war in Ukraine has shown aspects of this evolution.

Commercial SAR providers have demonstrated the ability to monitor troop concentrations identify damaged infrastructure and track movements despite poor weather and battlefield obscurants. Meanwhile optical imagery providers supplied detailed visual confirmation of equipment losses and force deployments. The integration of governmental ISR streams has accelerated intelligence dissemination timelines dramatically compressing what once took days into hours or even minutes. The United States (Proliferated Architecture) and China are both investing heavily in low-Earth orbit constellations designed around sensor fusion concepts.

Instead of relying on a few high-end strategic satellites, next-generation architectures employ many smaller assets operating together across multiple orbital planes. SAR satellites may maintain persistent broad-area surveillance while optical satellites conduct rapid revisit identification missions.

Artificial intelligence is key to making this architecture work.

The volume of data generated by ISR constellations far exceeds the capacity of human analysts alone. Automated systems are now increasingly responsible for anomaly detection, pattern recognition and cross-sensor correlation. AI algorithms can compare SAR signatures across time identify changes in terrain or infrastructure and automatically task assets for further inspection. The reconnaissance architecture itself is becoming semi-autonomous. This trend is especially important in surveillance.

The world’s oceans represent one of the difficult ISR environments due to weather, scale and vessel mobility. SAR systems are exceptionally effective at detecting ships because metallic structures strongly reflect radar energy. A radar satellite can identify vessels through storms or at night when ships disable AIS transponders to conceal their location. Optical satellites can then refine identification, determine vessel class, assess deck activity and verify cargo or weapon configurations.

The strategic implications are profound.

For planners, combined SAR and optical targeting reduces sanctuary. Traditional concealment methods based on weather, darkness or camouflage become increasingly ineffective when adversaries possess multi-sensor coverage. Effective concealment now requires defeating sensing modalities simultaneously dramatically increasing operational complexity. This development also affects nuclear deterrence dynamics.

Mobile missile forces historically relied on mobility and concealment for survivability. Persistent fusion between SAR and electro-optical platforms threatens to erode that survivability by enabling tracking of transporter-launchers across wider geographic areas. Such capabilities may intensify concerns about counterforce vulnerability among peer nuclear powers. At the time the increasing dependence on integrated ISR architectures creates new vulnerabilities.

Combined targeting systems rely heavily on data fusion networks, satellite communications, cloud-based processing and AI-driven automation. Disrupting any component of this chain - through cyberattacks, electronic warfare, kinetic ASAT operations or orbital interference - could degrade the effectiveness of the reconnaissance ecosystem. Consequently, future space competition is unlikely to focus on building better satellites. Instead, competition will center on resilience, data integration, processing speed and survivability under contested conditions. Nations capable of sustaining sensor fusion architectures during conflict will possess operational advantages. The future battlefield will likely feature ISR "kill webs" than isolated collection platforms.

Future trends

SAR satellites, SIGINT assets, airborne ISR, unmanned systems and terrestrial sensors will operate as interconnected nodes in a continuous surveillance and targeting network. Detection by one sensor will automatically trigger tasking across others producing situational awareness at unprecedented speed. This evolution represents one of the significant transformations in intelligence collection since the dawn of the space age. The decisive advantage no longer belongs merely to the nation with the photograph from orbit.

It belongs to the nation of integrating radar persistence, optical precision, automated analytics and rapid targeting into a unified operational architecture. In the emerging era of power competition, combined SAR and optical targeting is becoming more than an intelligence capability.

It is rapidly evolving into the new era of modern military power itself.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Morning Brief: What the PDB Can Offer the Corporate Leadership Team

CEOs of major corporations need to make hugely consequential decisions every day, but many start their mornings in fragmented and reactive information environments. Compare that to the President and other senior US national security leaders who often begin their day when their intelligence briefer delivers the President’s Daily Brief (PDB). The PDB briefer provides a curated engagement to help their principal understand the issues of the day; the briefer might share insight on the motivations of a key foreign leader, walk through the nonobvious implications of a recent development, or offer a path to pose questions directly to the Intelligence Community. The PDB briefing model offers a compelling template for companies that want to improve the information and decisionmaking environments of their key leaders.

The PDB has been around for more than 60 years. It is the pinnacle of the Intelligence Community’s analytic support, delivering the most important and high-quality analysis and intelligence reporting. Perhaps more importantly, it pairs a senior leader with a briefer whose sole job is to enable their principal to understand everything they need to know about national security issues for that day in about 30 minutes. The briefer becomes intimately aware of the principal’s world – who are they talking to later that morning, which NSC meeting do they have to attend in the afternoon, what policies are they trying to advance, and where are their blind spots on national security threats that could harm Americans. Through those daily conversations, the briefer helps the principal identify the questions to ask to get to the heart of a complex issue and sometimes passes those questions to the IC in the form of taskings that will result in a follow-up written response.

The briefer uses their mastery of analytic tradecraft to explain the argumentation behind each assessment in the PDB. They provide context and offer the principal a confidential sounding board to talk through policy quandaries. They deliver bad news effectively and dispassionately by expertly walking through the strength of the sources underlying key judgments. In short, having a daily briefer gives the principal an opportunity to better accomplish his or her goals.

In the private sector, executive leadership teams are often left to their own devices, triaging emails from the day before, trying to make sense of dashboards showing the most recent overnight data, and trying to read a few different news sources to get a handle on a threat to the company’s wellbeing that seems important even as the key implications remain hazy. CEOs might meet with a chief of staff, which helps, but that role is built to clear obstacles, drive decisions, and put out the day's fires — work that runs on deadlines, unlike readiness to answer any major question the CEO could raise, even the ones they never ask. So no matter how capable the chief of staff or how large their team, that readiness is the first thing the calendar crowds out. An executive assistant can walk through the schedule but can't explain why tomorrow's agenda is built around the wrong question. Everything feels reactive because it is.

The PDB process offers a better way. Imagine a major company that creates a small team of senior managers that understands all the inputs flowing to the executive leadership team from across the company—data from sales and marketing teams, supply chain updates, cyber threat assessments—and can identify what the leadership team needs to know each morning. Just like the staff that creates the PDB’s content, these managers would work with internal stakeholders to create a set of products delivered to the leadership team with a predictable rhythm while facilitating the production of ad-hoc “breaking news” style internal assessments. The team would work with a set of briefers drawn from the company’s most promising midlevel employees – rising stars who have demonstrated exceptional abilities to make sense of huge amounts of data and understand the needs of someone in a leadership role, and who have unquestionable judgment and discretion.

Both groups would work together to produce and deliver the briefing package for the CEO and other executive team members. The CEO’s briefing package might be the smallest but would include the most important internal company information combined with external news pulled in by the briefer overnight. It would form the core of the briefing package for every other leadership team member so each would know what the CEO is reading each morning, allowing them to be better prepared to answer questions from the CEO while also giving them additional material relevant to their core roles – the chief marketing officer might get extra news reporting on trending influencers while the chief financial officer might get a rundown on the latest indicators of how the Fed might vote the following week. Strong companies will protect both teams from institutional pressure by making their mandate for objective delivery explicit – one way to handle this would be for the briefing team to report to the board to help protect their independence.

On any given morning, the CEO’s briefer would explain the electoral dynamics affecting how a visiting governor will ask for concessions from the company at their breakfast meeting; unpack the data in a recent HR study on employee retention rates; highlight the mitigation of a recent cyber intrusion event; and unpack the political dynamics in a major foreign market that could lead to retaliatory tariffs. The briefer can go deep into all of these issues because she spent all night working to understand them. If she can’t answer the CEO’s questions, she’ll issue a tasking to the right department, which will deliver an answer the briefer can use by the next morning. Before she leaves for the day, she’ll give a download of the briefing to the chief of staff, record feedback on various items in the briefing to share with key recipients and review the menu for the next day’s briefing items with the production team.

As the saying goes, when information is cheap, attention becomes expensive. As AI shifts the cost of information and even analysis toward zero, a key constraint on senior decision-making shifts to something more scarce — a trusted human whose sole mandate is to be prepared to help a leader be ready to start their day in an environment in which seeing what’s around the corner is both increasingly important and difficult. The PDB briefing experience creates a partnership between principal and briefer that extracts the most value from the least amount of time, which is inarguably the most valuable resource for any senior leader. Companies facing fast-moving, loosely connected threats, where being caught flat on any single one is costly, will find that having a corporate PDB briefing team is less a luxury than a wise investment having leaders who are exquisitely prepared to meet each day.

Phillip Consentino recently retired after a 25 year career in CIA’s Directorate of Analysis in which he served as managing editor of the PDB from 2019-2022.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author's views.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Russia’s Taliban Embrace Signals a New Power Shift in Afghanistan

Sometimes the only thing more frightening than Afghanistan’s problems is the Taliban’s solutions and the recently signed Russia-Taliban military-technical agreement may be the most alarming one yet. The partnership signals that Afghanistan’s security architecture is being rebuilt without the United States, and increasingly by America’s rivals. Washington should pay close attention because the deal hands one of the world’s most repressive regimes a pathway to becoming more capable and deeply entrenched in a regional order where Russian influence is expanding at America’s expense.

No one should be fooled by the bland language of the arrangement struck between Sergei Shoigu, one of Russia’s most powerful figures, and Taliban Defense Minister Mawlawi Mohammad Yaqoob. In Russia’s playbook, such arrangements are practical templates for influence, opening the door to weapons transfer, spare parts, maintenance contracts, training missions, surveillance systems, encrypted communication tools, and intelligence sharing, ultimately producing deep security dependence. It also creates space for Russian military contractors to embed inside Taliban's security institutions and for Moscow to establish listening posts inside Afghanistan, expanding its visibility into rival intelligence activity across the region.

The arrangement marks a clear shift from Russia’s arms-length contact with the Taliban to something closer to institutional partnership. For Moscow, it delivers a foothold inside the Taliban’s security state, a lever in the region, and potentially a quiet logistics corridor through Afghanistan, including toward Iran. For the Taliban, it offers legitimacy, military hardware, technical assistance, and a powerful patron that will not attach lectures about human rights or political inclusion to its support.

The reported rationale, countering the threat from ISIS-K, the Islamic State’s regional branch, is genuine enough to give both sides cover. ISIS-K has mounted attacks inside Afghanistan, challenged Taliban authority, recruited across Central Asia, and claimed the 2024 Moscow concert hall attack that killed over 140 people. While both Russia and the Taliban have reasons to fear it, reducing the deal to counterterrorism alone misreads its scope. As threats stack up — ISIS-K, border instability, militant flows, and narcotics trafficking — Moscow is exploiting each layer of risk to justify a deeper role in Afghanistan, where the United States spent two decades trying to shape the outcome.

Russia did not arrive at this partnership out of ideological sympathy, as the history between the two sides is complicated enough to rule that out. In the late 1990s, the Taliban recognized Chechnya's independence, openly supporting a separatist cause that Moscow treated as an existential threat. Years later, Russia was reportedly the third largest external backer of the Taliban insurgency against U.S. forces, after Pakistan and Iran. What drives Moscow today is the same cold logic that has long shaped its Afghanistan policy: not affection for the Taliban, but a calculated bargain of what that regime can deliver. That is why Moscow first removed legal barriers to dealing with the Taliban, then became the first country to formally recognize the regime, and has now moved into a deeper security partnership.

Under the new arrangement, Taliban arrives at the table with every disadvantage that makes it an ideal Russian partner. It is isolated internationally, starved for cash, absorbing Pakistani airstrikes along a contested border, and desperate for external legitimacy. For the Taliban’s ruling clerics, accepting help from Moscow may mean swallowing some pride, but their need for outside support is real. For Russia, that desperation is more of a feature than a flaw: a partner weak enough to need help, isolated enough to accept the terms, and useful enough to serve a larger regional strategy. A stronger Taliban may be dangerous, but a dependent Taliban is exactly what Moscow wants.

This is a playbook Moscow has refined elsewhere. Across the Sahel, Russia used Wagner Group and its successor structures to offer struggling regimes what the West often withholds: weapons, trainers, protection, and political backing without rigid preconditions. Moscow’s offer is structurally simple: show up with ammunition and discreet support when others walk away. In places where governance has collapsed and security guarantees are scarce, that formula has proved devastatingly effective. The same template has now arrived in Afghanistan.

The Taliban's military has a well-understood Achilles' heel, and they badly need what Russia can provide. Taliban forces can hold territory, run checkpoints, and enforce loyalty with remarkable effectiveness, but they remain vulnerable to airstrikes, drones, and advanced surveillance. They also rely on aging Soviet-era equipment, captured stocks, and leftover U.S.-supplied hardware inherited from the previous government's collapse, much of which is difficult to sustain. Russian support could close these gaps, including by training technicians, repairing helicopters and armored vehicles, supplying cheap drones, upgrading communications, and possibly even strengthening air-defense capabilities over time.

For the Taliban, political payoff compounds the military one. Every handshake with a major power makes the regime look less like a permanent pariah and weakens the assumption that it can be kept outside the international system indefinitely. Every technical channel also opens a pathway to broader commercial engagement - from mining contracts and railway projects to regional connectivity initiatives - each one gradually normalizing Taliban rule.

The most important piece of this arrangement is intelligence cooperation. The Taliban can provide what Russia cannot easily get on its own: human access across districts, border crossings, prisons, mosques, smuggling routes, and militant networks. That means eyes and ears on who moves, who recruits, who shelters foreign fighters, who disappears across borders, and who returns with new skills or fresh instructions. Russia, in turn, brings capabilities the Taliban has limited means to develop domestically, including surveillance tools and biometric systems, creating a dangerous exchange.

The danger sharpens when we trace what Russian equipment could actually do in Taliban hands. Military-grade drones could help hunt ISIS-K, but they could also give Moscow visibility over Afghan terrain, border and customs zones, and security movements. Encrypted Russian communications tools may help Taliban commanders avoid interception by rivals while remaining visible to Russian signals intelligence. Biometric databases could help identify ISIS-K and other suspects, but they could also turn Afghan border crossings into screening nodes serving Russian security priorities.

The most obvious danger lies in targeting. The Taliban is not a clean counterterrorism partner, even if it governs a country riddled with extremist groups, many of which it tolerates or quietly protects. Russian intelligence tools intended to hunt ISIS-K could easily be redirected by Taliban factions toward other targets, including regional rivals, Afghan political opponents, or competing factions. The same capabilities could also be used to pressure businesses, monitor communities, and harden the coercive machinery the Taliban relies on to keep dissent from organizing.

Russia's machinations, however, extend well beyond the bilateral arrangement. At a Shanghai Cooperation Organization (SCO) meeting in Bishkek in May, Moscow framed its Taliban partnership not as a narrow bilateral preference, but as a player in collective regional stability — one that Tajikistan, Uzbekistan, Kazakhstan, and China are likely to reinforce, or at least tolerate. Through this framing, Taliban security cooperation is being gradually folded into the SCO orbit, giving the Taliban targeted access to a multilateral intelligence architecture while allowing Russia to be the primary gatekeeper of that relationship. The message to the region is unmistakable: Moscow now holds the direct Taliban line and is best placed to manage threats from Afghanistan.

Here, Taliban and Russian interests may also converge in ways that quietly extend the partnership's reach — for example, in suppressing Tajik militant networks inside Afghanistan to reduce threats to Tajikistan, a CSTO member Russia is treaty-bound to defend. Meanwhile, Moscow is simultaneously positioning itself as a mediator between the Taliban and Pakistan — whose relationship has collapsed into open hostility along the Durand Line — placing Russia not just as Taliban’s partner but as a potential broker with Pakistan.

To be sure, Russia is not blind to what it is getting into by betting on a regime with deep self-limiting features, risks Moscow appears willing to accept if the new arrangement holds. The Taliban is neither a nimble political system nor capable of easy course correction, driven instead by ideological certainty and its own sense of manifest destiny. It increasingly operates on a logic of risk because risk has repeatedly paid off. The man at the top of the regime trusts almost no one, yet constant jockeying runs beneath him across the ranks with different factions needing allies, resources, networks, and outside patrons simply to survive. That contradiction shapes Taliban politics and remains the regime’s main weakness. That gap between centralized command and fractured allegiance is also the fault line along which the entire arrangement with Moscow could eventually crack.

At the same time, the Taliban has learned to make uncertainty work in its favor. It rarely needs a clear view of the future because unpredictability itself has become part of its governing style, a way to preserve options, test limits, and keep others off balance. Ironically, this is also one area where Washington still holds a form of leverage. Washington is often described as unpredictable, but unpredictability can be a deterrent when adversaries cannot easily calculate how it might respond in a crisis.

The problem is not that Washington is confused about Taliban-ruled Afghanistan, but that the debate around it often lacks the right framing. When Afghanistan is discussed, the focus usually defaults to ISIS-K threat and the residual al-Qaeda presence, asking whether these groups can strike the American homeland. From that starting point, the Taliban gets cast as either a human rights problem demanding condemnation or as a reluctant counterterrorism partner worth practically engaging, with little analytical space in between. The more important question is not only whether ISIS-K poses a threat to the United States (it does), but whether the Taliban's evolving security state, including its external patrons, militant relationships, and deepening integration into Russia's orbit, is creating a threat landscape that will be far harder to confront once it fully takes shape.

