The Cipher Brief

There are 65 active state-based conflicts in the world today, according to the Uppsala Conflict Data Program. That is not 65 separate crises. It is 65 living laboratories.

The contest that matters is not understanding any one of them. It is recognizing the 66th — the next emerging theater — while it is still only a collection of weak signals. The war before the war has already begun, and it will be won by whoever learns fastest.

For generations, intelligence organizations competed to collect more information. Tomorrow, they will compete to learn faster. Since every adversary is becoming a learning organization, our advantage must become organizational learning — and organizational learning at this scale requires infrastructure we have not yet built.

That infrastructure includes a Digital Twin Network.

The Network, Not the Twin

The objective is not to build a better digital twin. It is to build a Digital Twin Network capable of recognizing the 66th emerging theater before it becomes obvious.

Imagine a living network of thousands of interconnected digital twins — not only of nation-states, but of terrorist organizations, criminal syndicates, cyber groups, critical infrastructure, financial systems, media ecosystems, shipping networks, supply chains, political movements and emerging technologies. Every important actor, network and system has a continuously evolving twin.

Each twin learns independently. Collectively, they learn exponentially.

The value is not in the individual twins. It is in the conversations among them. Every observation by one twin makes the entire network smarter. A political crisis in Bosnia immediately updates neighboring political, economic and alliance twins. A cyberattack against critical infrastructure causes financial, media, logistics and influence-network twins to reassess their own environments. A new disinformation tactic discovered in one region is instantly tested against every other emerging theater.

The network does not simply share information. It shares learning.

This is the shift that matters: from monitoring individual events to understanding how thousands of interconnected systems evolve together. From storing information to accumulating learning. From asking “What happened yesterday?” to asking “What is becoming more likely tomorrow?”

What the Network Looks Like in Practice

Picture a digital twin of Bosnia, Moldova or the South China Sea that updates every minute. Every political speech, troop movement, satellite image, shipping pattern, cyberattack, financial transaction and social media narrative automatically changes the model. We move from “what happened” to “what is most likely to happen next.”

AI agents do the work, each with a job. One reads every speech. Another tracks every satellite image. Another looks for new alliances. Another measures the speed of narratives. Together they integrate political developments, military movements, economic indicators, migration, social sentiment, infrastructure, weather, cyber activity and media into a single continuously updated model — one that can identify change in seconds, minutes and hours, and simulate the impact of future actions.

The ability to rank the most successful future actions, based on analysis of hundreds of potential outcomes, changes how we think about red teaming in cognitive security. We will be able to build a synthetic example of every adversary of any size, and to simulate every scenario continuously.

It will be on us to feed in the right inputs. What emerges is a global learning graph of active conflicts — every lesson, every pattern, every conflict feeding better insight in real time.

How the Network Learns: Observe, Learn, Adapt

Conflicts are like a staircase: pressure, politics, perception, prosperity, partnerships, posture, provocation. Every conflict climbs the staircase differently. A network that can read that staircase across every theater at once needs three disciplines.

Observe. We are good at collection. We will benefit from a common structure that makes our observations legible to AI. As an example, The Seven Layers of Emerging Theater Intelligence (SETI) gives every twin the same language for evaluating how adversaries evolve before open conflict:

Pressure — Are underlying conditions becoming less stable?

Politics — Are institutions losing the ability to manage that pressure?

Perception — Is someone deliberately shaping how people interpret events?

Prosperity — Are economic tools becoming instruments of competition?

Partnerships — Are actors beginning to choose sides?

Posture — Is capability being positioned?

Provocation — What event could rapidly accelerate escalation?

Learn. The measure of the network is its learning velocity — how quickly it improves after every observation. Every conflict becomes a research dataset where the network continuously asks: Which indicators appeared earliest? Which signals were ignored? Which combinations proved most predictive? Which assumptions proved wrong? Which interventions slowed escalation? Which technologies changed outcomes?

Adapt. The network tracks how media and technology are evolving and how they will change future tactics. Whether it is artificial intelligence, autonomous agents, commercial satellite imagery, cyber capabilities, sensors, recommendation algorithms or open-source techniques, we watch how each one shortens the distance between pressure and politics, perception and partnerships, posture and provocation.

All of it feeds back into the twins. SETI gives the network a common language; learning velocity gives it a scorecard. Together they make the network something fundamentally different from today’s intelligence systems — a living research community that studies all 65 active conflicts every day and asks the same questions of each. Which pressures are increasing? Which partnerships are changing? Which narratives are spreading? Which actors are learning fastest? And, most important, where is the next theater beginning to resemble the early stages of previous conflicts?

The Scale of the Build

This is why the build matters, and why it must begin now. A network worthy of the threat means digital twins for every nation-state adversary, roughly 100 foreign terrorist organizations, 500 major transnational criminal organizations, 300 state-sponsored cyber groups, hundreds or thousands of hacktivists, 600 militias, insurgencies and armed non-state actors, and thousands of influence and disinformation networks.

That represents a good start.

As AI, autonomous agents and eventually quantum computing mature, the scale of continuous learning will expand dramatically. The future of intelligence will belong to organizations that treat every conflict as a learning system, every emerging theater as a research project, and every observation as a chance to improve faster than their adversaries.

The Only Question That Matters

The race is no longer to understand today’s 65 conflicts. It is to recognize the 66th emerging theater before anyone else — while it is still only weak signals.

That is a contest of learning, and learning at that scale cannot be improvised in the moment a crisis arrives. It has to be built in advance. The Digital Twin Network is that build.

The war before the war has already begun. The only question is whether we will have the network in place to see it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Congress Questions Pentagon Spending—and the Future of Trump’s Battleship

“I’m deeply concerned that the Presidential proposal for $350 billion mandatory funding [to be carried in a reconciliation bill and not an appropriations bill] for defense will have no Appropriations [Committee] input on the enactment. That’s not the right way to fund the Department of Defense, because it took the Department ten months to explain to Congress how they were going to spend the $150 billion in mandatory funding they received last year. It’s unacceptable, and I have no confidence the Department will do a better job responding to us in the future. There’s also no guarantee that a reconciliation bill will pass.”

That was Rep. Betty McCollum (D-Minn.) speaking last Wednesday at the House Appropriations Committee meeting that marked up the Fiscal Year 2027 Defense Appropriations Bill.

Ranking Democrat on the panel’s Defense Subcommittee, McCollum was questioning the Trump administration’s second year of seeking to put a major chunk of proposed defense spending in a reconciliation bill, where it could avoid both pre-passage congressional review and require only a majority vote for Senate approval.

It turned out that McCollum had bipartisan support for her view.

The House Appropriations Committee, in its report on the bill it later approved that day, included several examples of problems caused by using mandatory spending in a reconciliation bill, along with remedies it proposed..

I will discuss them below, along with one other critical issue – problems in U.S. Navy shipbuilding -- that the House committee also raised in its report.

Remember, however, these are just one committee’s suggestions and they still have a way to go to be adopted by the full House and Senate.

One mandatory spending example in the Committee report relates to the controversial F-35 Lightning joint fighter program.

The President’s fiscal year 2027 budget request includes $7 billion in discretionary funding for 32 F–35 aircraft and $10 billion in mandatory funding for 53 F–35s. Additional modernization funds sought for the F-35 program includes $2 billion in discretionary funding and $2.4 billion in mandatory funding.

In its report, the House Appropriations Committee said it “has serious concerns regarding how the Office of Management and Budget (OMB) bifurcated the funding request and questions the rigor that was used to split the request between discretionary and mandatory funding. For example, radars and other critical components were either funded in full on one side of the ledger

or the other, inconsistent with the total flyaway costs for discretionary and mandatory quantities.”

The Committee report continues, “Further, OMB made assumptions on program savings associated with executing a multi-year procurement contract, for which a corresponding legislative proposal has not been submitted, and applied all the savings to the discretionary request. As a result, the discretionary budget request actually procures a quantity of only six aircraft, rather than the 32 it purports to fund.”

Another Committee report example related to more than $43.4 billion for several critical munitions that is included in the $350 billion mandatory package. The committee said, “In many cases entering into MYP (multi-year procurement) contracts will require both discretionary and mandatory funds. The topic of accelerating munitions production has been a priority of the Department and Congress alike, though splitting funding into two funding processes could lead to incongruencies that will not be easily remedied.”

Splitting weapons programs between the discretionary and mandatory funding prevents Congress from considering requests as a whole, the Committee report says, thus preventing “effective oversight and program continuity and also to preserve production lines and commitments to industry partners and allies.”

The report adds that this year the House Committee is only considering the discretionary portion of the request, but will be “working with the [Defense] Department to ensure that budget justification materials submitted for fiscal year 2028 are adequate to evaluate the full-funding profile, regardless of funding mechanism or whether funding was previously enacted or provided in any future reconciliation package.”

The Appropriations panel report also directs attention to problems in the Navy’s shipbuilding program where the President’s fiscal 2027 budget request includes over $60 billion in discretionary funding for the Trump administration’s so-called Golden Fleet Initiative.

As the report puts it, “The Committee remains firm in its conviction that funding alone does not guarantee on-time delivery and is no substitute for sound program management and rigorous oversight. The Committee is concerned that an accelerated pace of investment, absent commensurate accountability, risks repeating the cost growth and schedule slips that have plagued nearly every major shipbuilding program in recent years.”

Getting specific, the report says, “The Committee is particularly troubled that the Navy’s cost-to-complete request for shipbuilding totals $2.6 billion in fiscal year 2027. The cumulative cost of these delays and overruns now rivals the price of the ships themselves, eroding the buying power of every dollar appropriated for new procurement. The Committee believes that the Navy has not consistently demonstrated the ability to identify, report, and correct adverse cost and schedule trends in a timely manner.”

For a remedy, the Committee “directs the Secretary of the Navy to submit a report to the House and Senate Defense Appropriations Subcommittees not later than 90 days after the enactment of this Act, and quarterly thereafter,” on each major shipbuilding program: to include the current delivery schedule, cost-to-complete with drivers of any growth; and actions the Navy has taken or intends to take to recover any schedule and contain cost growth.

The Committee report also directed the Government Accountability Office next year to assess any recurring cost growth and schedule delay across major Navy shipbuilding programs and the adequacy of the Navy’s response to identify and arrest such trends early.

The Committee also took aim at two specific submarine shipbuilding programs, starting with the Columbia-class which is the sea-based leg of the strategic nuclear triad, and the Virginia-class attack submarine.

According to the Committee report, “the lead Columbia-class submarine is delayed by as much as 18 months and that the Virginia-class program is delayed by as much as 42 months,” adding, “Delays of this magnitude present significant risk to strategic deterrence, erode undersea superiority, and degrade long-term operational availability and readiness.”

Because, according to the Committee report, “incremental funding in a constrained industrial environment serves only to introduce further risk,” the panel recommended “full funding for one Columbia-class submarine and two Virginia-class submarines.”

The House Committee report also took aim at the nascent Trump Guided Missile Battleship (BBG(X) program for which the President’s FY 2027 budget seeks $1 billion in advance procurement and $837 million in research and development funds.

The report says, “The Committee notes that the [Trump battleship] program has not finalized ship design, completed a formal analysis of alternatives, or established a stable set of requirements, and that the Congressional Budget Office has estimated the lead ship could cost in excess of $20 billion.”

The report added the Committee has cautioned in the past that “committing funding to construction before achieving design stability and solidifying requirements is a principal cause of the cost growth, schedule delay, and industrial base instability that afflict Navy shipbuilding.”

The Committee report also warned “that BBG(X), as a nuclear-powered surface vessel, will draw on the same finite pool of nuclear-capable shipyard capacity, skilled workforce, reactor components, and supplier base on which the Columbia-class submarine, Virginia-class submarine, and Ford-class aircraft carrier programs depend.”

Given the situation, the Committee said that “introducing a new nuclear surface combatant [the BBG(X)] without careful planning could compound those constraints and place at risk the delivery of [shipbuilding] programs the Committee considers higher priorities for the nuclear-capable industrial base.”

As a result, the Committee requested detailed reports from the Navy Secretary: One that “addresses the validated requirements and key performance parameters for the large surface combatant [BBG(X)]; the status of the analysis of alternatives and ship design, including a design maturity assessment and the criteria the Navy will use to certify design stability prior to any commitment to lead-ship construction.”

And a second report that deals with the “Navy’s strategy to design and construct BBG(X) without interfering with existing nuclear-powered shipbuilding programs,” and also “how the Navy will sequence and resource BBG(X) so as not to jeopardize the delivery schedules of those programs.”

If that were not enough, the Committee also added a section to the actual legislation, Section 8147, which, by law, would limit the Department of the Navy from using funds to contract to build the lead ship of the Trump-class battleship program, BBG(X), until the “Secretary of the Navy certifies to the congressional defense committees that the weapon systems planned for inclusion in such lead ship are at a sufficiently mature technology readiness level.”

In a column last April, I noted some weapons Trump wants to include on BBG(X) are still in development and any design for such a ship was at least two years away. I now repeat what I wrote two months ago, my bet is that none of these Trump-class battleships will ever actually be built.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America's Empty Counterterrorism Chair

The world's counterterrorism chiefs are meeting in New York this week. We brought a list of demands and not much else.

A plot hatched in a chat room in one country, funded from a second, carried out by a man walking into a crowd in a third – that's the shape of terrorism now. It doesn't stop at borders. It never agreed to.

That's the problem sitting in front of the world's counterterrorism chiefs this week. They're at the U.N. for the first time since 2023, and on Wednesday the General Assembly reopens the global strategy that's held this fight together for twenty years. The question on the table is simple and ugly: who's actually going to do the work?

Washington's answer lately is everyone but us. The new U.S. strategy tells allies to carry more of the load and barely bothers to dress it up – the era of America as the world's cop is over, pick up the slack. There's a fair point buried in there. Allies should pay more and do more in their own backyards.

But you can't order everyone else to step up while you're sliding toward the door. The federal center built to connect the dots between agencies has had no permanent boss since March. Homeland Security hasn't issued a national threat warning since last September. State shut down its CVE and GEC teams – the shops that countered extremist recruiting and foreign propaganda – over the past year. The FBI and Justice Department teams that chase these cases are thinner than they've been in two decades. We're lecturing the world about leadership while quietly dismantling our own.

And the chair we're vacating doesn't stay empty. The U.N.'s counterterrorism work runs almost entirely on donated money, most of it from a few Gulf states. Cut our funding and our attention, and we don't shut the operation down – we hand the pen to whoever's still paying. Their threats become the priorities. Their enemies become the targets. That swap is already underway, one budget cycle at a time.

The timing couldn't be worse, because the threat is spreading, not shrinking – splitting into more groups, in more places, every year. ISIS-K runs plots out of South Asia. Al-Qaeda's Sahel franchise has turned that region into the deadliest killing ground on the planet. Newer names – the Resistance Front in Kashmir, the Majeed Brigade in Balochistan – show how fast a local grudge now becomes an outfit with cash, recruits, and a slick media shop. You don't beat a threat like that by going it alone – and you definitely don't beat it while eyeing the exit.

So where should the allies in that room actually put their weight this week?

Start with the people nobody wants to claim: the captured fighters and their families still languishing in camps years after the caliphate fell. Bring them home, try them, rehabilitate them. It's slow, ugly, and a political grenade – and every year we dodge it, we let the next generation steep in the same poison that made the last one.

Less visible and more useful is the plumbing: shared watchlists, fingerprints, traveler data, the systems that flag a wanted man before he boards a plane. Most countries still can't run it well, and helping them will stop more attacks than any speech from a podium.

None of that touches the cheapest counterterrorism there is – the kid who never gets recruited in the first place. You can't arrest your way out of this, and the prevention programs that reach that kid early are always the first thing cut and the last thing anyone takes credit for.

And the new front: machines. Cheap drones in the hands of groups that used to throw rocks. AI that spits out propaganda in forty languages and finds a lonely teenager faster than any human ever could. The side that masters these tools first wins. Nothing says it'll be us.