That’s why, for the United States, the lesson embedded in this relationship is both clear and uncomfortable. Afghanistan’s security architecture is being rebuilt in America's absence — and, in some ways, against American interests. Isolation has not changed the Taliban; instead, it has driven the regime toward partners who ask fewer questions and deliver more practical assistance. Russia, meanwhile, also benefits from a strikingly different position in its dealing with the Taliban: no Russian hostages held by the group, no clear constraints on Russian intelligence activity inside Afghanistan, and no Taliban-generated political pressure that would otherwise complicate Moscow’s calculus. The asymmetry matters because while Washington carries the heavy weight of a twenty-year war, Moscow is now buying influence at a discount.

None of this argues for recognizing the Taliban, legitimizing its rule, or copying Moscow's approach to engagement. But pretending that isolation and sanctions alone will contain a regime actively cultivating powerful patrons is no longer credible. If that assumption continues to guide U.S. policy, Afghanistan will keep drifting into a security order where American influence is weak, Russia’s leverage is growing, and the Taliban’s staying power becomes more sophisticated.

The Russia-Taliban handshake was quiet, but its consequences are unlikely to be. If Washington does not define a realistic Afghanistan policy before these arrangements harden, Russia and others will keep writing the rules in a country where the United States paid the highest price only to watch its rival collect the benefits.

The Cipher Brief participates in the Amazon Affiliate program and may make a small commission from purchases made via links.

Sign up for our free Undercover newsletter to make sure you stay on top of all of the new releases and expert reviews.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Governance Failure and Civil Resistance in Azad Jammu and Kashmir

The June 2026 events in Azad Jammu and Kashmir (AJK) are the most recent example of a larger governance issue rather than a singular political crisis. Authorities banned the Jammu Kashmir Joint Awami Action Committee (JKJAAC) on June 5–6, detained dozens of activists, interfered with internet and mobile services, and asked for more security guards in advance of a long march and strike that was scheduled to take place throughout the region (Pakistan Today, 2026a; Express Tribune, 2026a; Express Tribune, 2026c). The clash stems from years of unsolved grievances, failed agreements, and rising irritation with the gap between formal autonomy and effective authority, even though these measures were justified as being required to protect public order.

The Architecture of Managed Dependency

Many of the institutions of self-government, such as an elected president, prime minister, legislative assembly, and judiciary, are present in AJK. However, Islamabad continues to have a significant influence in important policy areas like infrastructure, electricity, water management, and security. According to Zamin (2025), AJK's elected institutions frequently have little control over the policy areas that have the biggest impact on day-to-day living.

This paradox is especially apparent in the energy industry. With almost 3,000 megawatts feeding the national grid and much more unrealised potential, hydropower projects supported by AJK's rivers greatly contribute to Pakistan's electricity generation (Wikipedia, 2024; The News, 2026). Residents still have to deal with load shedding and electricity costs, which are generally thought to be out of proportion to local production costs, notwithstanding this contribution (The News, 2026). One of the main causes of political unrest is the belief that local resources mostly benefit the larger federation while local communities receive little in return.

Political developments have heightened these concerns. Changes in governance in AJK typically reflect developments in federal politics rather than local election preferences. Following political shifts in Islamabad, the PTI-aligned administration was replaced by a PPP-led government, strengthening perceptions that AJK's institutions act as extensions of federal political dynamics rather than representations of local democratic choice (The Diplomat, 2025; Express Tribune, 2026b).

Three Years of Agreement, Three Years of Non-Implementation

The current issue cannot be understood without first reviewing the pattern of previous agreements and unsuccessful implementations. Since 2024, negotiations between the government and the JKJAAC have generated numerous settlements aimed at resolving economic and political problems. However, several obligations were postponed, partially implemented, or unresolved. Following significant protests in May 2024, officials pledged financial aid, discounted utility bills, and reduced wheat prices (Wikipedia, 2024). The movement called off its protests, but implementation delayed. Further agreements concluded in late 2024 and 2025 followed a similar pattern. Compensation measures, legislative review, telecommunications reconnection, and public services did not offer the level of change that many citizens expected (Voicepk, 2026).

By May 2026, negotiations had once again broken down. Disputes over legislative representation and implementation methods increased the distance between the parties. The JKJAAC rejected government proposals on the refugee-seat issue and boycotted an All Parties Conference convened to address the matter (Express Tribune, 2026b). For many campaigners, conversations appeared to yield paper commitments rather than genuine progress in practice.

The implications went beyond politics. Protest-related violence in 2024 and 2025 resulted in civilian deaths, communication limitations, and growing mistrust between government and civil society groups (Voicepk, 2026; Al Jazeera, 2025). During this time, the movement shifted from a campaign centred on economic concerns to a broader platform arguing for governance change, accountability, political representation, and increased local control over resources (JURIST, 2025).

The Proscription and Its Implications

The decision to identify the JKJAAC under anti-terrorism legislation marks a significant step up in the state's response. The organisation is a coalition of traders, lawyers, labourers, transportation workers, and community representatives that has mostly operated through strikes, demonstrations, and negotiations with government officials (NewsX, 2026). Applying legislation designed to fight violent organisations to a movement with proclaimed civic goals profoundly alters the legal status of political opposition in AJK.

Authorities claim that the group jeopardised public order and security. Critics argue that the prohibition risks criminalising political opposition instead of addressing the root causes of instability. According to opposition politicians and civil society campaigners, the bill severely restricts democratic rights and peaceful political engagement (Express Tribune, 2026b).

The timing of the ban is equally important. It happened right before a planned protest rally and shortly before elections. When combined with communication limitations and large-scale security deployments, the action has raised doubts about whether the goal is counter-terrorism, election stability, or the containment of organised political opposition (Pakistan Today, 2026b; Express Tribune, 2026c). Regardless of aim, the decision has reduced the opportunity for conversation at a time when confidence between the state and civil society is already exceedingly low.

The International Dimension

Unlike prior protest cycles, the June 2026 crisis has sparked increased international attention. Members of the British Parliament and Kashmiri diaspora have expressed worry about arrests, communication limitations, and the overall political situation (NewsX, 2026). Reports of families being unable to reach relatives in AJK fueled criticism of the government's response.

The situation is also unfolding in the background of the unresolved Kashmir conflict and ongoing tensions between India and Pakistan. Following Operation Sindoor and the following cease-fire, regional tensions remain high (Carnegie Endowment, 2025). AJK is a unique territory that is both politically disputed and strategically significant. As a result, internal dissent is frequently regarded via a national security perspective rather than just as a governance issue.

The Substance of the Demands

To assess the proportionality of the state's response, one must examine the substance of the JKJAAC's demands. The movement's platform includes lower electricity tariffs, food and fuel subsidies, more local benefits from hydropower projects, accountability for protest-related violence, civil liberties protection, and parliamentary representation improvements (Kashmir Welfare Foundation, 2026).). While some initiatives are politically problematic, the overarching agenda prioritises governance, economic fairness, and institutional responsibility over secession or armed opposition.

Movement leaders have constantly described the campaign as peaceful and nonviolent (Pakistan Today, 2026c). At the same time, popular sentiment in the AJK is not uniform. Some citizens support the movement's goals but are dissatisfied with the inconvenience created by ongoing strikes and shutdowns (Pakistan Today, 2026d).

Conclusion: The Cost of Structural Deferral

The events of June 2026 reveal a long-term government failure. AJK's formal autonomy has not been matched by comparable political authority, and its resource richness has not resulted in broadly shared economic gains. Repeated agreements have boosted expectations without resolving underlying complaints, while rising conflict has gradually destroyed trust between the state and civil society.

The fundamental question is not whether the demands for accountability, representation, and economic fairness will continue. The evidence from the last three years suggests they will. The more pressing question is whether AJK's governance structures can adapt to meet those demands through actual reform rather than repeated cycles of protest, repression, and non-implementation. Without such reform, the tensions visible today are unlikely to disappear; they will merely re-emerge in new forms, carrying growing political and reputational costs for the state.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

How Gulf States Turned Crisis Into Confidence

The Epidemic of Patriotism

How war, intelligence, technology, and state competence are building a new nationalism in the Gulf.

There is an old idea in political theory that war makes the state.

The pressure of external threat forces governments to centralize, to coordinate, to invest in systems that work. States that survive conflict emerge more capable than they entered it. The ones that don't fracture.

What nobody talks about is what comes next.

When the state performs, when it absorbs the shock, sustains order, and demonstrates visible competence, the state makes something else.

It makes patriots.

I recently spent time in the UAE during a period of acute regional pressure following Iran's barrage of missiles and drone strikes across the Middle East. What I expected to find was tension. What I found instead was something more interesting.

Patriotism. Everywhere. Organic, visible, and unforced.

Towering signage along major highways with mottos like “Proud of UAE.” UAE flags woven into the texture of daily life, not militarized, not performative, but present in the way that identity becomes present when people feel their nation has held the line.

The population wasn't reacting to crisis. It was consolidating around the idea of the state itself.

The question I came back with: why did this work? Why did external threats produce loyalty rather than anxiety? Why did the GCC, especially Saudi Arabia, UAE, and Qatar emerge from a period of regional instability with greater public confidence, not less?

The answer isn't just geography or leadership or cultural cohesion. The answer is in intelligence and defense architectures.

The Intelligence Backbone Nobody Sees

States that perform in a crisis don't do so by accident.

Behind the public calm in the UAE, behind the intercepted drones and the uninterrupted skylines and the visible symbols of continuity, is a decision-making infrastructure that most people never see and analysts rarely discuss in this context.

Over the last decade, the Gulf states have made serious, sustained investments in the tools of modern statecraft: open-source intelligence collection, AI-enabled data fusion, integrated sensor networks, and the analytical pipelines that allow governments to move from information to decision at operational tempo.

This is not hypothetical. It is observable in procurement patterns, in the capabilities demonstrated during the March–April 2026 Iranian attacks, and in the speed and coherence of governmental response across multiple GCC states simultaneously.

When Iran launched, these states knew.

Not just from allied intelligence sharing, though that mattered, but from indigenous systems built to ingest, fuse, and act on data at scale. Commercial satellite feeds, open-source signals, pattern-of-life analysis, cross-domain data pipelines that would have been the exclusive domain of major intelligence agencies a decade ago.

The state saw clearly. And because it saw clearly, it acted. And because it acted, the public saw competence.

But seeing clearly was only part of it.

The battlefield that Iran chose to contest is not the battlefield of the 20th century. It is not decided by who has more tanks, more ships, or more aircraft. Iran didn't send a conventional military force. It sent drones and missiles, cheap, scalable, and increasingly precise instruments that have fundamentally democratized the ability to project lethal force across distance.

The drone is the great equalizer of modern conflict.

It lowers the cost of precision strike to a level that non-state actors, regional powers, and asymmetric adversaries can sustain indefinitely. It saturates traditional air defense frameworks designed for a different threat geometry. And it shifts the decisive advantage away from platform count and toward something harder to procure and harder to replicate: the architecture of detection, classification, and response at machine speed.

The GCC understood this shift before the attack came.

The investments made across Gulf states in counter-drone systems, AI-enabled sensor fusion, and integrated kill chains weren't legacy procurement decisions, they were deliberate bets on the direction the battlefield was moving. The question was never who had more. It was who could out-sense, out-decide, and out-react fast enough to neutralize a swarm before the next one launched. That is not a hardware problem. It is an architecture problem.

And on the night Iran tested it, the architecture held.

The state acted decisively. And the public, watching intercepted threats fall before they reached their targets, saw a government that had invested in the right problems before the crisis arrived.

Technology continues to advance, and the GCC states are in an accelerating race to optimize their asymmetric architectures, sharpening their ability to detect and defeat incoming threats at machine speed, while developing the offensive capacity to reach back and eliminate the sources before they can launch again. That is not a static capability. It is a compounding one.

That is the mechanism. That is how intelligence and technology become patriotism.

Competence as the New Social Contract

Patriotism in the Gulf was never purely tribal or historical.

It has always carried a transactional dimension, a contract between population and state that runs something like: deliver safety, deliver prosperity, deliver order, and you have legitimacy. What has shifted is the evidence base for that contract.

Citizens don't observe the intelligence and defense architectures directly. They observe outcomes. Intercepted missiles. Functioning infrastructure. Stable markets. Governments that communicate clearly and move without visible panic.

In an era of OSINT and data driven decision-making, the speed and quality of state response have increased measurably. The lag between threat and action, the gap that historically exposed state weakness, has compressed. Governments with modern day focus on intelligence collection from open-source and sensitive sources, data exploitation, and data fusion to enhance their decision-making cycle, simply look more competent, because they are more competent, at least in the domains the public can witness. This matters enormously for legitimacy.

When people can compare their government's performance against the chaos visible across their borders, in real time, on their phones, through open-source feeds that show burning cities and collapsing infrastructure elsewhere, the contrast is stark. The Gulf didn't just survive the pressure. It appeared to absorb it without breaking stride. That contrast is where modern patriotism is being forged.

A New Kind of Nationalism

What I observed in the UAE is not the nationalism of the 20th century.

It is not rooted in historical grievance, ethnic solidarity, or liberation mythology. It is not state-manufactured in the top-down sense that Western analysts often assume when they look at Gulf political culture.

But it isn't accidental either.

I spoke with Jonny Gannon, a retired CIA officer with extensive experience in the Middle East. His observation cuts to the heart of what makes the UAE's approach distinctive: "The UAE hasn't just invested in infrastructure and technology, but also in symbols and stories of unity. Identity politics and divisive behavior is actually not allowed."

That framing matters. What Gannon is describing is a deliberate parallel architecture, one that runs alongside the defense and intelligence investments and is equally intentional. While the GCC was building the data pipelines and counter-drone systems that would absorb Iran's attack, it was also constructing the cultural conditions that would make a population capable of responding with pride rather than panic.

The billboards. The flags. The national narratives. The deliberate suppression of the sectarian and tribal fault lines that have fractured other states in the region. These are not decorative. They are load-bearing.

A population divided against itself cannot consolidate around a state under pressure. The UAE understood that social cohesion is not a soft outcome, it is a strategic asset. And it built both the hard and soft architecture with the same discipline.

It is aspirational. It is performance-based. And it is digitally amplified in ways that accelerate its spread.

The younger generation across the GCC is patriotic about *what their states are building*, AI cities, space programs, global financial hubs, intelligence architectures that rival those of countries ten times their size. They are proud of capability. Of systems that work. Of governments that appear to know what they are doing.

Crises accelerate this.

When missiles fly, populations ask questions that normally stay dormant: Who protects us? Has the threat been curtailed? Are we safe?

The Gulf answered those questions with visible, competent performance, enabled by tools most of the world's analysts don't fully credit in this context.

The Irony Iran Didn't Intend

There is a strategic irony in what Iran's March - April 2026 strikes produced.

The intended effect was intimidation. The demonstration of reach. The signaling of capability and willingness to escalate.

The actual effect, in the Gulf at least, was consolidation.

The GCC states that were targets, or could be targets, emerged with sharper national identity, higher public confidence in their governments, and stronger regional cohesion than before the attack.

Iran's strike package became the proof of concept for Gulf state competence.

Every intercepted drone was a data point. Every functioning hospital, every uninterrupted supply chain, every calm official statement backed by visible governmental control, each one reinforced the social contract between citizen and state.

The war made the state. The state made the patriots.

Two Kinds of Patriotism

Not all patriotism is built the same. And the difference matters more than people recognize.

On September 11, 2001, the United States experienced one of the most powerful eruptions of national unity in its modern history. At the time, I was a young CIA case officer and I felt the power of national unity and the need to protect the homeland at all costs. Flags on every overpass. Record military enlistments. Increased approval ratings for government institutions that hadn't existed in decades and haven't been seen since. It was real. It was visceral. But it didn't last.

Within a few years, the wars in Afghanistan and Iraq had begun to hollow it out. By the time those wars ended, the patriotism of September 12th had transformed into something closer to its opposite: criticism and distrust of institutional decisions over 20 years and a political culture defined by the fractures that grief and vengeance had papered over. The reason was structural, not incidental.

The patriotism that followed 9/11 was built on shared trauma and collective grief. It was the patriotism of deep national wounds, powerful in the moment, but dependent on an enemy and an emotion rather than a demonstrated capability. When the wars that followed proved costly, and inconclusive, the foundation cracked. Because the foundation was based on pain.

The Gulf in 2026 is a different story.

Patriotism emerging across the GCC was not born from a failure to stop attacks against the homeland nor forged in grief. It emerged from a population watching its governments absorb a real threat, intercepted in the air, managed on the ground, communicated clearly, and perform.

That is a fundamentally different foundation.

Ukraine offers a third model, and in some ways the most instructive of all.

When Russia launched its full-scale invasion in February 2022, the global intelligence community made two catastrophic analytical errors simultaneously. It underestimated the will of the Ukrainian people to fight. And it overestimated the capability of the Russian military to win.

Both errors stemmed from the same failure: modeling hardware and not morale. Counting battalions and not belief. What followed rewrote assumptions that had governed Western military analysis for a generation.

Ukraine's patriotism did not emerge in 2022. It was forged earlier, in 2014, when Russia seized Crimea and ignited the Donbas conflict. By the time the full invasion came, Ukrainian national identity had already hardened into something that satellite imagery and order-of-battle assessments couldn't capture. The invasion didn't create Ukrainian patriotism. It revealed how deep it had already run. And then that patriotism enabled something remarkable.

Facing a conventionally superior adversary, Ukraine didn't try to match Russia tank for tank. It fused commercial off-the-shelf technology, open-source intelligence, and decentralized decision-making into an asymmetric capability that the Russian military, designed for a different era, structured around a different doctrine, couldn't absorb or adapt to fast enough.

Drone units guided by commercial satellite feeds. Targeting decisions informed by crowdsourced OSINT. Battlefield coordination running on consumer applications. The entire architecture of modern conflict compressed into tools available on the open market, operated by a population that had decided what it was defending and why.

This is the COTS revolution meeting the will-to-fight, and the combination proved more decisive than most professional militaries predicted.

Russia, by contrast, demonstrated what institutional brittleness looks like under pressure. A military built on centralized command, information opacity, and top-down control couldn't adapt at the speed the battlefield demanded. The architecture that was supposed to project strength became a liability the moment it encountered a distributed, adaptive, data-informed adversary.

Ukraine's lesson reinforces the same underlying principle as the GCC's, but from a different angle.

The GCC built institutional architecture first, and patriotism followed from demonstrated state competence. Ukraine had the patriotism first, and it drove a population to build the architecture, improvised, distributed, and lethal, from the ground up.

In both cases, the fusion of technology, intelligence, and national will produced an outcome that conventional analysis failed to anticipate.

In both cases, the side that could see more clearly, decide faster, and act with coherent purpose held the line.

That distinction, between patriotism as a response to failure and patriotism as a recognition of competence, or as a foundation for building it, may be the most consequential strategic variable of the current era that nobody is systematically measuring.

What This Means

This is not a story about the Gulf being exceptional. It is a story about a principle that generalizes.

States that invest in the architecture of modern statecraft, advanced systems, the intelligence pipelines, the data-enabled decision layers that allow governments to sense, process, and act faster than their adversaries, earn something that cannot be bought or manufactured through propaganda. They earn demonstrated competence.

And demonstrated competence, in moments of real pressure, produces legitimacy. Legitimacy, sustained over time, produces loyalty.

The epidemic of patriotism spreading across the GCC is not a communications campaign. It is not state-engineered sentiment. It is the downstream effect of governments that invested in their intelligence and defense infrastructure, demonstrated that infrastructure under fire, and let the results speak for themselves.

Security creates loyalty.

Competence creates legitimacy.

And in an era where citizens can watch state performance in real time — open-source, unfiltered, and comparative — the gap between governments that have the intelligence and defense architectures and those that don't is becoming impossible to hide.

The Gulf built those architectures. The crisis revealed it. The patriotism followed.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Expect Russia to Escalate Its Attacks on our Democracies

The Kremlin Files: For many in the West, Russian information warfare still conjures images of hacked emails, troll farms, and social media manipulation during the 2016 U.S. election and the Brexit vote in the UK. But those operations were not isolated incidents. They were part of a much older Russian playbook—one refined over a century by Soviet and later Russian intelligence services. Today, that same machinery is evolving again, becoming more aggressive, more technologically sophisticated with cognitive AI, and more focused on exploiting the deepest social fractures within democratic societies. The latest revelations about Russian-linked operations in Europe should therefore not surprise us. They should warn us.

A report released last week by the Organized Crime and Corruption Reporting Project (OCCRP) focuses on a new effort, ostensibly by the Russian Presidential Administration, hidden under several front companies, to sow discord and distrust among ethnic minorities and groups in several different countries. Dead pigs’ heads thrown onto the territories of Mosques, synagogues defaced, slurs against historic atrocities—all intended to get various groups in democracies fighting with and among each other, and for the benefit of the Russian Federation. The reporting is important, and more attention needs to be drawn to it in Europe and the United States. But the tactics are not new; they are classic Russian “active measures,” what they now call “measures of support,” carried out by their intelligence services. We can expect more of the same in the months and years to come.

The KGB was very clear on what active measures, or information warfare, were, and how they were meant to be used. The famous archivist-turned-defector Vasiliy Mitrokhin detailed active measures as he quoted from the official KGB training and operational guide: “agent-operational measures aimed at exerting useful influence on aspects of the political life of a target country which are of interest, its foreign policy, the solution of international problems, misleading the adversary, undermining and weakening his positions, the disruption of his hostile plans, and the achievement of other aims.” Sound familiar? The definition is worth breaking down further to demonstrate how it was applied and still applies to the Russians’ tactics today.

Russian active measures are principally the work of the SVR (the Service for Foreign Intelligence), the GRU or “GU” (military intelligence), and the FSB (the Federal Security Service). The SVR has a dedicated Directorate for this work, including information and cognitive warfare focused exclusively on the United States as the “main adversary” (glavnii protivnik) and on all of our close NATO and European allies. The goal is to use intelligence operations to discredit our democracies, mislead policies and political groups, and sow discord and disunity within our societies. The SVR and GRU both did this in 2016 with elections in the United States and with the UK’s Brexit, as cited by non-partisan reporting from the Senate SSCI committee (of which current Secretary of State Marco Rubio was a senior member), the DNI, and, in the case of the UK, by the report of a special commission.

There are always three elements of active measures, as I outline in my book and in its chapter on the same topic: identify the target, determine the operational method, and, most importantly, apply maskirovka to conceal Russia’s hand. All of this can be seen at play in the events in France, Germany, Armenia, and other countries, as highlighted in the OCCRP report, and many other incidents from recent years.

In the case of the dead pigs’ heads thrown onto Islamic centers, the goal is to incite potential unrest and political action by French political groups on all sides. The Russians hoped that these would be reported and activated as intended “cognitive strikes” within French society, and labeled as “racist attacks.” Distrust would be amplified with every media mention. The Russians no doubt (and likely correctly) guessed that some would deplore the attacks, some might try to explain them from one optic or another in light of French politics, and some might actually empathize (disgusting, but true with all such racist and ethnic hatred). But all of these are a win for Russian intelligence.

The Russian goal is to sow discord, just as they did in the U.S. elections of 2016 with social media trolling. Russian intelligence picked up issues then (in 2016 and 2020, in the case of U.S. elections). It will focus now on the most divisive issues to attack: racism, ethnic strife, abortion, LGBTQ, and other issues—again, not for or against, since the Russian services lack any sentimentality and no morals—but to foment societal division. A weakened adversary cannot counter Russia in Ukraine, the Baltics, or wherever Putin next chooses to launch aggression.

The methods selected can vary: from bribing a journalist to write a story to recruiting a politician or lobbyist to help start a political action group to sending actual operatives, as in this case, to carry out fake attacks to stir discord. The Soviets and Russians have done it before, many, many times.

And there is another key point here—the Russian services and their political masters in the Kremlin—President Putin and his siloviki —are not necessarily for or against any single political group or ideology, even when it appears there may be synergy with Russia’s views. That is incidental (including in the case of the 2016 election). Benefit to any one candidate was not their overall goal, though they may capitalize opportunistically in the short term. Any such gains are still subordinate to the overarching goal—to attack our citizenry and democracy, making the West weak and, ideally, our populations divided. The attack is fundamentally against democracy itself, and the Russians aim to get the French, or Armenians, or Americans to hate each other and fight viciously over the issues that Russian intelligence selects for their cognitive warfare.

Democracy is the threat. That is why Putin ultimately had to destroy Ukraine—he cannot stand a free and functioning democracy, yet another one, thriving on his borders like the Baltic states have done for 30+ years since their independence. Democracy and free societies work, but Putin can’t let the Russian people get wind of that. The West has to be portrayed as split, divided, and weak.

The Russian intelligence services and their Soviet forebears have been at this for 100 years, since the Bolshevik revolution in its earliest days. Spread disinformation, make use of “useful idiots” in the West who actually believed in communism, all the while Lenin insisted that “Iron Felix” Dzerzhinsky stood for organized terror. A divided opposition and adversaries would be weaker in trying to stop the revolution, Stalin’s expansionism before and after World War II, or the Cold War policies of the USSR within the Warsaw Pact. Today, they need NATO and the EU to be weak, the transatlantic partnership divided. We should not help them achieve their goals.

The final element, though, is the most important: what the Russians call maskirovka. The best translation for the term's intelligence understanding is likely “denial and deception.” Hide the hand and make it look like someone, anyone else, is to blame. The OCCRP report cites Russian Presidential Administration aides discussing and ordering that the operatives “believe they are working for Ukraine.” That is the essence of maskirovka, false flags, and deception. Just like the alleged Venezuelan manipulation of voting machines, what former U.S. Attorney General William Barr said was a “bullshit” theory (his word). But it makes for great maskirovka—blame the Venezuelans, anyone but the Russians.

And finally, about the Russian Presidential Administration directing so-called front companies in the report, like the SDA and SNG media, with lofty goals and mission statements like: to “compensate for the lost ties between residents of the countries of the post-Soviet space after the dissolution of the USSR, acknowledged as one of the largest geopolitical catastrophes in the world.” Again, more maskirovka, more hidden hands so that even if found to their roots, the roots don’t point to the intelligence services. The Russians use diversified cover for their intelligence service officers across all of their government, including in the Presidential Administration. It is filled with former and current KGB/SVR/FSB and GRU hardliners.

Why did they fail in this plot? Poor implementation and judgment of us, the West, their adversaries. The Russians have been underestimating the strength of free and fair investigative journalism for years. Bellingcat has repeatedly exposed its operations; OCCRP now joins that list and deserves real credit for doing so. But we still have a long way to go in countering Russian active measures and disinformation. Many in the United States, the UK, and across the EU –including some of our leaders-- still do not fundamentally believe the Russians are engaged in this kind of activity. And what Russian intelligence officers, organized crime groups, hackers, and proxies accomplished in 2016 can now be amplified exponentially through cognitive AI—magnifying social media trolling and influence operations ten-thousandfold.

The West must understand that this threat is neither temporary nor improvised. It is systemic, deeply rooted in Russian intelligence doctrine, and likely to intensify as the Kremlin feels increasingly isolated and strategically threatened. Moscow will continue turning to old and trusted tools—deception, division, provocation, and manipulation—because they are cheaper than tanks and often more effective. Democracies cannot defend themselves if their citizens no longer trust one another, their institutions, or even the basic idea of objective truth. If we think “elections are rigged,” that is a huge win for Putin. That is the real target of Russian active measures—democracy. Recognizing that reality is the first step toward resisting it. Russian intelligence services are trying to make “useful idiots” of us all. We shouldn’t let them.

Qatar's New Online Influence Machine

For years, Qatar has positioned itself in Washington as a trusted American partner: a host to major U.S. military assets, a mediator in hostage negotiations, and a wealthy Gulf state capable of talking to nearly everyone in a turbulent region. At the same time, Doha has earned a reputation for exerting influence by illicit means, such as the bribes that secured it the right to host soccer’s 2022 World Cup. Less recognized is the Qatari regime’s employment of an artificial media platform that poses as an independent news organization while promoting Doha’s agenda.

To complement Al Jazeera, its global media powerhouse, Doha created Eekad, an Arabic-language media platform that presents itself as an independent fact-checking and open-source investigative outlet. In actuality, Eekad is part of an opaque digital ecosystem with links to Qatari government ministries and contracted PR firms that consistently pushes narratives aligned with Qatar’s geopolitical interests, while attacking many of Doha’s regional rivals.

Eekad produces polished content that mimics serious investigations by using satellite imagery, network analysis graphs, and short-form videos designed for mass consumption across the Arabic-speaking world. It has built a strong audience online but obfuscates who funds, operates, and controls the platform. What is clear, however, is that multiple Eekad employees simultaneously worked at Al Jazeera, Qatari ministries, and state-affiliated organizations.

Eekad’s messaging follows a remarkable pattern. It regularly criticizes Israel, Saudi Arabia, and the United Arab Emirates while defending Hamas and dismissing criticism of Qatar. For example, after Hamas’s October 7, 2023 massacre in Israel, the platform questioned reports of atrocities committed against Israeli civilians while portraying criticism of Hamas as part of coordinated foreign influence campaigns. This jibes with Qatar’s position of holding Israel “solely responsible” for the October 7 massacre.

Eekad has also repeatedly defended Qatar’s reputation by attempting to debunk criticism of Doha. The platform worked to discredit allegations of labor abuses tied to the 2022 World Cup despite FIFA finding that “severe human rights impacts did ultimately occur in Qatar.”

These are the same narratives and talking points that Qatar has peddled outside the shadows of social media. Documents submitted to the U.S. Department of Justice pursuant to the Foreign Agents Registration Act show how Qatar has spent over $235 million dollars employing dozens of American lobbying and public relations firms to polish Qatar’s reputation and promote its relationship with the United States.

In some cases, Doha has employed U.S. firms specifically for outreach to traditional media. Tucker Carlson’s viral 2025 interview with Qatar’s prime minister is a product of these efforts. Qatar has invested in a significant U.S. media campaign in recent months, hiring a former CNN producer to serve as a registered agent in the United States, and encouraging Qatar-based academics to “examine strategies of sectarian hate speech and propaganda on social media in the Gulf region.”

The patterns hinting at direct Qatari government control of Eekad are difficult to dismiss. Washington tends to think about foreign influence through the lens of Russian troll farms or Chinese espionage, but Qatar is working to earn itself a place on that list.

Today’s influence campaigns increasingly operate through decentralized digital ecosystems: “independent” brands, influencers, and social media networks that can maintain plausible deniability while still advancing state interests. This is no secret to Qatar, which brought a group of conservative influencers to Doha over Thanksgiving 2025 on a luxury trip that resembled a sophisticated foreign influence campaign rather than an educational endeavor. One influencer, a veteran with nearly half-a-million followers on X, said he had an “eye-opening few days” learning about “the unique and mutually beneficial military and financial partnerships that we share with Qatar.” Months later, another online personality said that Qatar had invited him on the influencer trip but then told him that “they ran out of money for ticket allocation” after he posted a video “questioning Qatar’s influence in America.”

Platforms like Eekad are effective because they do not resemble traditional state propaganda outlets. Their content adopts the aesthetics of scrappy open-source intelligence and online fact-checking outlets, helping the material to appear credible to ordinary viewers. It is a suitable approach for countries like Qatar, which seek to maintain close military and diplomatic ties with Washington while promoting narratives directly harmful to American interests.

When meeting with Qatari counterparts, senior U.S. leaders should make clear they aware of Qatar’s underhanded methods and that Washington will strip Doha of the privileges of being ally if behaves like an adversary.

The Cipher Brief participates in the Amazon Affiliate program and may make a small commission from purchases made via links.

Sign up for our free Undercover newsletter to make sure you stay on top of all of the new releases and expert reviews.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

The Forgotten History Moscow Doesn’t Want Remembered

Sadly, few in the U.S. and Europe know the complicated history of the Kremlin’s actions in the years leading up to Hitler’s Invasion of the USSR. This is partially a result of Moscow’s emphasis on some facts, twisting other facts and effort to ignore it to suppress critical facts that threaten and undermine the Kremlin’s propaganda and cognitive warfare narratives. Just a few reminders:

Putin’s “historians” often forget to mention the fact that in 1939, when Hitler invaded Poland, the Soviets not only did NOT join the UK and France in standing up to that aggression, but participated in the unjustified occupation - with Moscow and Berlin dividing Poland amongst themselves. You can find photos of Soviet NKVD and German Gestappo officers meeting in occupied Poland, where they were working to target Polish officers and citizens. As Russian historian Nikita Sokolov notes in his article “Victory Instead of the Truth: Myths and Blank Spots Related to the Topic of the Great Patriotic War”, prior to Germany’s invasion of the Union of Soviet Socialist Republics (USSR) in June 1941, the Soviet leadership not only refused to aid the United Kingdom and France when they went to war with Hitler’s Germany and Italy in 1939, but Soviet censors prohibited writers from writing negatively about Nazi Germany and between 1939 and 1941, the Kremlin banned 4,000 publications that were critical of Berlin from being published.

There is also the matter of the “Winter War” waged by Moscow against Finland between November 1939 and March 1940. An aggression conducted against one of the Soviet Union’s neighbors that was justified by the false claim that the Finns were threatening to invade Soviet territory and occupy Leningrad and preceded by a classic provocation – when the Soviets conducted a false flag operation and opened fire on their own troops along the Soviet – Finnish border, then claimed that the attack was perpetrated by the Finnish Armed Forces, justifying Stalin’s invasion of Finland.