Twenty years ago the world decided this fight couldn't be run one country at a time – not out of idealism, but because the math demanded it. Threats cross borders faster than any single government can chase them. The strategy up for review this week has outlived four presidents for one reason: the work got shared instead of dumped.

Walking away now, with the threat splintering and the tools getting sharper, isn't strength – it's a bet that the next attack will be polite enough to stay in someone else's country. It won't. It never has.

The allies are in the room this week. The only question left is whether we lead the table or leave it.

Dexter Ingram is a former senior national security executive who led the State Department's office for Countering Violent Extremism and served as acting director of the 89-nation Global Coalition to Defeat ISIS. He writes the newsletter Dexter Ingram: Declassified.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Don’t Permit Iran to Enrich Uranium

Ideally, Iran should not be permitted to enrich uranium, even at the 3.67% low enriched uranium level, enough for nuclear reactors to generate electricity, not a nuclear explosion. The Treaty on the Non-Proliferation of nuclear weapons (NPT) does not grant an unfettered right to enrich uranium, but even if it did, Iran’s egregious behavior should disqualify them. Indeed, the NPT recognizes the right of non-nuclear-weapons states to use nuclear energy for peaceful purposes.

Iran has approximately 970 lbs. of uranium enriched to 60% purity – enough for 12 nuclear weapons if in a few weeks enriched to 90% -- that could be down blended to 3.67% in a nuclear weapons state, like Russia, China, or the U.S. Iran may demand, but can they be trusted to down blend this uranium -- buried in deep underground hardened facilities -- themselves?

Enriched uranium for peaceful, civilian use is provided to non-nuclear-weapons states by Russia (Rosatom), France (Orano), a British-Dutch-German consortium (Urenco) and China (China National Nuclear Cooperation). This is where Iran can and should acquire their enriched uranium for peaceful, civilian purposes.

The 2015 Joint Comprehensive Plan of Action (JCPOA) was opposed by some who took issue with the sunset clause that limited enrichment to 3.67% purity for 15 years – until 2031. After that, it depended on nuclear monitors gaining the access necessary to ensure Iran was not enriching at the 20% or 60% purity levels, a few weeks from the 90% purity level necessary for nuclear weapons. The JCPOA also limited Iran to use first-generation centrifuges for 10 years – until 2026 – after which, more sophisticated centrifuges could be developed and used to enrich uranium.

But this should not be a contest between the JCPOA and whatever is decided during the upcoming 60 days of nuclear negotiations with Iran. Our focus should be on Iran and how they succeeded in convincing the U.S. and our allies and partners to trust them to enrich uranium at the 3.67% purity level for civilian use only. But Iran was enriching at the 20% and 60% levels, seemingly threatening to go nuclear, despite their stated commitment not to produce or acquire nuclear weapons. It’s now publicly known that prior to 2003, Iran had an active program to produce nuclear weapons.

The International Atomic Energy Agency (IAEA) often reminds us that their monitors in Iran were denied access to suspect non-declared nuclear sites in Iran. IAEA Director General Rafael Grossi has criticized Iran for severely restricting or denying monitors access to its nuclear facilities and losing knowledge of Iran’s nuclear materials, thus unable to verify that their program was exclusively peaceful.

But it’s more than the NPT and Iran’s so-called right to enrich uranium. It’s about the regime’s evil behavior. In 1984, the U.S. designated Iran the leading state sponsor of terrorism, providing funding, weapons, training, and sanctuary to numerous terrorist organizations. Their control of and support to Hezbollah, Hamas and the Palestinian Islamic Jihad, and the Houthis and the thousands of innocent people killed by these cowardly terrorist organizations should not be forgotten.

Iran’s brutal treatment of its own people – the Green Movement in 2009, the Women Life Freedom Movement in 2022, and the 2025-2026 Protests – and the use of lethal force to crush any anti-government dissent should not be forgotten.

This is the Iran we’re dealing with. Indeed, is this the Iran we can trust to enrich uranium at the 3.67% purity level for civilian, peaceful use?

As we prepare for the 60 days of nuclear negotiations, Iran’s theocracy must feel good about the $300 billion they will get for reconstruction and economic development, and the lifting of sanctions to permit them to sell crude oil and diesel on the open market, and according to the Wall Street Journal, the unfreezing of $100 billion for humanitarian use and Qatar’s immediate release of $6 billion. And of course, the lifting of the 2-month U.S. blockade of Iran.

Iran’s supreme leader, Mojtaba Khamenei, said President Donald Trump acted “out of desperation” to secure the agreement with Iran, while Iran acted “out of compassion and goodwill” to reach the agreement.

Iran’s ballistic missile program and support to proxies should follow our scheduled 60 days of nuclear discussions with Iran. These programs are a threat to the region.

Clearly, Iran cannot be trusted to enrich uranium.

The author is a former Director of the National Counterproliferation Center. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This article was originally published in The Washington Times and is republished here with permission.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The AI Bubble and the Growing National Security Problem

The AI bubble is not a capability bubble. It is an expectation bubble. National security leaders are treating AI as a replacement for analysts, engineers, and tradecraft when it is really a volatile acceleration layer that still requires human judgment, security controls, and cost discipline.

The current state of AI is defined by inflated assumptions. Vendors overstate capability, users over-delegate judgment, and policymakers react to controlled demos as if they represent real-world operational power. The Mythos/Fable incident shows how quickly that confusion can become policy: the U.S. government treated access to a commercial model as a national-security transfer, forcing Anthropic to restrict access to its premier systems.

The problem is not that Mythos is too powerful. The problem is that institutions are starting to make decisions as if the marketing copy is reality. These systems are powerful, but they are not independent thinkers.

AI can surface information at extraordinary speed. It can summarize documents, generate code, translate foreign-language material, identify patterns, and automate repetitive tasks — but it cannot create new ground truth. It cannot determine whether a piece of intelligence is reliable, whether a cyber operation is lawful, or whether an analytic conclusion is strategically sound.

This is where the national-security conversation is going wrong. The debate keeps treating model capability as operational capability. They are not the same. A model that can describe a vulnerability is not the same as an operator who can exploit it. A model that can summarize a document is not the same as an analyst who can assess it. The more powerful these systems become, the more dangerous that distinction becomes.

AI does not exercise judgment, understand mission context, or carry accountability. It is an acceleration layer, and in the hands of trained users, it compresses time and expands reach. In the hands of institutions that mistake output for truth, it will accelerate error, overconfidence, and bad policy.

The bubble is bursting, but not because AI failed

The AI bubble is bursting because organizations bought the wrong story. They thought they were buying replacement labor. What they actually bought was an expensive, overconfident junior assistant: impressive in the interview and with first drafts, but unreliable when placed inside workflows that require judgment, context, and accountability.

Despite the rhetoric of AI replacing jobs, companies are starting to confront a harder reality: these systems can accelerate work, but they do not eliminate the need for people who understand the work. The danger is not simply that AI will produce bad output; the danger is that institutions will mistake that output for finished analysis.

AI is not cheap labor

AI is often sold as cheap replacement labor. The reality is much more nuanced: in proactive it is an expensive acceleration layer that still requires human judgment, review, and correction. At Shadow Nexus, we have AI integrated as a portion of our solution, but it is not the capability itself. Using AI in this manner helps us unlock information hidden in data that would be difficult to reach manually. But this has only worked because our tools requires a human to be involved every step of the way – providing course correction and validation.

That's what makes the "fully autonomous" pitch so misleading. The autonomy is really a system that, left unchecked, is prone to make mistakes and inflate costs.

Microsoft researchers recently tested how major frontier models perform in delegated workflows. They found that even frontier models corrupted an average of 25 percent of document content after 20 back-and-forth interactions, while the average across all tested models was about 50 percent degradation. Degradation worsened with larger documents, longer interactions, and distractor files.

The test was simple: give the model a document, ask it to make an edit, then ask it to get back to its original state. A reliable delegate will returns the document close to its original form. Instead, the errors compounded — like making a photocopy of a photocopy until the original slowly disappears.

The problem is further compounded by the constantly changing pricing model. Anthropic's Opus 4.7 tokenizer increased token usage by up to 35 percent (meaning the same text put into Opus 4.6 would require 35% less tokens). Then with the introduction of Fable 5 only a few months later, Anthropic doubled the published token price.

This rapid increase represents a serious procurement problem for corporations and government customers alike. Agencies can budget for seats, licenses, and fixed contracts. It is much harder to budget for agentic workflows that expand unpredictably through context growth, tool calls, retries, failed tasks, and human rework. That is not just sticker shock. It is meter opacity.

The Tradecraft Problem

Cost is only half the problem. Even at a price you can predict, AI introduces a subtler risk: it produces polished mistakes at scale — and in analytic environments, a polished mistake is far more dangerous than an obvious one.

AI hallucination is not just a chatbot problem. It becomes an institutional risk when generated text enters official documents, legal analysis, or intelligence reporting without source-level verification. Recently, Deloitte Australia agreed to partially refund the Australian government after a report it produced was found to contain AI-generated errors, including nonexistent references and fabricated quotes from a federal court judge.

For intelligence work, the analogy is obvious. A hallucinated citation is not a formatting error, it’s a provenance failure – and a hallucinated provenance chain can contaminate judgment, mislead decision-makers, and jeopardize missions. Don’t misunderstand me: This does not mean AI should be kept out of intelligence work. It means the tradecraft needs to evolve.

AI can be a force multiplier when used to accelerate research, translation, link analysis, and other repetitive analytic tasks - but it should not be treated as a replacement analyst. It has no concept of a larger context, which means it can’t understand legal authorities, operational risk, or true mission context. Those responsibilities still (and should always) belong to people. The right model is not “AI instead of analysts,” it is analysts using AI inside workflows. This requires changing the tradecraft to include a completely new way of thinking.

Which lands a government customer in an impossible spot: how do you adopt and rely on a tool that you can neither fully trust nor accurately budget for?

Government Adoption and the Rising China Problem

For both government and commercial users, the obvious response to rising AI costs is to move towards publicly available "open-weight" models. Systems like GLM-5.2 and Qwen-3.7 now rival the most advanced commercial models, improving cost predictability while keeping sensitive workflows inside government-controlled infrastructure. The catch: they're all designed and shipped from China.

That's what makes the recent Anthropic fight so revealing. Earlier this year, the Pentagon reportedly designated U.S.-based Anthropic a supply-chain risk after a dispute over its safeguards and military use of its models — even as China's GLM-5.2 ranks among the top systems on the market, just behind Anthropic's own Fable 5, with Alibaba's Qwen not far behind.

This is the irony the policy debate: government is trying to regulate a technology it doesn't fully understand, and much of that fear is driven by marketing. Fable 5 is powerful — but so are Opus and GPT-5.5. In the hands of a seasoned user, GPT-5.5 does just as much. As with every new technology, the danger isn't the tool. It's the user.

Meanwhile the drift is already underway. Microsoft recently signaled it may leverage China's DeepSeek model, even as the U.S. weighs blacklisting DeepSeek as a supply-chain risk. Assigning a supply chain risk to U.S. companies feels like an overstep when the trends show organizations moving toward models developed and controlled by adversarial nations.

AI is not going away, and no branding fight or access restriction will change that. The United States should treat AI as the new standard tool for analytic and operational work. But that is all it is: a tool. At its best, it's a starting point — a way to draft, accelerate research, and move faster through large volumes of information. That is also where the handoff to a human has to happen.

The Microsoft research and the Deloitte case are the warning. Left alone, generative AI does exactly what it is built to do: generate plausible output, regardless of accuracy. That risk only compounds as agencies look past closed U.S. models toward open-weight systems built by adversaries.

What happens when the model itself has been trained to nudge its answers — quietly, in a direction someone else chooses? Left uncaught, that kind of slow and deliberate data poisoning can corrupt the very work it's meant to support. That is the real supply-chain risk.

The real work should not be choosing which models we're allowed to use — it should be building the judgment to use them, and not mistaking model names for national-security strategy.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

DNI Day Two: Building the Intelligence Community for 2045

Author's Note

In our first paper, DNI Day One: Three Strategic Decisions for National Security Evolution, we identified three challenges confronting the next Director of National Intelligence: enterprise leadership, resource alignment, and strategic competition. This paper focuses on the reforms most likely to improve the Intelligence Community's ability to meet those challenges.

The recommendations that follow are not intended to be exhaustive. Rather, they represent structural changes that could have disproportionate impact across the Intelligence Community: refocusing ODNI on total enterprise leadership, modernizing how intelligence investments are governed, and creating a mechanism to identify and resolve the institutional seams that America's adversaries increasingly exploit.

Reasonable observers may disagree on the specific solutions proposed here. However, the need for reform is becoming increasingly difficult to ignore. Twenty years after the creation of ODNI, the Intelligence Community faces a fundamentally different operating environment shaped by strategic competition, commercial innovation, artificial intelligence, and increasingly integrated threats. The challenge is not whether the nation needs intelligence reform, but where leaders should focus their attention to achieve the greatest enterprise impact.

Recommendation 1: Return ODNI to its Community Management Roots

We do not recommend eliminating the Office of the Director of National Intelligence. The need for a senior intelligence leader responsible for integrating the Intelligence Community remains as important today as it was when leaders such as Sam Nunn and Richard Lugar first advocated for reform in the 1990s. The failures exposed by the attacks of September 11, 2001, demonstrated the limitations of the existing Community Management Staff structure and ultimately led Congress to establish the DNI.

The challenge today is not whether the nation needs a DNI. It is whether ODNI is organized to perform its most important functions and has the correct authorities and oversight functions to truly lead the intelligence community.

The next DNI should undertake a deliberate reevaluation of ODNI’s mission and functions to refocus the organization on its original purpose: enterprise leadership, integration, resource alignment, and community management. Functions that primarily execute intelligence missions, including analysis, collection activities, and intelligence operations, should be performed by agencies whose core mission is operational execution. ODNI should focus on the responsibilities that only an enterprise integrator can perform.

Specifically,

Conduct a 90-day review of all ODNI organizations against a simple standard: Does this function uniquely require an enterprise integrator? The review should be led by a small panel of respected former intelligence leaders and provide recommendations to both the DNI and Congress. This would include specific evaluations of the transfers of NCSC and NCTC, both of which have been periodically discussed.

Transfer mission execution functions that do not require ODNI ownership to the agencies best positioned to perform them.

Reestablish National Intelligence Managers as true enterprise leaders responsible for integrating priorities, collection, analysis, partnerships, workforce planning, and resources.

Rebuild the ODNI as a modern Community Management Staff focused on enterprise integration, technology governance, workforce planning, and resource alignment

Why

ODNI's greatest value is ensuring that the Intelligence Community performs its missions effectively. The DNI should be a leadership and service organization rather than another operational intelligence entity. The Intelligence Community needs a strong enterprise manager capable of aligning priorities, resolving disputes, integrating capabilities, and driving accountability across agencies.

The Intelligence Community's most significant challenges, including artificial intelligence, commercial data integration, workforce modernization, and emerging technology governance, require enterprise leadership. ODNI should lead these efforts.

Recommendation 2: Integrate the Civilian and Defense Intelligence Enterprises and Modernize Intelligence Investment Governance

The next DNI and Secretary of Defense should establish a shared leadership model for integrating the Intelligence Community's civilian and defense intelligence enterprises. As part of this effort, the Under Secretary of Defense for Intelligence and Security (USDI&S) should serve as the Deputy Director of National Intelligence, creating a direct leadership link between the Office of the DNI and the Defense Intelligence Enterprise.

Together, the DNI and Deputy DNI should establish and co-chair an Intelligence Investment Board responsible for enterprise-level investment decisions in areas where national and military intelligence requirements increasingly overlap, including:

Artificial intelligence and advanced analytics;
Commercial data and data acquisition;
Space-based intelligence capabilities;
Cloud infrastructure and computing environments;
Enterprise architectures and interoperability standards;
Open-source intelligence data procurement;
Collection modernization, including human intelligence

The Board should review major intelligence investments through an enterprise lens, identify opportunities to eliminate duplication, establish common standards, and ensure that capabilities serving both national and military missions are developed and funded as integrated priorities.