When France signed an armistice with Berlin in June 1940, the United Kingdom stood alone facing the full might of German and Italian forces. Moscow did not support London during this period, but instead, was busy seizing Polish and Romanian territory, occupying the Baltic States and providing its German allies with raw materials used to fuel the German war machine.

While the Germans were bombing London and other British cities, Stalin was helping them. In a sign of just how absurd Russian propaganda about the Second World War can be, one Russian news program I recently watched made the claim that London was, in fact, never bombed n by the Germans but instead, was bombed by the British themselves as part of a false flag operation conducted by London against its own population. (NOTE: This kind of lie might be hard for many to understand, but not Russians who are well aware of the fact that their own government has conducted false flags and provocations against the Russian population to justify various government decisions going back to Tsarist times.)

Putin’s propaganda machine likes to promote the image of Ukrainian and Baltic peoples siding with the Nazis against the USSR to justify Russian aggression against its neighbors. Historically, it is a fact that many in Ukraine and the Baltic States initially welcomed the Germans - because they were seen as a relief from Stalin and his regime, that had terrorized the Soviet Union for years, including arresting and sending millions of Soviet citizens to their deaths via purges, mass arrests, forced labor projects and forced starvation programs. But the same historians also tend to remain silent about the shame that, during the Second World War, large numbers of Russians also went over to the side of the Germans. Few in the West are familiar with the story of Stalin’s “Favorite” General, Andrii Vlasov, who after being captured by the Germans in 1941, volunteered to lead thousands of Russian troops who had been captured by the Germans against the Red Army. Vlasov Army consisted of a large number of ethnic Russians who choose to fight against the Soviet Union and was augmented by many other ethnic Russians from the USSR’s “First Wave” of emigration living in Europe at the time – former officers of the “White Movement” who fled Russia during and after the Russian Civil War and volunteered to help Fascist Germany in its fight against Moscow.

The Kremlin’s scribes often falsely claim that Moscow “single handedly" defeated the Nazis and won the war while the UK and U.S. sat on the sidelines. The argument is repeated that London and Washington delayed the opening of second front in Europe to relieve pressure from the Soviets. Of course, Putin’s “historians” often fail to recall that while the American, Australian and British troops were fighting a bloody and brutal war against Imperial Japan in the Far East, Comrade Stalin refused to declare war on Tokyo until after it was clear that the allies had knocked Japan out of the war in 1945, opening the way for the Soviets to grab territory from an already defeated country.

Not only did the Soviets fail to support the allies in the Pacific, but Stalin actually worked clandestinely to spark a war between the U.S. and Imperial via operation “Snow” in 1941.

British and U.S. operations in North Africa and the Mediterranean were not enough for Stalin, who insisted that London and Washington expand their efforts in Western Europe to save him from the same Fascist regime that Stalin signed the Molotov Ribberntrop pact with only a few years earlier.

While the U.S. was funneling assistance to the Soviet Union via the “Lend Lease” program, Mosow was conducting aggressive and extensive espionage activities against its “allies”, recruiting and running large agent networks tasked with stealing just about any secret that they could get their hands on. Of course, Putin remembers this part of the “alliance” and loves to gloat and glorify the Soviet Intelligence officers who were behind operations like “Snow” and “Enormous”.

The same “historians” that love to boast about how the “Russians” defeated Hitler’s Germany, rarely mention the direct impact the allied strategic bombing campaign had on the Hitler’s ability to wage war. This air campaign, which cost the lives of large number of U.S. and Allied Airmen, was a key element in the defeat of Hitler’s Germany, with sorties significantly disrupting German defense production and energy supplies needed to equip and power the German military.

There is no doubt that the people of the Soviet Union suffered greatly during the Second World War, or as it was referred to by the Soviets as “The Great Patriotic War”. But it was not only the Russians of the former Soviet Union that paid a terrible price for the failure of diplomacy and common sense that led to the worldwide conflict. Millions of Soviet citizens died during that horrible period. Uzbeks, Tajiks, Ukrainians, Belarussians, Kazakhs, Azerbaijanis, Armenians, Kyrgyz. Each former Soviet Republic sacrificed to defeat the Nazis and those tremendous sacrifices should be remembered and respected. But why does the Kremlin today try to present Russia alone as the sole victor in the battle against Facism?

Why? During the Cold War, the Central Committee of the Communist Party of the USSR tried to cover up its own failures and mistakes by promoting false narratives about the war. Among other things, the goal was to present the U.S. and “West” as aggressors, downplay their roles in defeating fascism and aiding the Soviet Union survive Hitler’s onslaught, which as Sokolov notes, could not have survived German aggression without help from the U.S. and other allies. Following the collapse of the Soviet Union in 1991, as the new Russian Federation (RF) attempted to build better ties with its former Cold War enemies, there was a recognition of the role played by Washington, London, Ottawa, Canberra and other allied nations in defeating the Nazis. But with Vladimir Putin’s ascendency to power in the early 2000s, Russian history once again saw a re-introduction of the Cold War era theme designed to denigrate the contributions of others in defeating Hitler and promote Russia as a great power.

Putin’s own behavior towards his neighbors since his invasion of Georgia in 2008, and assault on Ukraine starting in 2014, has made Putin synonymous with Hitler. Today, those subjected to the war crimes and atrocities inflicted upon them by the Russian Military see the Russians who condone Putin’s war of aggression as being synonymous with those Germans who either played a direct role in promoting Hitler’s policies or who passively went along with those policies.

I can say from my past experiences traveling in both the Soviet Union and Russia over the past 40 years that while official propaganda often tried to deny the roles played by the U.S., UK and others in defeating Nazi Germany in the 2nd World War, many Russians remembered with fondness the sacrifices made by their allies to help the against the Third Reich. The Russians themselves remembered the lifeline they received via Lend Lease; the incredibly treacherous journey allied merchant ships took delivering supplies to the USSR. They would often recall the photo of U.S. and Soviet troops meeting on the Elba River, recognizing this event as a symbol of cooperation and mutual sacrifice. And these same Russians would often tell me how horrific the war was and how much they wanted to avoid living through the horrors of another conflict.

Unfortunately, Russia’s current autocratic leader has ordered his historians and propagandists to re-write history with the goal of denigrating the role all of the allied powers played in destroying Fascist Germany and ignore the fact that the USSR failed to join the war effort against Imperial Japan until the war in the Pacific was almost over. We should never allow him to get away with giving credit to those who earned it and as with all of Putin’s disinformation, call it out whenever and wherever encountered and counter his distortions with historic facts.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Rubio Lays Out Trump Administration’s Iran Endgame

“He [President Trump] felt it was imperative that Iran not be able to establish a conventional shield that they were building with massive number of drones and missiles, and they were on their way to getting double what they had, and if they reached the point where they had so many missiles and so many drones plus their naval capabilities that existed at the time, Iran would then say to the world there's nothing you can do about our nuclear program because if you do we will overwhelm your defenses with the sheer volume of launches that we have and then they could do whatever they wanted on their nuclear program. That was an unacceptable risk. It was a risk that we were running out of time to address.”

That was Secretary of State Marco Rubio, testifying last Wednesday before the Senate Appropriations Committee and providing the latest rationale for the U.S. joining Israel in the first February 28 bombing attack on Iran.

Rubio went on to claim that prior to the decision to attack, Trump and his advisors weighed the risks, “not just [to Iran closing] the Strait [of Hormuz], but also the attacks against Kuwait and Bahrain and UAE (United Arab Emirates) and Saudi Arabia and Qatar. It was weighed against that and the President made a decision that not having a nuclear weapon above all else had to be the priority.”

Wednesday’s Senate Appropriations appearance was Rubio’s fourth time testifying last week before Congress, nominally about the State Department’s fiscal 2027 budget, but in reality providing public answers to a whole series of administration wartime and foreign policy activities that have seen various explanations for weeks.

I will discuss some of Rubio's policy explanations to Senate and House members last week in a moment, but the hearings also provided surprising new information, not all of it from the Secretary of State.

For example, did you know the Trump administration has had three classified criteria it has used to determine which so-called narco-trafficking boats should be blown up in the Caribbean and eastern Pacific Ocean? Up-to-now at least 207 people have been killed as the result of more than 60 such U.S. strikes, with little public explanation.

At last Tuesday’s Senate Foreign Relations Committee hearing, Sen. Tim Kaine (D-Va.) told Rubio, “I know what the targeting criteria are because of briefings I've had in this committee and in the [Senate] Armed Services Committee. It's all been classified and I'm not allowed to discuss the targeting criteria because they've only been shared in classified [settings].”

However, Kaine added, “I don't think I'm prohibited from describing things that aren't targeting criteria.” He then said what had surprised him was that “There's evidence of narcotics on the

boat. That is not (emphasis added) a targeting criteria…They have not used the presence of narcotics on the boat as one of the targeting criteria,” Kaine repeated.

Kaine then asked Rubio, “Why would the administration not include the presence of narcotics in the boat as a targeting criteria?” and Rubio replied, “As you've just outlined, I can't discuss the specifics of the targeting criteria, but I can tell you the one thing that is obvious is that the targeting criteria is not single source. In essence, there are multiple checks...and all of it informed and infused by intelligence collection.”

Rubio added, “I'm not aware of every strike because it's not reported [to him] on a regular basis, but there have been strikes that they've walked away from because it doesn't meet the criteria or because there's doubt.”

Later, at that same hearing, Sen. Rand Paul (R-Ky.) noted “that the statistics from the [U.S.] Coast Guard also say that when we interdict alleged drug boats in the historic way, the way we've always done it, about one in four don't have drugs. We make mistakes. We see something suspicious about the boat. We stop them and they don't have drugs on board.”

Then Sen. Paul went on, “I would also like to add that drugs is not a criteria for blowing up the boats, the boats that are called drug boats, but neither are arms (emphasis added). So, in order to blow them up, we don't have to say that they're armed or have drugs. And I think a lot of people would have questions, which I still do.”

It’s obvious the so-called criteria for these strikes needs more explanation.

Another issue, brought up at Wednesday’s hearing, came from Sen. Jeanne Shaheen (D-N.H.) and related to the more than 100 vacant U.S. ambassadorial posts around the world.

Shaheen told Rubio, “The fact is it's not the Foreign Relations Committee in the Senate that is holding up those nominees. It's the fact that the nominees are not being submitted to us [and] those nominees who start to go through the process often aren't willing to comply with the ethics requirements that require that they divest of their outside holdings.”

Noting that “you just sent over 20 nominees of whom only four are career people,” Shaheen said, “So the problem is not in the Congress, the problem is in the administration. And I hope that you will begin to take up that slack by appointing more career ambassadors.”

As for today’s main issues, Rubio made clear the re-opening for shipping through the Strait of Hormuz was the U.S. priority with Iran, while solving the nuclear issues with Tehran comes second.

As Rubio put it on Wednesday before the Senate Appropriations panel, “The only reason there is a [U.S. Navy] blockade is because of what they've [Iranians] done in the Strait. The fact that they are telling the whole world we will not let your ships through unless you pay us a toll. And we can never accept that -- that we can never accept, the tolling system in the Strait. If we accept that in the Strait it will be replicated in multiple places around the world. There'll become a new status quo, everyone will want to do one.”

Rubio added that Iran had “mined the Straits and are shooting drones at ships. So, they need to stop doing that. They need to cooperate with the removal of the mines. And if they do that, then [open] the Strait, then the blockade comes off.”

At another point last Wednesday, Rubio said as part of the negotiations, once the Strait is opened, the U.S. blockade withdrawn, “they [the Iranians] would agree as part of all of this that they are prepared to sit down and negotiate an agreement that disposes of the highly-enriched uranium that limits, and/or prohibits, their enrichment program.”

Rubio continued, “In return they [the Iranians] would be able to have some, not all, of the sanctions that they are facing for their nuclear program potentially waived or reduced, but that would be only be depending on what they give, and of course these things all have to be verifiable.”

Rubio further explained, “The highly-enriched uranium you can verify because when it's removed it's removed. The enrichment monitoring is the one that's going to be critical for any deal to be successful.”

Toward the end of the Senate Appropriations hearing, Rubio summed up nuclear negotiations saying, “What's been offered to them? There's no down payment or bonus for entering into negotiations. So what's been offered to them is everything that they ask for will be commensurate with what they're willing to give as part of the broader negotiation for a deal…The only thing they get for opening the Strait is the lifting of our blockade.”

On enrichment, Rubio clarified, “What we're focused on, I think most people are focused on, is the highly-enriched uranium, which is, you know, like the 60% [enriched uranium] for example, that we know they still possess that can quickly be turned into 90%. That's what the term highly- enriched uranium is. There's some 20% enriched as well, but the bulk of what the world is concerned about is the 60%.”

During his appearance before the House Foreign Affairs Committee last Wednesday, Rubio gave a hint of whom, among the Iranians, they hope they are dealing with.

Rubio explained, “As you know, the Iranians suffered tremendous losses in personnel, and that includes top leadership of the IRGC (Islamic Revolutionary Guard Corps) and other elements of their government. What the President [Trump] is alluding to is that there are certain individuals in the Iranian regime who have indicated both directly and indirectly a willingness to approach the future perhaps a little differently. Not ideal. I'm not telling you. Look, everybody talks about moderates in Iran. There are no moderates. There are radicals and super radicals. Okay? That's been our view of it. But there are some of them that believe that they actually need to do a deal because their economy is in shambles. And so I think what the President is alluding to is that there are some individuals involved in the negotiations and in elements of their government including some in elements of their military that are more open to a deal than others.”

Asked about post-President Maduro Venezuela during last Tuesday’s Senate Foreign Relations hearing, Rubio said, “Venezuela is in a better place today and in a better trajectory today than it was five months ago. Now, is it where it needs to be? Is it where it needs to ultimately wind up? The answer is, of course, no.”

Rubio explained, “Ultimately, in order to truly transition, they have to have multi-party free and fair elections. But the conditions for free and fair elections are the following. First of

all, you have to have a free and open media. And while you've seen independent journalists are now for the first time activated again, that has to exist. Political parties have to be given the space and time to organize. The National Electoral Council has to be reformed so that it has members in it that will actually accurately count the vote. You have to have certain conditions in place. I'm not telling you that's five years from now, but it's been five months. So I want to be relative to that.”

On Cuba, Rubio told the Senators, “Cuba is actually not controlled by the government. Cuba's controlled by a military holding company named Gaesa. And Gaesa virtually owns everything, they own the tourist sector, they own mining, they own the gas stations, they own everything. They generate about 70% of Cuba's GDP [which]is under the control of this military company and they're sitting on between $14 [billion] and $17 billion in assets. So you have people literally starving, a power grid that hasn't been maintained in 10 years. And yet you have this holding military company sitting on these assets. And by the way, not a penny of the money in the military holding company translates over to the public treasury.”

With that background, Rubio said that for Cuba “not to continue to be a failed state, which poses a threat to the United States, they need systemic and serious reform. They need to have economic reforms. And the question is, can they possibly reform given the people who are currently in charge both of Gaesa and of their government?”

Not surprisingly, Rubio went on, “I really don't believe this system [in Cuba] is capable of reform unless new people take over or a new mindset takes hold. Now, we've engaged in conversations with them. We've offered them what I think needs to happen in order for their economy to recover,” but he did not explain what that was.

Whether or not Rubio’s information turns out to be accurate and his views of where things should be headed even prevail, the words of this Secretary of State/acting White House National Security Adviser need serious consideration because on top of it all he may be a future Presidential candidate.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Middle East at the Brink: Norm Roule on Iran, Israel, and the High-Stakes Struggle Taking Shape

As tensions between Israel and Iran continue to evolve following a weekend Iranian ballistic missile attack against Israel, policymakers and markets alike are grappling with a complex and uncertain landscape. A very fragile ceasefire, ongoing disruptions to maritime traffic in and around the Strait of Hormuz, threats of new escalation by the Houthis in the Red Sea and continued diplomatic engagement between Washington and Tehran underscore the highly complex military, economic, and political dynamics now shaping the region. While fears of a broader regional war have eased somewhat, for now, key questions remain about the durability of any ceasefire, the future of nuclear negotiations, and the security of critical energy and trade routes.

To help put these developments into perspective, The Cipher Brief spoke with former National Intelligence Manager for Iran (NIM-I) Norm Roule. In this conversation, Roule examines the multiple layers of the current crisis - from maritime security and energy markets to Iran's regional strategy, proxy networks, nuclear diplomacy, and the implications of renewed Israeli-Iranian confrontation - offering his assessment of where the conflict may be headed and what policymakers should be watching next.

Norman T. Roule

Norman Roule is a geopolitical and energy consultant who served for 34 years in the Central Intelligence Agency, managing numerous programs relating to Iran and the Middle East. He also served as the National Intelligence Manager for Iran (NIM-I)\n at ODNI, where he was responsible for all aspects of national intelligence policy related to Iran.