Over time, Congress should direct a formal review of the National Intelligence Program (NIP) and Military Intelligence Program (MIP) construct with the goal of transitioning from separate budget categories toward a capability-based investment framework that better reflects how intelligence is collected, analyzed, and delivered in the modern operating environment.

Why

The Intelligence Community has made significant progress integrating its civilian intelligence agencies over the past two decades. Less attention, however, has been paid to fully integrating the broader Defense Intelligence Enterprise, including DIA, the military services, Combatant Commands, and Joint Staff intelligence organizations. Collectively, these organizations represent the majority of the Intelligence Community's personnel, collection infrastructure, and operational intelligence capabilities.

The current structure creates an inherent challenge. The DNI is responsible for leading the Intelligence Community, while the Under Secretary of Defense for Intelligence and Security is responsible for oversight, guidance, and policy across the Defense Intelligence Enterprise. Yet, many of the capabilities that will define future intelligence advantage increasingly serve both national and military missions.

Artificial intelligence, commercial data, space-based collection, cloud infrastructure, and advanced analytic platforms do not neatly align with traditional organizational boundaries. They support policymakers, military commanders, intelligence analysts, and operational forces alike. Maintaining separate governance and investment decisions for capabilities that serve both national and military missions risks duplication, slows modernization, and increases costs.

We recognize that proposals to further integrate intelligence governance between ODNI and the Department of Defense may raise concerns about authorities, resources, and departmental equities. This recommendation is not intended to diminish the Department's role in intelligence or transfer operational control away from Defense organizations. Rather, it reflects the reality that much of the nation's intelligence capability already resides within the Defense Intelligence Enterprise and that effective enterprise leadership requires a governance structure that fully incorporates those resources.

Nor is this recommendation fundamentally about transferring budget authority between organizations. Many of the capabilities discussed in this paper already support missions identified as national intelligence responsibilities under Executive Order 12333 while simultaneously enabling military operations. The challenge is not determining who owns the mission. The challenge is ensuring that enterprise investments are prioritized, governed, and integrated in ways that serve both national and military decision-makers.

To support this integration effort, the Intelligence Community should adopt several enterprise principles.

The DNI and Deputy DNI should jointly establish intelligence priorities and investment guidance. As part of this effort, the National Intelligence Priorities Framework should be modernized into an Intelligence Priorities Framework that reflects the reality that many of today's intelligence challenges span both national and departmental missions. Priorities should be organized around mission outcomes and decision advantage rather than institutional ownership.

The Intelligence Community should pursue acquisition reform focused on enterprise outcomes. Today, agencies often procure similar data, software, cloud services, and analytic capabilities through separate contracts, acquisition strategies, and governance processes. The result is unnecessary duplication, higher costs, slower technology adoption, and inconsistent access across the enterprise. The Intelligence Investment Board should promote joint procurement strategies, establish common requirements where practical, and leverage the collective buying power of the national and defense intelligence enterprises. The goal is a more coordinated approach to acquiring capabilities that support shared missions.

The Intelligence Community should treat commercial capabilities as foundational intelligence infrastructure rather than niche enhancements. Commercial space systems, artificial intelligence, cloud computing, advanced analytics, and open-source intelligence capabilities are no longer supplementary tools. They increasingly form a core infrastructure upon which intelligence advantage depends.

Finally, the Intelligence Community should deepen its engagement with industry, academia, and the broader innovation ecosystem through formal executive and technical exchange programs. Despite decades of outreach initiatives, advisory boards, and pilot programs, the government continues to struggle with integrating commercial innovation at the speed of relevance. Time-limited assignments for leaders from industry, academia, and venture-backed technology firms, coupled with opportunities for intelligence professionals to gain experience in the commercial sector, would help close this gap. These exchanges should operate under rigorous ethics and conflict-of-interest safeguards and be tied to specific objectives such as technology adoption, acquisition reform, commercial integration, and workforce modernization.

For the first time in Intelligence Community history, much of the innovation that will determine future intelligence advantage is being driven outside government. The Intelligence Community's governance, investment, acquisition, and talent management models must evolve accordingly.

Recommendation 3: Establish Strategic Competition as a Core Community Management Function

The next DNI should designate strategic competition as a core Community Management responsibility and direct the Deputy DNI to establish a formal enterprise process for identifying, prioritizing, and resolving the intelligence, counterintelligence, information-sharing, technology, and operational seams that America's adversaries routinely exploit.

This recommendation does not require the creation of a new mission center, operational office, or permanent bureaucracy. Rather, it should be accomplished through a realignment of existing ODNI Community Management responsibilities, leveraging the National Intelligence Managers, Mission Integration organizations, and existing interagency coordination mechanisms.

The Deputy DNI should be responsible for leading this effort in close partnership with the Federal Bureau of Investigation and the Chairman of the Joint Chiefs of Staff, reflecting the reality that strategic competition increasingly occurs at the intersection of foreign intelligence, domestic security, counterintelligence, and military operations.

The objective should be straightforward: identify where institutional barriers are preventing the United States from effectively developing strategic competition options and assign responsibility for resolving those barriers.

The Deputy DNI should provide regular updates to the DNI, Director of the FBI, Chairman of the Joint Chiefs of Staff, National Security Advisor, and congressional oversight committees identifying:

The most significant intelligence integration challenges affecting strategic competition.
Progress in resolving identified institutional barriers.
Recommendations requiring policy, resource, legislative, or executive action.
Remaining risks to national security resulting from unresolved seams.

The effort should establish annual priorities focused on key strategic competitors, beginning with China, Russia, and Iran, and develop measurable objectives tied to enterprise integration and operational outcomes.

Measures of effectiveness should include reductions in information-sharing delays, improvements in technology protection, increased intelligence support to operational missions, improved integration across agencies, and demonstrable disruption of adversary activities.

Why

America's strategic competitors already operate as integrated national security enterprises. They do not distinguish between intelligence collection, technology acquisition, economic competition, cyber operations, influence campaigns, espionage, military modernization, and industrial policy. They employ all instruments of national power in a coordinated manner to advance national objectives.

The United States, by contrast, often organizes its responses through institutional, legal, budgetary, and bureaucratic boundaries that were designed for a different era. As a result, adversaries frequently exploit the seams between foreign intelligence and domestic security, intelligence and law enforcement, technology protection and economic policy, cyber defense and traditional intelligence operations, and national and military intelligence activities.

Intelligence support to strategic competition increasingly requires enterprise leadership capable of integrating activities across the Intelligence Community and identifying barriers that no single organization has the authority or perspective to address independently. This responsibility naturally belongs within ODNI's Community Management function. Strategic competition is fundamentally an enterprise integration challenge. It requires leadership capable of aligning priorities, resolving disputes, integrating capabilities, and ensuring that intelligence activities contribute to broader national objectives.

Also, the DNI, working closely with the FBI and the Chairman of the Joint Chiefs of Staff, is uniquely positioned to bridge the foreign-domestic and intelligence-operations divides that adversaries increasingly exploit.

Ultimately, the Intelligence Community must evolve from simply informing policymakers about adversary campaigns to providing options for the US to compete effectively against adversaries. Strategic competition is the defining national security challenge of the twenty-first century and should be treated as a core Community Management responsibility.

The Ultimate Test of ODNI: Measuring Enterprise Success

As the enterprise leader of the Intelligence Community, this new DNI should demonstrate not only value to Congress and the Executive Branch, but also measurable value back to the agencies, departments, and professionals that comprise the Community. The ultimate test of ODNI's effectiveness is not how many directives it issues, how many meetings it convenes, or how many organizations it oversees. It is whether the Intelligence Community operates more effectively because ODNI exists. The ability to demonstrate measurable outcomes across the enterprise may ultimately be the strongest answer to the recurring question that has followed ODNI since its creation: Does the nation need a DNI? We believe that answer is yes, but that value should be visible, measurable, and attributable.

Specifically, the DNI should be able to demonstrate measurable progress in the following areas to share with OMB, Oversight and the Public:

• Enterprise Priority Alignment
Can the Intelligence Community rapidly align collection, analysis, and resources against emerging national security priorities without creating new organizations or duplicative structures?
(Example: Intelligence Community resources were redirected within weeks to support a Taiwan crisis, major cyber incident, or emerging Arctic challenge without establishing a new task force or mission center.)