Understanding a Multi-Layered Crisis

The Cipher Brief: The tenuous ceasefire in the Middle East involving Iran may be collapsing. Iran has fired a fresh barrage of missiles at Israel, and reportedly, President Trump attempted to restrain Israel from retaliation. We have seen a growing number of reports that container ships and oil tankers are beginning to trickle out of the Strait of Hormuz, albeit sometimes under fire. At the same time, we have reports that the Administration’s negotiators are consulting nuclear experts to develop the next phase of talks with Iran. The situation is difficult to understand. Can you put this into perspective?

Roule: The best way to look at the current situation is to see it operating on several levels in parallel. The levels interact, but they can also progress independently. The situation is brittle, but each process has predictable elements because each level is maintained by a consistent set of actors whose strategic motivations are constant. The ceasefire, such as it is, concerns Iran itself and should not be considered to include Lebanon. This arena will remain a disruptive element over which the U.S. will have limited influence. Regarding the Strait of Hormuz, we should view it as a contested enforcement crisis sustained by a nominal ceasefire, with the post-strike and ceasefire diplomatic endgame not yet in sight.

The Strait of Hormuz and Maritime Pressure

The Cipher Brief: What is the current state of shipping in the Strait of Hormuz?

Roule: Iran continues to press ships to pay for passage through Iranian-designated routes or Iranian transit-control arrangements in and around the Strait and will continue to do so. There are credible reports that the Strait is mined, but this has not been publicly confirmed. Most ships appear to be moving through Omani waters, where the U.S. military is providing some level of informal protection, short of formal escort, as they pass through the Strait. The U.S. Navy has repeatedly and appropriately demonstrated that it will tolerate no threats by Iran and has destroyed Iranian drones and struck coastal radar or other military assets when they threatened maritime traffic or U.S. forces. These operations have likely constrained Iran’s actions. We should expect Iranian tests of the U.S. to continue, however, if only because Iran knows that even a small number of attacks will prevent most shippers from testing the route and will keep insurance rates prohibitively high for cargo traffic.

The Economic Squeeze on Iran

The Cipher Brief: Tell us about the impact of the blockade on Iran.

Roule: The impact is significant and almost certainly far greater than Iran is willing to admit, and growing every day. Before the blockade, Iran’s oil exports were commonly estimated at 1.4 to 1.8 million barrels per day, depending on whether one counts crude, condensate, refined products, and shadow-fleet flows. Oil and gas exports accounted for roughly 15 percent of GDP. Iran’s exports have fallen sharply, with current flows measured in the hundreds of thousands of barrels per day rather than pre-blockade levels. May crude and condensate exports will be well below 300,000 bpd. Unemployment is growing. Inflation is growing. Iran’s rial open-market rate now hovers around 1.7 million per dollar. The economic erosion and associated domestic political costs will be cumulative in a country that was already shaken by unprecedented nationwide unrest in December and January.

Iran's Regional Strategy

The Cipher Brief: What are Iran’s options to weaken the impact of sanctions?

Roule: We are seeing these play out in real time. Iran is using Pakistan, Caspian, Turkey, rail, and other land routes for limited trade leakage, but these cannot replace seaborne crude exports to China at scale. Tehran will also press shippers to pay for passage through waters it controls. Militarily, use missile and drone attacks on Kuwait, Bahrain, some of the ships transiting the Strait, and now missile strikes on Israel to show the limits of U.S. power, to split regional alliances, and to keep oil prices as high as possible. In terms of foreign engagement, the Foreign Minister must use travel to show Iran is not isolated, and the Quds Force needs to sustain its relations with proxies and to keep international attention on Israel, and influence U.S. public opinion against continuing the conflict.

The Future of Nuclear Diplomacy

The Cipher Brief: Tell us about Iran’s broader regional motives? What prompted Iran to attack Israel with missiles this evening? Why is Iran so focused on Lebanon?

Roule: The ongoing crisis prompted by the Iranian missile attack on Israel risks significantly changing the region’s strategic map, but before we talk about today’s developments, let’s unpack some of the other issues that led to it. I think that will lay a good foundation for understanding Iran’s motives in launching the missile attack and help explain these attacks and where the broader region is going.

First, neither the United States nor Iran wants to see a return to open hostilities such as those seen in the first weeks of the conflict. Tehran needs domestic stability, and Washington has no interest in another war in the Middle East. Therefore, the weight of the conflict, as well as the pressure tool for talks, shifted to the Strait of Hormuz because each side sees this lower-intensity battlespace as offering leverage without the risks of that broader conflict.

There are routine reports that a small number of ships are exiting the Strait, sometimes under fire from Iran. The ships are generally moving through Omani waters, but there are rare reports of ships choosing to travel through Iran’s side of the Strait. This flow is sufficient to allow Iran to demonstrate that it will deal with those countries that pay the price of passage, but also allows Washington to show a capacity to defend shipping willing to fall under its informal protective umbrella. Tehran continues to hope for an arrangement in which it can collect a fee for each ship. This plan has been soundly rejected internationally, and the U.S. has already sanctioned the entity the Iranians set up to manage the Strait due to its links to the Revolutionary Guard. Any company that pays a fee to Iran will risk U.S. sanctions.

We shouldn’t expect Iran to drop its demands on the Strait, however. Washington, on the other hand, sees its blockade of Iranian ports, coastal areas, and Iranian-linked oil shipments through the Strait as its best means of compelling Tehran to accept nuclear concessions. Neither side will easily give up this influence without substantial concessions from the other that would need to be tightly sequenced in a carefully orchestrated diplomatic deal that has yet to be arranged. For the U.S., the price would have to be a firmer commitment to nuclear concessions. Tehran will seek substantial financial inducements and likely long-term sanctions relief.

Second, as events play out, Tehran is converting geography, missile reach, and proxy survival into fresh coercive regional leverage and using nuclear engagement in a new game with very high stakes. Tehran sees its control of the Strait as giving it not only a stranglehold on the economies of its Gulf neighbors, but long-term global economic influence. Let’s spend a moment on this. In addition to the oil, distillates, and hydrocarbon products that have filled the headlines, the Strait is also home to at least seven major undersea fiber-optic cables that carry a critical share of Gulf international connectivity for the Gulf states. Together with energy targets, this would give Iran the ability to threaten the region’s oil, LNG, insurance, and freight, but also put at risk cloud connectivity, banking, military communications, energy trading, telecom networks, and Gulf economic diversification. Iran targeted cloud and data-center infrastructure, including facilities supporting AI workloads in the region, in drone attacks. This will become another avenue of threat, although Gulf states are already taking steps to harden these facilities. For the Gulf States, and for the world, the idea that we would allow a situation where Iran could threaten such an AI infrastructure tied to the global financial system at a time when the GCC states are investing heavily in data centers, cloud services, and fintech that would only expand the impact of that network should be of the greatest concern.

Returning to regional militias, it comes as no surprise that a regime dominated by the Islamic Revolutionary Guard Corps has made protection of proxies a pillar of its national security policy. Since the end of the Iran-Iraq War, the IRGC doctrine has been to rely on a palette of asymmetric tools – including proxies, missiles, and other asymmetric weapons – to achieve regional dominance. Militias provide Iran with a means to project power throughout the region and to influence shipping in the Red Sea. Although indeed, Iran’s proxies were severely damaged in recent years, they all survived. Iran’s humiliation at the time was that the proxies were neither able to serve as a strategic defense to Iran when needed, nor was Iran able to defend them in their hour of need. The current regime in Tehran has shown from its arrival that Lebanon, or rather Hezbollah, is a core national security pillar. If Hezbollah falls, the current regime cannot claim to be any more successful than its predecessor. What remains to be seen is whether this decision will affect unrest in Iran. In recent demonstrations, some protestors complained that the government spent more time on proxy issues than on national problems.

None of this means diplomatic talks can’t continue. Indeed, as history has shown over the past decades, Iran has had no difficulty pursuing lengthy diplomacy while pursuing similar programs. The Iran nuclear talks in the Obama administration continued during a period of Qods Force regional expansion. Despite the sometimes heated rhetoric on each side, Washington and Tehran have pursued diplomacy, passing draft proposals via Pakistan and, reportedly, messages via Gulf partners. Although slow progress is common in the world of indirect Iranian diplomacy, the security conditions of the new Iranian government, Tehran’s need to form a system under fire, and the very consequential nature of these issues for each side make the idea of fast talks in this case unrealistic in the extreme.

Each side also has some reason to believe economic and political pressures will compel its adversary to make concessions if only they can stand firm longer. Washington knows sanctions are gnawing at Iran’s economy. Tehran is watching oil and natural gas prices creep higher as inventories decline. This makes predicting the conclusion of talks difficult. Despite what is sometimes said in the press, the issues are likely well understood by each side. After all, they have been discussed for years in some cases. The first challenge will be to develop the mechanics of a sequenced series of steps to overcome the distrust between the two sides and to deal with domestic opponents of engagement in each country. Events and politics on each side throw the occasional wrench into the talks.

Challenges with any near-term agreement

The Cipher Brief: What happens if we do sign a memorandum of understanding (MOU) with Iran?

Roule: An MOU would only be the beginning of a longer process, and we shouldn’t be overly optimistic that the outcome will be as productive. Iran refuses to give up its right to domestic enrichment, and until it disbands the Quds Force, we can expect it to threaten its neighbors and the world with militias and terrorists. That is a recipe for sanctions and potential military action. It may be possible to remove Iran’s buried enriched uranium and increase IAEA access, but this will probably be a lengthy and complex diplomatic process as well.

The confidence-building stage in the MOU implementation would involve disbursing financial relief to Iran without the U.S. withholding the same at the last moment. For the U.S., financial relief will need to be managed in a way that will allow Washington to say that the funds are not being used to fund terrorism or missile proliferation. The Strait would need to be opened quickly and loudly, and the Trump administration would need to be able to point to progress in nuclear talks. Both sides would claim victory for their respective political bases, and Iran’s rhetoric would aim to humiliate the U.S. Inevitably, the strength of any MOU would be tested. With luck, the only test would be enduring the rhetoric of Iran’s hard-line officials, but more significant and challenging tests are possible. Last night’s example of Iran’s missile attack on Israel is a good example. Hezbollah or other proxies will continue their attacks.

When you put all of this together, we need to recognize that we are now in an era where Iran feels able to use a blend of conventional and proxy weapons against Israel and its neighbors more freely than at any time in the past. The concept of deterrence against Iran has been tested during this conflict, and new realities have been laid bare. I don’t think we have spent enough time thinking about what this means.

Israel, Hezbollah, and Escalation Risks

The Cipher Brief: So, let’s move to Israel and Lebanon. We realize this is playing out live. How should we look at this?

Roule: We are watching the real-world consequences of allowing Iran to destabilize the Middle East through its proxies. The chronology of this event is important because it shows what the future of the Middle East will look like unless we do something to change Iran’s role. Rocket fire from Lebanon into northern Israel prompts Israeli retaliatory airstrikes against Hezbollah-linked targets in Beirut. Iran then fires ten missiles against an Israeli airbase. Washington tried to constrain Israeli retaliation against Iran, but this was unlikely to succeed, even though it would be a disruptor in the nuclear talks. Israel’s Lebanon campaign in response to Hezbollah attacks will remain a variable that Tehran is using to link the U.S.-Iran track to Levant security. At the same time, Washington’s Iran channel does not control the Israel-Lebanon track, which will be subject to events in that arena and the actions of Israeli and Hezbollah actors.

Any Israeli Prime Minister would need to show their people, and Iran, that Tehran and its proxies cannot attack Israeli territory and escape punishment. That principle has been a firm element of Israeli security policy, especially since the October 7 Hamas attacks. Israel’s attacks against Iran included military targets and at least one petrochemical target of importance to the Revolutionary Guard. This strike appears constrained and contains a message that Jerusalem is prepared to damage more than military targets if Tehran continues. One suspects that Iranian officials have also adopted security protocols to enhance their safety. This will slow any talks that are underway, although it doesn’t appear that Israel attempted strikes against Iranian leadership.

What the Crisis Means for Energy Markets

The Cipher Brief: What are your thoughts on energy markets going forward?

Roule: Turbulence will remain a constant, but the market seems to have already accepted the idea that neither Iran nor the U.S. is interested in a broader conflict. Absent a significant change in conditions, that will likely continue.

Looking more broadly, the Iran conflict has made it clear that energy distribution security is now a permanent variable in energy markets planning. The direction and scope of energy, telecommunications, and transportation infrastructure budgets for the GCC will be major policy challenges in the coming years.

Next, I’m sure your readers have noticed the impact of the conflict was less severe than some initially predicted. A handful of factors contributed to this, including the fact that energy sources are far more diversified than they were a decade ago. In addition to the U.S., Brazil, Guyana, and even Venezuela are producing more oil than before. Riyadh and Abu Dhabi were able to increase production rapidly during the crisis because of wise, pre-crisis investments in infrastructure. Countries drew upon strategic reserves. China purchased less energy over the last few months. Europe and Asia made cutbacks. All of this bought time and space for markets. Nonetheless, Asia and Europe have already faced steep price increases, and the U.S. is likely to face the same if supplies do not improve in the coming weeks.

Lastly, in the medium term, a ceasefire or framework agreement between the United States and Iran will cap the panic premium, but it won’t eliminate the physical market premium. This will require a substantial change in supply. And this will require underwriters to return with lower insurance costs, ship traffic to normalize transponder use, inventory rebuilding, and Gulf crude and LNG moving routinely to markets globally. It will also take weeks following an agreement for the backlog of ships to work through Gulf ports and reach their destinations. This means price distortions in physical markets will linger even after an agreement.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Alex Younger: An Unusually Likeable Human Being, And A Spy

Sir Alex Younger died earlier this week at the age of 62. He had been fighting cancer for some time.

Alex was Chief of the Secret Intelligence Service (SIS, more popularly MI6) from 2014 to 2020. For most past and present MI6 officers, he was the best-loved Chief anyone had known.

One reason for this was that Alex had risen through the ranks. A good MI6 head does not need to have done so. But there is an undoubted advantage in a humint service to have a leader like Alex who has spent years operating under alias and diplomatic cover, who has had gritty operational discussions with a bewildering variety of foreign liaison services. Who has done his time as a desk officer in Century House and Vauxhall Cross, managing the egos of superiors, colleagues and officers in stations overseas. Who knows what it’s like waiting under alias in the hotel of some god-forsaken place, wishing he was back in Britain with his beloved wife and family.

A second reason was that Alex was a thinker. He had a strong set of values and beliefs and was happy to talk about them. He was a believer in the Enlightenment – the ideas circulating in Europe and elsewhere in the 18th century, advocating reason, challenging superstition and prejudice. He believed that these ideas had brought humanity to a better place and would continue to do so; that those who resisted reason and enlightenment should be challenged and never yielded to. I suspect as a young man he left the army to join MI6 because he could better – and more enjoyably – fight that fight.

But he also thought about national security and where it needed to be in the twenty first century. For him MI6 could not just dig itself into a humint trench, carrying on as before, on the assumption that all that mattered was people. A humint service that was not engaged with science and technology, threats and opportunities, was going to become a museum piece, and a rarely visited one at that.

A speech he gave as Chief 8 years ago at his old university, St Andrews in Scotland, showed he had been thinking deeply about AI – now on everyone’s minds. He was clear that a modern humint service had to engage with technology and the nature of hybrid conflict. “We and our allies face a battle to make sure technology works to our advantage, not to that of our opponents,” he said. “Liberal democracies should approach this with confidence”.

The third reason was that Alex was an unusually likeable human being. He was a spy. When an agent is going to accept tasking from an intelligence officer, the agent needs first and foremost to trust the officer: their competence and integrity. After that, the agent is looking for someone he or she likes: someone who has a good sense of humour, who understands you, convinces you this is the right thing to do. Alex was unusually strong in all these respects. He was a fine case officer.

And these strengths translated to the increasingly demanding leadership roles he took on: head of station in Kabul, Director Counter-Terrorism, Director-General Operations and finally, Chief. Alex was well known for walking the corridors, talking to staff of all grades. This meant that people across the organisation felt valued. They could say whatever they wanted to him, the franker the better. It meant that Alex, as leader, learned stuff that perhaps his immediate leadership team had not shared with him. He knew what everyone working for him did and what they needed to do it. He was the most approachable of people. He did not set out to intimidate or impress you with how busy or important he was. Noone had greater humility. It was a different, but entirely successful, type of leadership.

Alex also believed in partnership. Relationships with the rest of the British intelligence community – with MI5 and GCHQ – were made deeper and broader. So were relationships with the police, military and other government departments. Strategic cooperation with foreign liaison partners was strengthened. Of particular importance to Alex was the relationship with the US. Operational cooperation with the CIA had been important for much of his career, and he valued the unique intelligence sharing and cooperation between the two countries. It was in the US that Alex sought a possible solution to his last illness, and in the US that he passed away.

Alex’s wisdom and foreign affairs experience were highly valued by a succession of British prime ministers – Cameron, May, Johnson. After retiring from public life, he built up quite a following in Britain of people impressed by his occasional media appearances, providing unique insights into the increasingly bewildering international landscape. Friends would ask me if I’d heard “what that Alex Younger had to say on the telly last night”. He talked sense.

He apparently nicknamed his cancer “Putin”.

For the time being, all that family, friends and colleagues – including secret agents – can do is mourn the painfully premature passing of – to use an old-fashioned term – a true gentleman. Longer term, Alex’s memory must inspire people to believe in and defend liberal democracy.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Remembering Alex Younger: The Intelligence Chief Who Shaped a Generation

I don't want to write about Sir Alex Younger, my predecessor as Chief of SIS.

I want to write about my friend.

I had known about Alex's cancer from the outset, while I was still Chief. He treated it with his customary irreverence and wit. He nicknamed his tumour "Putin". At one stage he took to sporting a lapel badge bearing the words "I'm not dead yet". Sarah, his wife, persuaded him not to wear it to the memorial service of a former agent.

I knew he had become dangerously ill in Boston last week. Even so, it still came as a shock to step off a twelve-hour flight to Singapore on Thursday morning and learn that he had died. My immediate thoughts were for Sarah and the family. They had already endured more than any family should when they lost their son Sam in 2019.

Alex and I were almost exact contemporaries. He was a little less than two months younger than me. We spent much of our professional lives travelling along parallel tracks.

We really came to know one another after 9/11, when we were appointed to our first Head of Station jobs. Alex pipped me to the post to get Dubai. I got Kuala Lumpur as a consolation prize.

As it happened, both stations became important nodes in the effort to understand and dismantle the proliferation network established by A.Q. Khan. Working closely with CIA colleagues, Alex and I found ourselves cooperating on one of the most important intelligence operations of that era.

It was during that period that I came to appreciate the characteristics that would define him throughout his career.

Alex was intensely collaborative. He was competitive too, but his competitive instincts were directed entirely towards the mission and the adversary rather than towards colleagues. Underpinning that was a generosity of spirit and a quiet confidence that came from being entirely comfortable in his own skin.

That combination earned him enormous affection.

The wider public came to appreciate Alex through his media appearances after he left SIS. Those of us who had worked with him recognised immediately the qualities the wider public was now seeing: clarity of thought, economy of language and a gift for making complex issues intelligible without oversimplifying them. Few words were wasted. He also possessed a wonderfully dry sense of humour and a gift for the perfectly judged bon mot.

Yet beneath the outward affability was a private man. In many respects Alex was an introvert. His confidence came not from external validation but from self-knowledge. He did not need to dominate a room or win every argument. He knew how and when to delegate. The result was a calm authority that people trusted and wanted to follow.

Those qualities served him exceptionally well during one of the most consequential periods in the modern history of SIS.

As Chief, Alex oversaw a significant reorientation of SIS's counterterrorism effort to confront the rise of ISIS and the threat it posed to the United Kingdom and our allies. The challenge was made all the more acute by the appalling terrorist attacks suffered by the United Kingdom in 2017.

At the same time, he recognised earlier than many that the hostile-state threat had returned. Alongside CIA colleagues, he invested heavily in developing the capabilities of Ukrainian intelligence and security partners years before Russia's full-scale invasion brought the importance of that work into public view.

The attempted murder of Sergei and Yulia Skripal in Salisbury, and the death of Dawn Sturgess, presented another defining challenge. Alex led the intelligence response that helped drive the expulsion of hundreds of Russian intelligence officers operating under diplomatic cover across Europe and beyond, imposing a significant and lasting setback on Russian intelligence operations.

He also ensured that SIS's intelligence relationships with European partners emerged intact from Britain's decision to leave the European Union. At a time when political relationships were often under strain, intelligence cooperation remained strong.

The relationship with the United States occupied a special place in his thinking.

Alex believed deeply in the Anglo-American intelligence partnership and worked closely with John Brennan, Mike Pompeo and Gina Haspel during his tenure. Together with John, he instituted annual gatherings of the senior leadership teams of SIS and CIA, recognising that institutional trust is ultimately built through personal relationships.

He was, however, equally committed to ensuring that the relationship remained a genuine partnership. On the rare occasions when he sensed a tendency in Langley to regard SIS as a particularly capable vetted unit rather than as a strategic partner, he would gently but unmistakably correct the impression.

Alex also recognised earlier than many how profoundly technology would shape intelligence work. The computer science graduate from St Andrews was never far beneath the surface. He understood that operations officers needed to become digitally literate - not only to recognise threats to their operations but also to understand how technology could protect agents and enhance operational effectiveness.

His final major challenge as Chief was Covid. Intelligence services could not simply close their doors and work from home. Operations still had to be run, agents protected and intelligence delivered. The pandemic required a wholesale re-engineering of how SIS functioned while continuing to do its job. Alex led the Service through that period with clarity and compassion.

Looking back now, what I remember most are not the operations, the crises or the offices he held. I remember the humour, the kindness, the judgement and the friendship.

Alex made a profound contribution to SIS and to the country's security. But for those of us fortunate enough to know him personally, the loss feels rather simpler than that.

We have lost a friend.

Watch The Cipher Brief’s Interview with Sir Alex Younger explaining the urgency of the threats facing democracies today in the plain language described by Sir Richard Moore. We are sending our condolences to the Younger Family and to Alex’s broader IC family as well.

Can the Pentagon’s New Innovation System Deliver?

Welcome to The Iron Triangle, the Cipher Brief column serving Procurement Officers tasked with buying the future, Investors funding the next generation of defense technology, and the Policy Wonks analyzing its impact on the global order.

On January 12, 2026, Secretary Hegseth's office published a memo that ought to be hanging in every PEO's office: "No longer a loose federation. They are the Office of the Secretary of War's innovation operating system." The memo took six previously-warring fiefdoms, Defense Innovation Unit (DIU), Strategic Capabilities Office (SCO), Chief Digital and AI Office (CDAO), Defense Advanced Research Projects Agency (DARPA), Office of Strategic Capital (OSC), and the Test Resource Management Center (TRMC), and stacked them under a single DoW CTO. The DIU and SCO were redesignated Department Field Activities. Owen West, a Marine with two decades experience at Goldman Sachs and a former Assistant Secretary of Defense (ASD) for Special Operations, took over as Director of DIU. Cameron Stanley, former chief of Project Maven, is now head of the CDAO. The press wrote the whole thing up as a reorganization. Five months later, that read is the wrong one. This was an operating-system upgrade. An operating system that hasn't booted is just another memo. The urgent question now is which one we have, and Beijing, Riyadh, and Kyiv are not waiting around for the answer.

From Loose Federation to Operating System

For anyone who hasn't been tracking, the structural change is bigger than it looks. Six execution organizations now sit under one CTO, Emil Michael. The Defense Innovation Steering Group, the Defense Innovation Working Group, and the old CTO Council were dissolved and replaced by a single Action Group. Field Activity designation gives DIU and SCO faster contracting and personnel authorities than their predecessor organizational structures allowed.

This is the reform the Iron Triangle has been asking for. The old federation produced parallel pitches into competing fiefdoms. The same vendor would brief DIU on Monday, SCO on Wednesday, and CDAO on Friday, while the program offices that actually buy at scale received no shared signal back. DIU built a portfolio. SCO built a portfolio. CDAO built a portfolio. DARPA built a portfolio. Each was a victory lap for the individual office and a logistics burden for the warfighter, who eventually inherited four nearly-identical autonomy stacks that didn't talk to each other.

The Action Group is the first credible attempt at unified intake. It takes the political cost of saying no to a vendor, historically the binding constraint that kept the federation porous, and concentrates it in one place. The CTO can quickly route capabilities across all six execution organizations. Whether the building actually uses the routing layer is the open question.

Five Months In: What Booted, What Didn't

The good news first. Owen West was confirmed and is operationally active; his March 2 ceremony at Fort Benning was a signal that the Marine Corps and the special operations community have a seat at the head of the DIU table. Within weeks he told the building that he intends to narrow DIU's investment priorities, a signal investors should read carefully because it suggests fewer, deeper bets. Cameron Stanley has the CDAO chair and a mandate that includes AI compute on military installations, data-asset unlock across the department, and the GenAI.mil platform. These are accountable people running accountable shops, and they are issuing memos with their names on them.

The bad news. The OSC, the most consequential of the execution organizations for investors, has not released an FY26 investment strategy as of June 1. The FY26 NDAA appropriated $97.8 million for OSC's capital assistance pilot, enough to subsidize up to $4.4 billion in loans and guarantees, but the deployment cadence is opaque. The Action Group itself has not published outcomes against measurable targets. Six months from now, we should be able to count program offices that have routed capability needs through the Action Group, OSC term sheets executed, and CDAO-led integrations into contracts. Today, most of those dashboard lights are still amber.

The OSC Question

The OSC angle deserves its own section because it is the answer the May issue of this column was implicitly asking for. A Bridge Too Small argued that $49 billion in private capital cannot bridge a $1.5 trillion budget without serious structural reform. The OSC is one of the structural reforms; a loan-guarantee instrument designed to leverage private capital into national-security priorities at a multiple. The April FY27 budget request put $20 billion-plus on the table for the Strategic Capital loan program, up from under $1.5 billion in FY26. That is an order-of-magnitude scaling and a serious procurement-architecture commitment.

The proof that OSC can deliver already exists. Last year, OSC executed a $150 million loan to MP Materials for heavy rare-earth separation capacity at Mountain Pass, California. No venture fund underwrites that kind of paper. No SBIR ceiling reaches that kind of scale. The transaction does more for the neodymium and brushless-motor chokepoint I warned about in April than any number of Blue UAS compliance memos, and it is the kind of instrument the trifecta has been demanding.

What scales now matters. OSC has built out a Credit Program covering 31 Covered Technology Categories. Individual loans run from $10 million to $150 million. The total FY26 loan ceiling sits at $984 million. The FY27 request makes the program ten-times that. For procurement officers, OSC is the only DoW instrument that bridges directly to private debt. For investors, OSC's underwriting standards will eventually price the floor of the defense-tech market. For policy wonks, OSC is either the most important Treasury-style instrument the building has ever held, or it is a slide deck with appropriations attached. The next six months will decide which.

The View from Beijing, Riyadh, and Kyiv

The Innovation Operating System is not only a domestic procurement story. It is a foreign policy instrument, and the external clock is running faster than the internal one.

Beijing has spent the past eighteen months building its own version of an innovation operating system, optimized for export rather than for internal acquisition. The March 2026 deal between Aviation Industry Corporation of China and Saudi Arabia's General Authority for Military Industries set up local production of forty-eight Wing Loong-3 unmanned combat air vehicles per year in Jeddah, with a Riyadh acting as a logistics hub explicitly designed to serve other Gulf Cooperation Council (GCC) customers. The four-billion-dollar Pakistan-Libya JF-17 deal that closed in spring extends the same model further. China is exporting state-coordinated industrial capacity to allies that previously purchased primarily American. If the Action Group cannot route US capability into those markets at competitive speed, the substitution will continue, with maintenance contracts, training pipelines, and next-platform decisions following the initial procurement.

Riyadh is the harder case because it activated the Pakistan-Saudi mutual defense pact in May, generating combat-credible deployments inside ninety days of trigger: eight thousand troops, sixteen Chinese-built JF-17s, an HQ-9 air defense battery, and two squadrons of drones. Foreign Military Sales economics for US primes have assumed the Gulf as a baseline customer since the Carter administration. That baseline is moving. Investors holding GCC (Foreign Military Sales) FMS exposure should be repricing it. Procurement officers running F-15EX, MQ-9, and Patriot pipelines should be running the dependency map.

Kyiv has demonstrated the procurement-velocity standard the building is now implicitly trying to match. Ukrainian manufacturers produced roughly four million drones in 2025 and are targeting seven million in 2026, with the Brave1 marketplace routing capability needs from frontline units to certified manufacturers in days. The Innovation Operating System is, in part, an attempt to import the Brave1 effect inside an institution whose default cycle is the opposite of distributed and rapid. The Pentagon does not need to copy Brave1 exactly. It does need to demonstrate, by the end of the year, that the Action Group can produce a signal-and-response loop on a US scale. If it cannot, allies will keep studying Kyiv for the template and looking elsewhere for the systems.

Hegseth's memo bought the building time. Whether the building uses that time determines more than acquisition outcomes. It determines whether the next decade of alliance procurement runs through Washington or around it.

What the Trifecta Should Do Tomorrow

This is the reform that does not require an act of Congress, and the trifecta has more agency in it than the powerpoint slides suggest. Three concrete moves.

Procurement officers: stop pitching vendors against your individual program. Start pitching capability needs into the Action Group's intake so the CTO can route across DIU, SCO, CDAO, DARPA, and OSC. DIU's $99 million Obviant prototype award for an AI platform that consolidates DoW acquisition, contracting, and budgeting data is DIU paying for the data layer that the reorganization needs at the institutional layer. Use both.

There is a deeper move underneath the routing layer and the data layer, and it is an identity shift. The traditional procurement officer is rewarded for stovepipe wins: my program, on time, on budget. The new model rewards capability gaps closed across multiple execution organizations, with capability other PEOs can leverage. That is portfolio thinking, not program shepherding. The FY26 NDAA reform language and the Hegseth memos are pushing every PEO toward this shift. The ones who lean in will define the next decade of acquisition. The ones who don't will be measured against them.

Investors: treat OSC as a real instrument. Get on a call with DIU and CDAO. If you are holding portfolio companies with critical-technology exposure, OSC's loan guarantees are the leverage instrument you have been asking the federal government for since the SBIR program was conceived. Underwrite accordingly. MP Materials should not be a one-off. And read the FMS pipeline with foreign-policy realism: the Gulf customer base is being reshaped, and OSC's onshoring bets are partly a hedge against that erosion.

Policy wonks: push for OSC investment-strategy publication and Action Group outcome metrics. The reorganization either produces visible procurement velocity within six months or it does not. There is no middle ground, and there will be no excuse if Q4 2026 looks like Q4 2025. The foreign policy clock will not wait for FY28.

Conclusion: Boot or Be Dismissed

The Innovation Operating System will either reach sustained throughput by the end of 2026 or it will be unwound by the next administration. West and Stanley are accountable people running accountable shops. Emil Michael owns the CTO function and the political cover that comes with it. The trifecta has spent a decade complaining about a loose federation. The memo dissolved the federation. The question that should keep procurement officers up at night, that should be on every investor's diligence checklist, and that every policy wonk should be asking is the same: can a machine that has never run end-to-end deliver capability at the speed Beijing, Riyadh, and Kyiv are now setting? The Iron Triangle will be watching the dashboard for the next six months. So should you.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why the U.S. Cannot Afford to Lose Intelligence Partners

THE BLUF: Working with partners is a key intelligence tool. While the US has one of the best if not the best intelligence organizations in the world, it still cannot collect and analyze all global trends. The US sets intelligence priorities based on threats against the nation and the American people. Trends and anomalies in areas that may not have a direct impact on the US are of a lesser priority. Other countries do the same. If we share our analysis and collection among allies and partners, we are able to retain our focus without missing trends that could end up as a major issue down the road. If we are not a stable and trustworthy partner, we will miss out on potentially important intelligence that could affect our nation.

The US intelligence community has worked hard to develop strong relationships with its allies and partners. For the last 10 years, the US has led intelligence in NATO as the Assistant Secretary General for Intelligence and Security. The Defense Intelligence Agency (DIA) has put in place a Deputy Director for the Commonwealth. Allies have offices in the Pentagon to be better able to share intelligence. Many of the Combatant Commands have partners and allies sitting in their intelligence units. Two successful examples of close intelligence sharing are:

·Operation Gallant Phoenix (OGP): an intelligence fusion center established in 2013 in Jordan. It is made up of over twenty countries with representatives from a variety of agencies, including law enforcement, military and civilian intelligence. OGP focuses on response to current, evolving and future violent extremist threats - regardless of threat ideology. Gallant Phoenix allows nations not only to share intelligence on the foreign fighter threat, but also to get that information back to their law enforcement and homeland security agencies.

BICES: Battlefield Information Collection & Exploitation Systems (BICES) links intelligence between a range of partner nations. The system originally centered on NATO, but today's version goes beyond that. It delivers technical capability to provide multinational intelligence and information-sharing capabilities.

The importance of these types of intelligence sharing constructs is seen in how intelligence sharing has saved lives. In 2025, intelligence sharing thwarted attacks against US allies.

·In July 2025, the CIA said that it helped Germany foil a Russian plot to assassinate the head of a German arms manufacturer that produced weapons for Ukraine.

·In August 2025, the CIA said it provided intelligence to Austrian authorities that allowed them to disrupt a plan, allegedly inspired by the Islamic State group.