• Resource Integration
Has the Intelligence Community reduced duplicative investments and improved enterprise decision-making across the National Intelligence Program and Military Intelligence Program?
(Example: Enterprise licensing and coordinated procurement reduced duplicative commercial data purchases by $15 million annually while expanding access to multiple agencies.)

• Technology Adoption
Has the time required to identify, procure, accredit, and operationalize new technologies been reduced?
(Example: The average timeline for deployment of AI-enabled analytic tools decreased from 24 months to less than 12 months.)

• Commercial Integration
Can commercial capabilities, data, and services be incorporated into intelligence missions at the speed of relevance while maintaining security, interoperability, and mission assurance?
(Example: Commercial GEOINT, RF, maritime, and financial data became available through enterprise contracts rather than separate agency purchases.)

• AI Enablement
Has the Intelligence Community successfully integrated artificial intelligence into collection, processing, exploitation, analysis, and dissemination workflows while preserving human oversight and accountability?
(Example: AI-assisted workflows reduced imagery exploitation timelines by 50 percent while maintaining analytic quality standards.)

• Strategic Competition
Can the Intelligence Community identify, expose, disrupt, and provide options to impose costs on adversary campaigns that span intelligence, cyber, economic, military, and informational domains?
(Example: Intelligence support enabled the disruption of a foreign technology acquisition network or exposed a coordinated foreign influence campaign.)

• Warning and Decision Advantage
Are policymakers, military leaders, and operators receiving integrated intelligence faster and in forms that improve decision-making?
(Example: Strategic warning identified adversary military preparations or cyber activity days earlier than historical performance benchmarks.)

Conclusion

Twenty years after the creation of ODNI, the Intelligence Community faces a fundamentally different operating environment than the one that existed following the attacks of September 11, 2001. Strategic competition, artificial intelligence, commercial innovation, and increasingly integrated threats are challenging many of the assumptions that shaped intelligence governance over the past two decades.

The recommendations outlined in this paper are not intended to redesign the Intelligence Community. Rather, they focus on three areas where reform could produce disproportionate enterprise impact: returning ODNI to its Community Management roots, modernizing how intelligence investments are governed across the national and defense intelligence enterprises, and establishing strategic competition as a core Community Management responsibility.

Taken together, these reforms would strengthen the Intelligence Community's ability to compete more effectively against increasingly sophisticated adversaries. Most importantly, the reforms can largely be accomplished through leadership, governance, and organizational discipline rather than the creation of new bureaucracies or increased resources.

The Intelligence Community does not suffer from a lack of talent, authorities, or capability. Its greatest challenge is ensuring that its capabilities are organized and integrated for the environment it faces today rather than the one it inherited twenty years ago. The next DNI has an opportunity to help lead that transition.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why One Former CIA Executive Never Stopped Playing

When I was three years old, I fell in love with the violin thanks to an unlikely duet between Itzhak Perlman and a grumpy green Muppet. Watching Perlman’s bow dance across the strings on Sesame Street, I was transfixed. I turned to my parents and announced with all the gravity a toddler can muster, “I want to do that.”

After months of pleading, they relented. That decision didn't just set me on a musical path; it quietly forged my philosophy on joy, participation, and what it means to keep a passion alive for the long haul.

I grew up in a large Irish Catholic family I’d lovingly describe as having “no talent and no shame.” We sang off-key with fervor and staged wildly uncoordinated talent shows every Thanksgiving. While my classmates practiced scales with laser focus, eyeing the first chair in elite orchestras, I played jigs because I liked the way they felt. In my high school orchestra, I sat deep in the second violin section, a world away from the concertmaster’s chair. I wasn’t the best player—far from it—but I loved the sound and being part of a group playing something beautiful, together. That love kept me playing long after others burned out chasing perfection.

After college, I drifted away from the rigid lines of classical music and found my way into the warmth of folk. Dimly lit pub sessions replaced formal concert halls. In that world, you have to listen—to the melody, to the room, to the person across from you—and find your place in the collective sound. I didn't have the fastest fingers or the flashiest solos, but I discovered something vital, I was a great second fiddle.

In folk music, "second fiddle" isn’t a demotion; it’s an art form. It is the realm of harmony, texture, and support. It is the work of making a song richer without needing to be the center of gravity. Without sheet music to guide you, you must listen closely, respond in real time, and improvise. It is collaborative and intuitive—and, for me, far more satisfying than any solo.

Somewhere along the way, I also became the person who started bands. Most recently, I founded the DC-based Irish folk group Celtic Underground, but the spark was lit years earlier at Camp Lejeune. While our husbands were stationed there, I convinced three other Marine wives on my street to join me on my deck for some St. Patrick’s Day music. We lived in officer housing in a neighborhood called Paradise Point, so we jokingly called ourselves The Paradise Pints.

Our skills were ramshackle at best, but we ended up anchoring the neighborhood. The community of Marine officers didn't realize they needed an Irish pub band until they had one. Before long, we had generals singing songs about whiskey at the Officers’ Club on Friday nights. It has been more than five years since I moved away, but the band I started on that front porch is still going strong with a whole new crew of Pints.

I didn't start these bands because I had a grand vision or because I was the most talented person in the room. I did it because I wanted to play music with people, for people (and, selfishly, if I started the band, no one could cut me). I set the tone, picked the tunes, and booked the gigs.

Many of the musicians I gathered were extraordinarily talented—often much more so than me—but they were busy adults with full lives. They were parents and professionals who weren’t going to spontaneously join an Irish band unless someone made it easy and welcoming. When invited into something joyful and low-pressure, they said yes. They were happy to improvise through a new song or learn the bodhrán by watching a YouTube video.

Even in the bands I led, I stayed in the supporting parts. I played second fiddle, sang harmonies, and occasionally moonlighted on the tin whistle. I gravitated toward the background not because I lacked ability, but because that’s where I added the most value. Musically, I wasn't the star, but the band existed because I made it exist.

I noticed this pattern repeating in the most unlikely of places: my professional life. In that world, I was a planner, an overachiever, a list-maker. Up until last year, I was a senior executive at the Central Intelligence Agency, doing hard, complex work and running a large office. I had a seat at the table for key national security decisions, the opportunity to travel the world, brief Presidents. For a long time, I thought I was striving to be the first violin—the concertmaster of a very different kind of orchestra.

Yet, as I reflect on that career, I realize I was rarely the smartest person in the room, nor the one with the deepest technical proficiency. I was "good enough" at the core tasks, but I never truly stood out for my expertise alone. I was "just Meredith." But I kept getting promoted.

It made me wonder: did I achieve what I did because I followed the rules and plowed through to-do lists? Or did the success come from the more intangible things? Just as in a folk session, I thrived because I was the "natural glue." I found joy in stressful situations, understood the changing dynamics of a room, and looked for ways to empower colleagues whose strengths differed from my own. I brought in talented people to work for me and then let them shine. I focused on creating a result that was more than the sum of its parts, and I did it without losing the joy or taking myself too seriously.

Now, as a mother of three in my mid-forties, I play the fiddle several times a week. We tune up in living rooms and Irish pubs around Washington, on small stages and at regional folk festivals. Last year, playing the Takoma Park Folk Festival felt like my biggest career highlight of 2025—a metric that would have baffled my ambitious younger self.

This year, our band is recording our first album. We didn't do it because we suddenly felt "ready" or found a surplus of extra time. We did it because we put it on the calendar, booked the studio, and decided to make it happen.

We live in a culture that prizes being first: first place, first chair, first to speak. But many meaningful parts of adult life don’t disappear because we aren’t "good enough" to continue. They disappear because no one makes room for them anymore.

Sometimes I think about the concertmaster from my high school orchestra—the virtuoso who practiced for hours every day. I wonder if he still plays, or if music became just another achievement to measure, another obligation that eventually fell away. I don’t know the answer. But I know why I’m still here.

Music stayed in my life because I chose participation over perfection. I valued continuity and community over virtuosity. I was willing to start something, show up consistently, and take a supporting role if that’s what kept the group going. I was never the flashiest player, but decades later, I’m still here—still finding the joy in the harmony.