Allies and partners, however, are raising concerns about sharing intelligence with the US. They have given a host of reasons for that concern that largely reflect unease about intelligence being leaked to adversaries, either unwittingly or for political reasons. Some partners have raised issues with how their intelligence is being used by the US. The Danish Defense Intelligence Service, one of Denmark’s key spy agencies, has described the U.S. as a potential security risk, saying in a 2025 report that the United States is increasingly prioritizing its own interests and “now using its economic and technological strength as a tool of power, also toward allies and partners.”

These concerns continue to grow with two staunch allies declaring that they are either completely halting or are curtailing intelligence sharing with the US:

·Colombia: Through the early 2000s Colombia became a close partner with the US in combatting drug cartels and left wing insurgent groups. The close intelligence relationship contributed to the operation to rescue US hostages in Colombia and the demise of the FARC narco-terrorist group. Under leftist Colombian President Gustavo Petro, the intelligence relationship faltered with Petro completely halting it as a result of the current US counter drug policy. We will see what a new Colombian President will decide vis a vis the US intelligence relationship.

·UK: The intelligence sharing relationship between the US and the UK is one of the strongest ones the US has. Because of UK concerns about the legality of US maritime strikes against alleged drug runners, the UK has announced last year that it would curtail its intelligence sharing with the US on cartel related issues.

This trend comes at a time when Europe is rethinking its future intelligence organization. The US’s influence on that organization could lessen if our long-time partners believe that they cannot count on us to keep their secrets, share our intelligence, and use their intelligence for legal purposes.

These recent events should raise larger strategic concerns as the US relooks the future of its intelligence community. With new technologies that help us collect and analyze open source data, sharing intelligence should be easier. If we start with open source and commercially available information that AI can curate, we are starting in a place that is unclassified and thus easily sharable. The ability to share and its importance married with using the latest technologies is why the US needs to build a new open source center that feeds into each of the intelligence community components. This center would have as part of its organization, partners and allies who would bring their open source information to the table—much like Operation Gallant Phoenix but with a global threat based problem set. This is where the US and the world would see the first trends of a new global pandemic, watch out for signs of instability in countries that normally are not first tier priorities for the US, and understand how climate change might be affecting global economies that could result in unrest or regime change.

This is not the time to go it alone in the intelligence community. In order to keep our nation safe in a cost effective way, we need to continue to work closely with partners and share intelligence and intelligence operations. We can only do this if our partners and allies see the US intelligence community as strong, effective, apolitical, and leading in sharing with its partners.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Radical Empathy: The Counterintuitive Skill That Made Me Better at Everything Else

There's a moment in every intelligence officer's career when they realize something uncomfortable: to be effective at their job, they must genuinely connect with people whose values, beliefs, or actions they might find repugnant. Not pretend to connect. Not manipulate. Actually connect.

This realization runs counter to everything we typically believe about empathy. We're taught that empathy flows naturally toward people we like, people who share our values, people who we think of as "good." But in the world of human intelligence, that comfortable version of empathy is nearly useless. What matters is something far more difficult, and far more powerful.

I call it radical empathy: the disciplined capacity to temporarily suspend moral judgment in order to genuinely understand another human being at their deepest level. Not to excuse them. Not to agree with them. But to see them with such clarity that you understand why their choices make perfect sense from inside their own experience.

This skill changed how I operate professionally. It changed how I lead. It changed my relationships. And I believe it's one of the most underdeveloped yet universally applicable capabilities in leadership, business, and life.

The Paradox at the Heart of Intelligence Work

Here's something most people don't understand about recruiting human sources: it's not about deception in the way movies portray it.

Yes, intelligence officers operate under cover. Yes, there are secrets and compartmented truths. But the actual relationship between a case officer and their asset? That has to be real. Authentic. Built on genuine understanding.

Why? Because you're asking someone to do something extraordinarily difficult and potentially dangerous. You're asking them to betray their country, their employer, their colleagues, perhaps even their family. You're asking them to live with secrets that could get them imprisoned or killed.

No one does that for someone they don't trust. Few people will take that risk for a relationship that feels transactional or manipulative (though there have been high-profile espionage cases where money was everything for the spy).

The intelligence officers who succeed at recruitment aren't the ones who are best at lying. They're the ones who are best at understanding. They develop an almost preternatural ability to see the world through another person's eyes, to discover what motivates them at the deepest level, and to position themselves as someone who genuinely meets that need.

This creates a paradox that took me years to fully appreciate: the profession that operates in shadows and secrets requires, at its core, one of the most authentic forms of human connection imaginable.

Finding Humanity in Uncomfortable Places

As a young officer, this was once put to the test when I was working against a major narcotics-trafficking rebel group and recruited one of its members as my source. We had precious little in common, a girl from Northern California and an armed fighter moving opium and heroin into the international market. But we found a way to connect. I learned about his own circumstances, the limited opportunities, the pressures of an armed militia that occupied his hometown, and his desire to do something more, better, with his life.

That experience taught me something I've remembered ever since: every human being, regardless of what they've done, has at least one redeeming quality. Some kernel of humanity that can serve as the foundation for genuine connection. A corrupt official might be a devoted father who would do anything for his children's future.

A disillusioned bureaucrat might be an idealist who once believed deeply in something and now feels betrayed by the system he serves. A person working for an adversarial government might hold private doubts about the direction her country is taking. The skill isn't in inventing these qualities. It's in uncovering them. They're always there. The question is whether you're willing to look past the surface, past your own judgments and assumptions, to discover them.

This is what I mean by radical empathy. It is neither soft nor naive. It’s not about investing my own emotional energy in another person at some supernatural level. It's a disciplined practice of psychological discovery that requires you to temporarily set aside your own moral framework in order to understand someone else's. The term radical empathy could just as well be radical understanding.

The Internal Work Most People Skip

Here's what makes radical empathy difficult: it requires confronting your own judgments, biases, and emotional reactions before you can genuinely see another person.

Most of us don't do this. We don't even realize we're not doing it.

We enter conversations with people already filtered through our assumptions about who they are, what they believe, and what they deserve. We listen for confirmation of what we already think. We interpret their words through our own frameworks. And we call this "understanding." It's not. It's projection dressed up as empathy.

True radical empathy requires a different thought process: First, acknowledge your judgments. Don't pretend you don't have them. If you're meeting with someone whose politics you find abhorrent, whose business practices you consider unethical, or whose personality rubs you the wrong way… acknowledge it. To yourself. Clearly. You can't set aside what you don't recognize. Second, summon genuine curiosity about their internal logic. This is the key move. Ask yourself: What would have to be true for this person's choices to make perfect sense? Not sense by your standards, sense by their standards, given their experiences, their information, their pressures, their fears, their aspirations. Dig deep to understand the other person’s “why” or sense of purpose. Everyone is the hero of their own story. Everyone's choices feel rational from inside their own experience. When you can't understand why someone does what they do, the limitation is usually in your own understanding, not in their rationality. Third, find the universal human element. Beneath the surface differences, what basic human needs are they trying to meet? Security? Recognition? Belonging? Purpose? These needs are universal even when the cultural context or strategies for meeting them diverge radically.

Finally, let genuine connection emerge. When you've done this work, something changes. The person in front of you stops being a caricature or a problem to be solved and becomes a full human being. Connection is truly possible, not because you've manipulated it, but because you've created the conditions for it. Your own curiosity and open mind promote trust, and trust is the foundation of real connection.

Why This Feels Uncomfortable

I've shared these ideas with others over the years, and occasionally encountered resistance. The concern usually sounds something like this: "If I empathize with someone whose behavior is harmful, aren't I excusing or enabling that behavior? Doesn't understanding become complicity?" This is an important question, and the answer is no, but only if you understand what radical empathy actually is. Radical empathy is not agreement. It's not approval. It's not moral relativism. And it’s not, again, pouring all of your own emotional energy into the other person.

It’s about understanding. You can fully understand why someone made a destructive choice and hold them accountable for it. You can genuinely empathize with the pressures that led someone to act unethically and still insist on consequences. You can see the humanity in someone and oppose everything they stand for. In fact, I'd argue that empathy strengthens your ability to respond effectively. When you truly understand someone's motivations, you're better positioned to influence them, negotiate with them, counter them, or help them adapt their behavior. You're operating with full information rather than fighting a caricature. The intelligence world taught me this viscerally. We weren't in the business of excusing bad actors. We were in the business of understanding them so well that we could anticipate their moves, identify their vulnerabilities, and, when possible, recruit them or change their behavior.

Understanding is not endorsement. It's power.

The Shift That Changes Everything

I remember another moment from late in my career when I sat across the dinner table from a former communist insurgent who had since risen to some prominence in his government. Decades earlier, we would have been committed adversaries. He still harbored deep animosity for the United States and, by extension, me as our government’s representative.

The conversation was tense and stilted at first, but shifted over time as we spoke about our families, our mutual desire for equality in our countries, our values of independence, self-reliance, and patriotism. He realized that I sought understanding, not judgment, and that changed everything. It ended up being one of the most fascinating dinner conversations I had enjoyed in years.

What I've learned is that radical empathy creates a particular kind of shift in how other people experience you. When someone feels genuinely seen, not judged or evaluated, not managed, but actually understood at some level, something in them opens. Defenses lower. Authentic communication becomes possible. Trust builds faster than it otherwise would. This isn't mystical. It's psychological. Humans are fundamentally wired to respond to being understood. We crave it. And we can tell the difference between someone who's performing and someone who actually gets us. Intelligence officers become skilled at creating this experience for others because recruitment depends on it. But the skill needs to be real to work. The curiosity must be sincere, and your humanity must be felt.

Beyond the Shadows: Where Radical Empathy Transforms Results

For years, I cultivated this capability in classified contexts, assuming it was specialized, something unique to the peculiar demands of intelligence work. Obviously, that’s not the case. Radical empathy is a master skill that amplifies effectiveness in virtually every domain that involves human beings.

Leadership and Management

The leaders I most respect share a common trait: they understand their people at depth, and they can set aside judgment as they seek to build that understanding. They can appreciate someone else’s skills and performance, but also their aspirations, pressures, and private struggles.

This understanding doesn't make them soft. It makes them effective. They can deliver hard feedback in ways that the other person can receive because they've earned trust through genuine connection. They can motivate individuals differently based on what actually drives each person. Radical empathy allows you to lead people as they actually are, not as you assume them to be.

The "Likeability" Trap Leaders Must Escape

Here's a leadership mistake I have seen repeatedly over my long career. Too many leaders fall into the trap of filtering their teams through the lens of personal likeability. They gravitate toward employees they find pleasant. They invest more energy in people who are affable, who share their communication style, who feel easy to deal with. And they unconsciously distance themselves from those they find difficult, abrasive, awkward, or simply different. This is a fundamental leadership failure, and radical empathy is the antidote.

Bottom line? You don't have to like everyone you lead. It’s not a friendship. It isn't a marriage. It's work. The question isn't whether someone's personality delights you; it's whether you can understand them well enough to connect, build trust, and lead effectively. Some of the most valuable people I've worked with were not people I would have chosen as friends. They were prickly, or intense, or operated on a wavelength different from mine. Early in my career, I might have kept them at arm's length, managing them transactionally rather than leading them fully. That would have been my loss, and the organization's loss. Because frankly, genius does not always come in convenient packages. Radical empathy strips away the likeability filter. It asks a different question: Can I understand this person deeply enough to lead them well? The answer is almost always yes, if you're willing to do the work.

This becomes especially critical when you're leading people from outside your own field of expertise. If you're a business leader managing engineers, or a military officer leading intelligence professionals, or an executive suddenly responsible for a function you've never worked in, you can't rely on shared professional language or common technical background to create connection. You have to build it another way.

That way is radical empathy. It begins with genuine curiosity and an open mind. It requires you to ask questions you don't know the answers to, to listen without feigning expertise you don't have, and to understand what drives people whose work you may never fully comprehend. When you do this, something interesting happens: people forgive your lack of specialized expertise in their field. They trust you anyway. Because what they really need from a leader isn't someone who understands their work better than they do. It's someone who understands them. Connection precedes credibility. And connection begins with empathy.

Negotiation and Conflict Resolution

Every negotiation book talks about "understanding the other side's interests." Radical empathy takes this further. It's not just understanding what they want, it's understanding why they want it, what fears drive their positions, what pressures they face, and what success looks like from inside their world.

When you achieve this level of understanding, creative solutions emerge. You see trades that weren't visible before. You can frame proposals in language that resonates with their values rather than yours. You can anticipate objections and address them before they surface.

I've watched negotiations transform when one party makes the effort to genuinely understand the other. The shift is palpable. Suddenly, the conversation moves from positional warfare to joint problem-solving.

Sales and Client Relationships

The best salespeople I know aren't persuaders in the traditional sense. They're understanders. They invest time in genuinely comprehending their client's world… the pressures they face, the internal politics they navigate, the fears that keep them up at night, the outcomes that would make them heroes within their own organization.

From this understanding, they don't have to "sell" in the pushy sense. They simply present solutions that genuinely fit. The client feels understood rather than manipulated, and trust builds accordingly.

This is exactly what intelligence officers do with potential sources. We seek to understand their world so thoroughly that when we finally present an opportunity, it feels like the natural answer to their problem, because often it is.

Cross-Cultural and International Contexts

Radical empathy becomes even more critical when operating across cultural boundaries. Different cultures have different frameworks for understanding the world. Very different assumptions about hierarchy, relationships, time, honor, and obligation.

Effective cross-cultural engagement requires the ability to temporarily adopt another cultural framework, to see the world as your counterpart sees it, and to communicate in ways that make sense within their context rather than your own.

This was the daily work for intelligence officers working abroad. But it's equally essential for global business leaders, international negotiators, diplomats, and anyone working across cultural lines in our increasingly connected world.

Healthcare, Counseling, and Helping Professions

Professionals who work with people in crisis (doctors, therapists, social workers, counselors) depend on the ability to understand without judgment. A physician who can truly understand a patient's fears and lifestyle constraints will be more effective at encouraging treatment compliance. A therapist who can enter a client's frame of reference can facilitate change that would otherwise be impossible.

The radical empathy developed in intelligence work is structurally identical to the "unconditional positive regard" that therapists cultivate. Both require the capacity to understand without judgment, to see the logic in choices that might otherwise seem irrational or self-destructive.

Politics, Policy, and Civic Life

In an era of intense polarization, radical empathy offers something our public discourse desperately needs: the ability to understand positions with which we disagree without portraying counterparts as caricatures.

This doesn't mean abandoning your principles or treating all positions as equally valid. It means understanding why people on the other side believe what they believe. What experiences, fears, and values drive their positions.

From this understanding, persuasion becomes possible. Common ground becomes visible. And even where agreement is impossible, respectful coexistence becomes more achievable.

The Practice: How to Develop Radical Empathy

Like any skill, radical empathy can be developed. Here's how I'd suggest approaching it: Start with low-stakes practice. Before attempting this with someone who triggers strong reactions, practice with neutral encounters. The barista who seems rude. The colleague whose communication style irritates you. The family member whose choices confuse you. Ask yourself: What would have to be true for their behavior to make perfect sense?

Notice your judgments without fighting them. You don't need to eliminate your moral reactions. You need to notice them clearly enough that they don't unconsciously drive your behavior. Judgment observed is judgment that can be temporarily set aside. Ask questions you don't think you need answered. The most powerful understanding often comes from exploring areas where you think you already know the answer. You probably don't. So, ask anyway. Listen for what's underneath the surface. When someone expresses a position, seek to understand what need it serves. When they describe a behavior, think about what fear or aspiration drives it. Keep digging beneath the presenting content.

Practice with people you disagree with. This is where the growth happens. Find opportunities to genuinely understand (not debate, not convince, just understand) people whose views differ from your own. This is uncomfortable and becoming increasingly rare in our polarized political climate. Do it anyway. Debrief yourself. After important conversations, reflect: Did I genuinely understand this person's perspective, or did I project my own assumptions? What did I miss? What would I do differently?

The Person You Become

Here's what I didn't expect when I began developing this capacity: it changed me.

Radical empathy doesn't just make you better at understanding others. It makes you more aware of your own biases, assumptions, and blind spots. It develops your intellectual humility and a kind of cognitive flexibility, or the ability to hold multiple perspectives simultaneously, to see situations from different angles, to resist the allure of your own certainty.

It also, somewhat paradoxically, makes you more secure in your own values. When you've genuinely understood perspectives different from your own and chosen to maintain your positions anyway, those positions are no longer defaults. They are consciously chosen. And that's a different kind of conviction.

This focus on empathy is something our country desperately needs more of today. It’s core to the work I conduct on Mind Sovereignty™, since the collapse of civic empathy is so closely tied to filter bubbles, algorithmic amplification, and the resulting affective polarization we see in society. But empathy can be rebuilt, and it starts at the individual level.

An Invitation

We live in a time when understanding across divides feels increasingly rare. Political polarization, social media echo chambers, and the pace of modern life all conspire against the slow, patient work of genuinely seeing another person.

And yet this capacity has never been more valuable. In leadership, in business, in diplomacy, in life… the ability to understand without judgment, to see without agreeing, to connect across differences, remains the master skill that amplifies all others.