Second fiddle, it turns out, was exactly the right place to be.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

What Iran Wants and How It Can Still Fight

U.S. Vice President JD Vance is touting success out of the latest round of talks in Switzerland focused on seeking a permanent end to the war in Iran. But despite his description of a “very, very good day” of negotiations on Sunday, Iran is denying that it has made any new agreements. It’s more of the same inconsistent messaging the world has become accustomed to over the past three months since the U.S. and Israel launched attacks intended to eliminate Iran’s nuclear program.

Since that time, Iran's supreme leader was killed, the Strait of Hormuz was shuttered and the world has witnessed the largest oil-supply disruption on record.

Now, the United States and Iran are working from a 14-point memorandum of understanding that was signed on June 17, meant to bring the conflict to a formal close within the next 60 days. But will it work and what does Iran stand to gain in the interim?

Cipher Brief CEO & Publisher Suzanne Kelly spoke with former National Intelligence Manager for Iran Norman Roule - who travels regularly to the region for meetings with high-level officials - about what Iran really wants, the impact that a slow-moving and fragile negotiation process could have on near-term energy markets and the tools Iran still has left in its arsenal.

Our conversation has been edited for length. You can watch the full conversation on The Cipher Brief’s YouTube channel.

THE INTERVIEW

Kelly: What does Iran need from this current round of talks?

Roule: Tehran has a new government that needs to prove that it is strong, stable and capable of standing up to its adversaries. And that means upfront, that it can't be perceived as weak, or caving to the United States. Like it or not, the new Supreme Leader cannot sign off on a document that makes him look weak. And if you wish to have diplomatic progress, you're going to have to swallow the fact that a document's going to have to look like something the Iranians can leak and put out publicly and say, ‘we achieved this’. And that just gets you in the room.

The second point is that we're talking about issues that are existential for the regime itself, though not existential for Iran. The country's not going to evaporate. But for the regime, its role with militias in the region, revolution, power projection, keeping down the nationwide unrest - it needs financial relief, it needs to be able to sustain its proxies, it needs to be able to push back on Western military presence in the region. It's negotiating on life and death issues, so it's not going to make any fast decisions.

On the Iranian side, their point is, ‘if we give up a nuclear program, we're giving up our leverage forever’. Sanctions relief is something they need now to sustain the government's survival. They’re not going to give up on the proxies in the region and allow Israel to have a victory. These are real issues in their world, and the administration is just stuck with that reality.

Kelly: How are you looking at U.S. - Israel relationship right now and how significant is the Lebanon issue to reaching any kind of final agreement between the U.S. and Iran?

Roule: This is profoundly complicated. It is as complicated and as consequential as the Strait of Hormuz has been in the actual conflict itself. So let's break this into a couple of pieces.

We now have, as has been predicted for almost two decades, a Revolutionary Guard-dominated government in Iran. There's never been any surprise that the government of Iran would move into a military-dominated government. This war did not produce something that wouldn't have happened by any reasonable analyst’s projection. There was never going to be a reform or moderate government in Iran, period. But that type of military government is going to use two types of tools; military and asymmetric tools.

We've destroyed their entire military. They now have only asymmetric tools left, which they have relied upon for their entire history going back to the 1980s. What are Iran's asymmetric tools? Missiles, mines, drones, cyber tools, and proxies.

The previous government did not defend the proxies when they were attacked by Israel, and the proxies were heavily damaged. That would not have been a choice of the Revolutionary Guard, which is now dominating decision making.

One of the first decisions this government communicated when they talked about the war, that was repeated by President Pezeshkian, and repeated by Javad Zarif in his foreign affairs document was, ‘We're standing up for Lebanon’. Now remember, the Lebanese government, the Lebanese president has said, Iran, we want none of you here. In fact, they've tried to throw out the Iranian ambassador, and he won't leave. That's a very strange situation.

The Iranian government is in essence, is saying, ‘We have a role in protecting our proxies in the region’. Lebanese Hezbollah is only one part of this. There will be no difference between Lebanese Hezbollah, Iraqi Hezbollah and the Houthis. So by doing this, Iran is, in essence, showing power projection and its role in sustaining its proxies.

Now here's the problem. The deal was signed by Iran and the United States, but we're holding Israel accountable to live up to this agreement. Now from the Israeli perspective, they're dealing with Iran, a country that does write, "Death to Israel," in perfect Hebrew on its missiles - and they have a very different political and operational paradigm. But in fairness, they have Hezbollah that does shoot into their country. They have thousands of civilians who have had to move, and their position is that they have to defend themselves.

The question becomes, ‘Is there a Goldilocks zone where their defense can be conducted in a way that doesn't upset a diplomatic apple cart on our side?’ And the Iranians, in essence, can then control the entire process by saying, ‘We're not going to cooperate unless Lebanon is part of this’. So what they're trying to do is not only retain power in the region, but they could use this process to push the United States and Israel into friction against each other, and it has been working.

So what does this mean? This means that a Hezbollah captain or a sergeant - can fire some rockets into Tiberias, or some other Israeli city, kill people, which has happened in the last week and the Israelis respond against that position or other positions - and they have a position of non-proportional response to say, ‘You hit us, we'll hit you bigger so you don't do it again’.

The Iranians then say, ‘What are you going to do? The Israelis are killing civilians’, which has happened in Lebanon.

So now there is intense diplomacy behind the scenes. There's criticism from the United States for the first time, in a very loud way, against Israel, and there is tension. And not for the first time. We had former President Ronald Reagan, we had former President George Bush criticize the Israelis in the past. This administration will absolutely defend Israel and ensure it gets the weaponry it needs to defend itself, but you're seeing political tensions that Iran has been able to manipulate.

I would say it's a mistake to allow Iran any voice in Lebanon. And the international community, including the Arab world, has not done enough to say, ‘Iran, you have no role here. Go away.’ And at the same time, because we failed to do that, just as we failed to dominate the Strait of Hormuz early on, we're going to have some terrific consequences that perhaps may even compromise the success of this diplomatic initiative.

Kelly: I do want to focus on the Strait of Hormuz for a few minutes. There are some competing narratives out there in the energy markets on the near-term supply of oil. How are you looking at the near term oil supply given that we don't really have an agreement yet and it's very difficult for anyone to predict when we might?

Roule: We have to break this into pieces. What we've seen in the last few weeks has been an increase in traffic through the Strait of Hormuz rather than through the Oman side, an informal arrangement with the United States and a number of shippers, and that has reduced pressure on oil markets.

The fact that the Chinese have reduced their purchases has also had a significant impact on oil markets. In the wake of this agreement, we've seen a short spike in the amount of shipping and we've seen gas vessels go into the Gulf to reload, which is important. We've seen movement from multiple ships.

However, this is nowhere near enough. You, in essence, have three different dynamics taking place.

First, the Strait of Hormuz remains mined, and it will take some time to demine this, although less time for us to clear a lane and to say that lane is clear. Insurance companies and shippers are going to seek a certificate or some sort of statement by a world navy to say this lane is clear and it's safe, and then to see a number of ships move through it, and that will cause rates to go down.

Right now, there actually aren't that many ships available to move non-state oil through the Strait of Hormuz. So you haven't seen as much oil go out. And then whenever there's a spike in tension, such as we've seen with Lebanon, you actually see shipping drop. So we've seen shipping drop overnight.

Now once oil comes out, the world will see a lot of oil, prices will drop, and we've seen the market do this. There are a couple of problems though.

We've drawn down enormously on our world's stockpiles. If prices are a little high here, they're much higher in Asia. We've had rationing, governments have shut down, factories have shut down some of the processing in these countries. These countries are going to have to rebuild their stockpiles.

So strangely, as the oil increases in its quantity, we may actually see prices go up a bit as they try to absorb this oil and rebuild those stockpiles. Plus this 60-day ceasefire does not look like it's going to be very successful at present, which means you're going to see countries say, ‘I need to build more faster to get those stockpiles up. Right now, let's not put this oil out there.’