I was fortunate to develop this capability in an unusual crucible. But the skill itself isn't classified tradecraft. It's available to anyone willing to do the internal work.

The question is whether we're willing to set aside our own sense of certainty (and often, moral superiority) long enough to actually see the person sitting across from us.

In my experience, what we find when we do so is almost always more interesting (and more human) than what we assumed.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

China’s Uneasy Partnerships With Russia and North Korea

China’s summit with Russia last month and the reported likely upcoming visit of President Xi Jinping to North Korea are tactical moves that ignore the historical tensions between China, Russia and North Korea.

That tension threatens a meaningful strategic partnership.

The meeting between Mr. Xi and Russian ruler Vladimir Putin, convened immediately after President Trump’s summit with Mr. Xi, resulted in a joint statement highlighting a strategic partnership between Russia and China. Meanwhile, it criticized the current “law of the jungle” — a not-so-subtle dig at the U.S.

The 1991 Treaty of Good Neighborliness and Friendly Cooperation between Russia and China was extended for another five years, memorializing the quasi-alliance between these two countries.

The summit’s message was clear: China and Russia will continue to strengthen their strategic partnership and pursue a multipolar world opposed to unilateralism. That is another not-so-subtle criticism of the U.S.

Despite Russia’s efforts, China did not agree to the Power of Siberia 2 pipeline, which would carry roughly 1.8 trillion cubic feet of Russian gas annually from western Siberia through Mongolia into China. This is an important project for Russia, owing to Europe’s sharply reduced purchases of Russian gas because of its invasion of Ukraine.

Given the loss of European revenue, Russia hoped to redirect gas eastward to China. China, however, has been cautious, not wanting to become overly dependent on Russia, while pressing for lower prices and more favorable financing terms.

Also of concern to Russia is China’s inroads into Siberia and Russia’s Far East. The country is concerned about Chinese nationals migrating to Siberia in search of economic opportunities.

There are powerful historical reasons why Beijing and Moscow will always be wary of each other. These include the 1969 border clashes on the Ussuri River and Russia’s threat during that decade to launch nuclear strikes against Chinese nuclear sites. They also point to deeper historical wounds, such as Russia’s 1860 seizure of Vladivostok from the Qing Dynasty under the Treaty of Peking — one of the “unequal treaties” imposed on China. Decades later, Beijing retaliated by providing military support to Afghan fighters resisting the 1979 Soviet invasion.

Pro-Kremlin Russia Today expert Alexey Martynov argued in a recent commentary piece that China can no longer treat Moscow as a junior partner. He wrote, “Beijing behaves as though it can preserve a carefully managed partnership in which China remains the senior partner while minimizing its own obligations.”

A no-limits strategic partnership between a revanchist Russian Federation — a pariah state because of its invasion of Ukraine — and a China determined to be a model world leader is a partnership that will not endure.

North Korea is China’s only ally. More than 90% of North Korea’s trade is with China, and more than 90% of North Korea’s crude oil imports come from China. China is North Korea’s economic lifeline.

Yet historical distrust of China is still deeply embedded in North Korean strategic thinking. Korea has a long history in the Chinese tributary system. For centuries, Korean dynasties operated within the Sinocentric regional order, with imperial China as the dominant power.

Many Korean nationalists viewed this as unequal and humiliating. Former North Korean leader Kim Il-sung balanced between Moscow and Beijing during the Cold War to avoid subordination to either, though North Korea depended on China economically.

North Korea will always be concerned about Chinese influence and its ability to pressure North Korea economically or support reforms like China’s. China is concerned with North Korean nuclear brinkmanship and potential refugee flows in the event of instability in North Korea.

Most important, if there is instability or war on the Korean Peninsula, China would be concerned that the U.S. would be there for its ally, South Korea.

After North Korean leader Kim Jong-un took power in 2011, he kept his distance from China and did not show the respect China expected. In September 2025, however, Mr. Xi invited Mr. Kim to Beijing to stand with Messrs. Xi and Putin at Beijing’s Victory Day parade, commemorating the end of World War II.

If Mr. Xi visits Pyongyang in the next few weeks, it will be obvious that China is working hard to improve relations with North Korea.

North Korea’s new allied relationship and mutual defense treaty with Russia and its military aid to Russia for the war with Ukraine have no doubt motivated China to be more energetic in bringing North Korea back into the fold.

Despite visits and joint statements, China’s relations with Russia and North Korea remain fragile. A strategic partnership will not endure.

This story appeared in The Washington Times and is republished here with permission.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

From Terror Networks to Hybrid Threats: A Partner Approach to a Growing Threat

The hybrid threat challenge facing Europe today is reminiscent of the terrorist threat challenge of the post-9/11 Global War on Terrorism (GWOT) era. Because of that similarity, the alliance should adapt the counterterrorism cooperation model developed over the last twenty years.

As European security partners grapple with Russia’s gray-zone activities—operations conducted below the threshold of war to create confusion and hesitation—the recently released U.S. counterterrorism strategy makes a notable acknowledgment. In the final sentence of its subsection on Europe, the strategy commits to working with European partners to counter covert state actions, including sabotage and assassination plots, categorized as “hybrid threats.” The inclusion of the term is both appropriate and significant because Russian intelligence services have demonstrated how state power can be projected through irregular means.

After all, even a cursory glance at some of the activities being perpetrated by Russian and Iranian proxies throughout Europe demonstrates that what we are actually talking about looks a lot like the FBI’s definition of international terrorism— “Violent, criminal acts committed by individuals and/or groups who are inspired by, or associated with, designated foreign terrorist organizations or nations (state-sponsored).”

Since the Russian invasion of Ukraine, Western intelligence services have been tracking a troubling evolution in Russian tradecraft: the emergence of proxy recruitment at scale, enabled by digital platforms and designed to blur the lines between espionage, sabotage campaigns, and terrorism.

Through the use of so-called “disposable agents,” both Moscow and Tehran have convinced individuals living in the West to commit violent, criminal acts, sometimes for small sums of money, other times encouraging attackers with ideological inspiration. If these were Sunni jihadists linked to al-Qaeda or the Islamic State, the incidents would be labeled as terrorist attacks, and those responsible would be called homegrown violent extremists who were radicalized and recruited online. Russia has worked through its intelligence services, while also cultivating a network of willing recruits throughout Europe.

Recent investigations reveal the scale and intentionality behind this approach. A 2025 exposé uncovered a Russian military intelligence (GRU)-linked recruitment campaign using Telegram bots and viral propaganda videos to solicit volunteers abroad. The messaging was deliberately broad—appealing to nationalism, grievance, or simple curiosity—and funneled interested individuals into automated recruitment pipelines. These systems lowered the barrier to entry: a single click, message, or expression of interest could place a user into a pipeline for tasking.

Iran has followed suit, relying on one of its many proxy groups—Kataib Hezbollah, an Iraqi Shia militia—to orchestrate a shadowy hybrid campaign under the banner of Harakat Ashab al-Yamin al-Islamia (HAYI). HAYI has already claimed responsibility for a series of attacks across Europe, spanning the United Kingdom, the Netherlands, Belgium, and France. Similarly, Russian hybrid attacks in Europe know no borders and have occurred in the UK, France, Germany, Estonia, Georgia, Moldova, and elsewhere. Just last week, Russian drones crashed through an apartment block in Romania, a NATO member.

The key to successfully countering hybrid threats is working by, with, and through allies to leverage each other's strengths in a shared effort to identify threat networks, map their structures, penetrate their operations, and dismantle them. This requires not just unity of effort within countries, but a coordinated approach across law enforcement, intelligence agencies, security services, and special operations forces.

In some ways, perhaps, the U.S. and its allies are a victim of their own success. The Global War on Terrorism—while not without its faults—was successful in combating al-Qaeda and the Islamic State, decapitating their leadership and driving them from safe havens in the Levant and Pakistan's tribal areas. Of course, the terrorist threat has not vanished, though it has morphed into a more decentralized network of regional affiliates and franchise groups that still wreak havoc from the Sahel to Central Asia.

For more than two decades after 9/11, the United States and our European allies were bound together by a clear and urgent mission: to disrupt terrorist networks, prevent attacks, and dismantle organizations such as al-Qaeda and ISIS. That shared mission forced us to innovate. It drove unprecedented cooperation across intelligence services, law enforcement, counterintelligence and with special operations forces. Barriers – silos – that once slowed us were broken down, and in doing so, countless lives were saved.

But the strategic environment has dramatically changed.

Compared to the two decades that followed the al-Qaeda attacks of September 11, 2001, terrorism has become a back-burner issue, relegated to a focus on great power competition, which manifests in the shadows through hybrid threats. And while there has been a NATO strategy to counter hybrid threats since 2015 (and it has also developed a Center of Excellence to analyze the issue), the discussion is typically less coalition and mission-focused than counterterrorism operations were, say, during the peak of the Islamic State's caliphate and amidst the mass movement of foreign fighters between Western countries and the Middle East.

One of the issues is that, as a concept, hybrid threats—while not a new term—suffer from definitional ambiguity and are not widely agreed upon in the lexicon. The term itself is used interchangeably with 'gray zone warfare' and is at times mistaken for or confused with asymmetric warfare, political warfare, irregular warfare, and/or unconventional warfare.

Still, the 2026 strategy does characterize certain states as behaving like terrorist enablers—or as part of the terrorist threat environment—when they sponsor, support, equip, or facilitate terrorist organizations, rather than treating terrorism solely as a non-state actor phenomenon. While not explicitly calling out Russia, that framing is useful and is a departure point for a more aggressive Western strategy for countering this phenomenon.

Terminology and labeling aside, what is clear is that sabotage, cyber operations, and the use of disposable agents by Russia, Iran, and other Western adversaries are wreaking havoc and destabilizing society in many countries. And because state actors are involved, there is an additional element they alone can bring—scale. This means using professional intelligence services, financial resources, sophisticated cyber capabilities, diplomatic cover, and complex logistical support in transportation, communications, and other crucial areas.

As such, the only way that states can hope to be successful in countering hybrid threats is by massing their own state-based capabilities and cooperating through pooled resources and intelligence sharing.

Another idea gaining traction in the event of escalation in Europe, is resurrecting Cold War–era like-stay-behind structures for government continuity: a legally grounded resistance architecture that’s in place—distributed, resilient, and capable of sustaining state continuity from the first moment of disruption. It is almost shocking to process the idea that hybrid threats from Russia are causing some NATO countries to institutionalize “total defense” models designed to absorb shock and sustain governance under pressure. But the threat landscape demands such contingencies.

In this new threat paradigm, resilience and resolve—not caution—is the center of gravity.

Only a more aggressive stance in pushing back against those actors deploying hybrid capabilities can be effective. One thing is for certain: a tepid, half-hearted response—or worse, no response—will only continue to embolden Moscow, Tehran, and Beijing. Hybrid threats, by their very nature, pose a cross-border challenge. The shots may be called in the Kremlin, but the operations take place in London, and may involve intermediaries scattered across the globe, providing various forms of active and passive support to the perpetrators of the attack.

To blunt these offensives requires integrating and partner-sharing of world-class intelligence – like the way Western intelligence services dealt with jihadi threats - and an unprecedented willingness to elevate aggressive offensive counterintelligence to a strategic capability among partners nations.

Countering hybrid warfare requires far deeper intelligence integration among allies. Intelligence sharing can no longer remain confined to elite classified exchanges between a handful of services. Governments must create real-time intelligence fusion across cyber defense agencies, financial regulators, military commands, law enforcement, border security organizations, and private-sector infrastructure operators. This is particularly urgent because critical infrastructure is now the frontline of modern conflict.

If the Western nations remain integrated, vigilant, and forward-leaning, they will not simply compete in this space—they will shape it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Put the Next Generation to Work: Digital Transformation Has Only Just Begun

Put the Next Generation to Work: Digital Transformation Has Only Just Begun

We are witnessing a historic bottleneck in the technology sector. According to recent data, unemployment among new computer science graduates has climbed to 6.1%. While many point to AI as the singular cause of this displacement, the reality is more nuanced: the industry has stopped hiring "apprentices" because it has temporarily lost sight of the value of human-led systems integration.

We are currently operating under a dangerous fallacy: that because AI can generate code and simulate reasoning, the "entry-level" phase of a technology career is no longer necessary.

This is wrong. Digital transformation has only just begun.

The "Stagnant Workflow" Crisis

If you look past the high-tech bubble, the American economy is still defined by millions of archaic, bureaucratic, and manual workflows. These are the processes—in supply chains, logistics, municipal services, and industrial infrastructure—that were never digitally transformed because they were too complex or too niche to justify traditional, high-cost software engineering.

We have spent decades ignoring this "long-tail" of technical debt. Now, we finally possess the intelligence to solve it. But instead of mobilizing our newest engineers to tackle these systems, we are benching them. We are letting an entire generation of talent go to waste while our infrastructure continues to operate on decades-old, manual processes.

The Trap of the Probabilistic Agent

There is a temptation today to simply hand these workflows over to probabilistic, agentic AI. It is an enticing shortcut: the agent "learns" the process, makes decisions, and clears the backlog.

But this is only a temporary fix.

Probabilistic agents are useful for discovery, classification, and reasoning through ambiguity, but they are not a replacement for high-integrity automation. They are "black boxes" of probability. For mission-critical workflows, we cannot afford to gamble on a result that changes with every iteration.

The ultimate goal is not "agentic" automation—it is deterministic automation.

The most effective systems are those where AI acts as the architect, helping our engineers map and generate the robust, deterministic code that replaces the manual friction. We need our next generation to use AI to build systems that are predictable, auditable, and repeatable. We must move beyond the "agent in the loop" and toward the "code-governed system"—where AI generates the logic, but humans define the constraints, ensuring the system functions with the precision of a clock.

The New Digital Transformers

The role of the "entry-level" hire is not dead—it has been promoted. We no longer need junior developers to write boilerplate code; we need Digital Transformers who understand this distinction.

These are the systems thinkers who will:

Audit the Bureaucracy: These engineers must be capable of navigating the non-automatic, messy reality of our nation’s businesses. They will act as "process anthropologists," going into legacy environments to document the hidden bottlenecks that current automated tools cannot see. By doing so, they provide the necessary data and context that are essential for any meaningful digital intervention.

Orchestrate the AI: Instead of merely using AI to generate snippets, these transformers will use frontier models to synthesize complex processes and then codify those processes into deterministic, high-reliability systems. This requires a shift from prompt-based experimentation to a rigorous engineering mindset where the AI is treated as a component in a larger, stable architecture. They will build the "connective tissue" between legacy databases and modern AI-driven decision engines, ensuring the output is not just plausible, but structurally sound.

Bridge the Domain Gap: Learning the nuance of a business's operations is a feat that AI cannot accomplish without human context. These graduates will be tasked with understanding the "why" behind the workflows—the regulatory constraints, the unique company culture, and the operational trade-offs—that an LLM will never inherently know. This domain literacy ensures that the technology we deploy is not just efficient, but actually improves the business's core performance.

It’s Time to Hire

This is a direct call to the leaders of our frontier AI companies and major industrial enterprises.

You have the capital and the mandate to lead. If you are building the future of intelligence, you have a responsibility to underwrite the deployment of this generation. Stop treating entry-level talent as a cost center to be minimized. Start treating them as your Technical Debt Task Force.

Provide the Infrastructure: Underwrite the compute and the platforms they need to work. This investment should be viewed as a "Research and Development" tax on innovation, where the return on investment is a more resilient and modern industrial base. By providing these credits, frontier AI companies create a massive, decentralized lab for testing their models on real-world, high-stakes industrial friction.
Open the Sandboxes: Give them access to the legacy "impossible" problems that no one else has had the time to fix. These are the workflows that currently exist outside of the "high-margin" software bubble, serving as the perfect, low-risk, high-reward testing ground for junior architects. Solving these neglected problems provides an immediate, measurable boost to operational efficiency while shielding the company's core products from experimental risks.
Deploy the Talent: Shift the focus from automating away the junior role to deploying that role to modernize our country’s industrial foundation. By placing these graduates into cross-functional teams, you create a new management paradigm that prioritizes "orchestration" over "maintenance." This transition creates a clear path to leadership for the new hire while ensuring that the organization is actively clearing its backlog of technical debt every single quarter.

A Mission for the Next Generation

When a young graduate uses AI to re-engineer a failing production line or automate the synthesis of experimental data, they aren't just completing a task—they are building the digital architecture of the next fifty years. They are learning systems design, stakeholder management, and domain expertise in the most intensive way possible: by building, testing, and iterating in the real world.

We have the human capital. We have the technology. We have an economy that is crying out for modernization.

The era of digital transformation didn't end with the launch of the latest large language model; it is only now reaching the point where we can finally apply it to the hard, unglamorous problems of our physical and industrial world.

The work is ready. The team is waiting. It is time to hire.

Follow Mark Munsell on LinkedInThe Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Norman T. Roule

Back to top