So in the short term, prices are going to come down. They’ll stay in the 80s right now, maybe high 70s. In the longer term, you're probably going to see a bump up. As I've said for a while, late June - July is going to be a tense point. A $10-ish premium is probably going to be likely for a while as countries think of security, stockpile requirements and additional pipeline construction.

Once you get into 2027, you start getting into the possibility of a glut. I would be a little careful at that point because, yes, a glut is possible. But this does depend upon China not purchasing a lot more. This does depend upon continued stability and geopolitics. This does depend upon the international community not picking up its purchases and in the United States continuing to produce at a high level.

So maybe in a few sentences, Short term: prices will continue to go down. Medium term: we shouldn't be surprised if there's a bump up because of stockpile replenishment. A glut in '27 is possible, but we should be careful about saying that it's guaranteed.

Kelly: I'm always asking you what the rest of us aren't focusing on - that you are. I'm curious about the Iraqi militias and the attacks on the GCC countries. How are you viewing the importance and the significance of this and what do you think needs to be done to keep monitoring this?

Roule: It's a story that has not received sufficient attention. There were multiple strikes by Iraqi militias on the GCC during this conflict. There were multiple strikes by Iraqi militias on Iraq during this conflict. The Iraqi militias are clearly trained, and to a sufficiently large extent, under the control of the IRGC.

The United States has invited the new Iraqi leader to Washington. He is a compromised candidate so he is more acceptable than the more pro-Iranian candidate in the past, but he is still acceptable to the pro-Iranian camp within Iraq itself. The administration has sanctioned, I think, the deputy Iraqi minister of energy. And they're going to no doubt continue to pressure Iraq to cut and reduce its ties to Iran's energy sphere and to increase ties to the GCC.

For the GCC, they need to build pipelines and energy connections into Europe through Iraq, but they can't do that through territory that's under the political and security threat of Iraqi militias and indirectly - Iran. It's billions of dollars of capital that's at risk and their energy futures. If Iran can cut the Strait, then Iran can cut the pipelines going north.

So you're going to see a lot of diplomatic and political pressure on the Iraqi government that, frankly, the people in Washington and other places are looking at in a very adult fashion. They know he's in a difficult and delicate political position, but he's going to have to make some hard moves as well. We cannot have Iraqi militias launching missiles on UAE, Saudi Arabia, let alone Israel, competing with potentially Houthis and the Iranians.

And I want to pull this thread just a little bit because of the Revolutionary Guard. We are in a situation now where red lines have been erased.

The red lines of the IRGC using all of its asymmetrical tools, missiles, mines, cyber, militias against everybody all at once, that red line has gone away. So the idea that Iraqi militias won't be used in the future, along with Iranian missiles and cyber, against Saudi Arabia again or Kuwait or Bahrain, that red line doesn't exist. So the Gulf cannot tolerate this perennial weakness in its north as well as in the Houthi south as well as in the east. There's just too much instability. It's too much of a contested region. So Washington will probably put a lot more focus on that.

The other area that I would think there needs to be a little more attention on is the data risk within the region itself. The fiber lines that go through the Red Sea and the Strait of Hormuz contain an enormous amount of financial information, not just from the GCC itself to Asia, but it is also European data flowing between Europe and Asia.

And we've seen the Houthis when they damaged a ship, it had an anchor that damaged several lines that cut some of that data flow for a while but the Iranians are now claiming ownership, and it's fallen out of the news but when it comes to the data line management in the strait of Hormuz - only Iranian companies can repair or manage those lines.

This gives them not only a capacity to control the energy flow and the product but the artificial intelligence flow as well, which the GCC sees as its future to Asia and India and Pakistan - I mean, this is the world. So a GCC that has said, ‘Our future is artificial intelligence and not energy,’ Iran has just said, ‘We will control that future’.

Kelly: The Cipher Brief focuses a lot on gray zone operations and a lot of these undersea cables fall squarely into that category. I wonder if we could talk for just a moment about what Iran is most likely to do during this period of time, What are they doing that they're not talking about?

Roule: The Quds Force has never gone away. Whenever anyone talks about something, one of the foolish phrases of Iran's forward defense, you will often hear people talk about something silly like this, Iran doesn't need drones in the hands of Iraqi militias as a defense. It doesn't need to provide missiles to the Houthis to attack Western shipping as a defense. I mean, anything that someone uses to attack could theoretically be a defense, but the Iranians only call it a defense. And that phrase was originally a propaganda point issued by Iran's foreign ministry and then used by Western shills and then gradually built up into some western think tank narratives. But it's a funny phrase. But you're going to see Iran continue to push out on their asymmetric activities because the Quds Force hasn't gone away, and it's pretty much all they have left. And the Quds Force, to a lesser extent - Iran's Ministry of Intelligence - manages their tools.

So you wisely and eloquently talked about gray zone activities. Iran is - far more than China and far more than Russia - the archtypical gray zone actor. These other countries that have non-gray zone tools and are recognized as non-gray zone powers in the world, but all three are revisionist actors in the world - the three great revisionist actors trying to revise their place in the international community. But Iran only has gray zone tools left because we just destroyed all of their conventional military.

So the Quds Force remains. Any sanctions relief, a small portion of that will go there. The question becomes, ‘What are we doing to cut the logistics lines and what is the international community doing?’ And whenever anyone talks about aid to Iran or assistance to Iran or anything like that, it is not unfair to ask, ‘What are we doing to cut that or how are we measuring Iran's capacity to pull back on the Quds Force?’

If you're in the Trump administration right now, your challenge in the talks going forward is to show that the talks are narrow, reversible, measurable in some way - to show that you're not just providing Iran with the liquidity that Iran and critics of the Memorandum of Understanding will argue it gives. And in return, you're getting something back besides the opening of the Strait of Hormuz. And that something will have to be shown to take place in a few weeks because you can't really do that by day 59 and then say on day 59, ‘We're going to war’.

I'll close by saying that this administration reportedly is saying that there are individuals in the regime who are saying, or telling others, ‘We're willing to move in that direction in exchange for a massive amount of money’. Okay, fine. We'll see. But they're going to have to show measurable examples to prove why something that everyone would say has not been possible for 50 years is going to be remotely possible, and that's going to be hard.

Kelly: Let me close, Norm, by asking you the impossible question. Given how difficult it has been until now and given that you have a very good understanding of the agendas of all sides in this conflict and others who are being affected by this, what do you think a realistic expectation that we will see any kind of measurable progress?

Roule: If the Iranians are able to only create tensions between Washington and Tel Aviv, I think it's manageable, but the rhetoric will be magnified by the press and people who dislike the Trump administration and Israel will magnify that. I don't pay as much attention to that as others because of the politics, but there is a good reason to focus on that.

The likelihood of going back into conflict will depend upon perhaps catastrophic events. I worry about a Hezbollah missile landing and having a large number of casualties in Israel. That creates a gravity sink of actions. Or an Israeli attack doing the same thing, and that could create a gravity sink, or behaviors and political actions that just take us back into a new direction.

Again, the Quds Force has not gone away. That logistics line, all we get is one large shipment of weapons going to Yemen, one large shipment and suddenly something happens. But it could be that we're just in a period of new normal where what we're doing right now might be where we are in July and August and September. People may not like it, but we have been in this position for a number of decades, and we're waiting for the rot within the Iranian regime, which remains a dying regime. It's a stale ideology and a dying regime. That rot will continue to erode the foundations of what's happening there.

I’ll close by saying that we shouldn't overlook the tremendous damage that has been done to the regime during this conflict. It has sometimes been wrongly described as tactical success by the regime. That's terribly wrong. You don't destroy this much of a regime and call it a tactical success. The Iranian government is going to have to try to recover from that, and the brave Iranian people may well rise up in coming months. So there are a lot of ‘What ifs’, but where we are is probably the trend line - barring a catastrophic event of some sort.

Ryan Simons was a producer on this report

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

From Bombing Iran to Negotiating: Trump Explains His Red Line

“I had to stop them [the Iranians] because if they had a nuclear weapon, they would use it. And you want to see bedlam, let them blow up a couple of cities someplace, like they would've blown up Israel. If it weren't for me, Israel would not exist today, because I terminated the Barack Hussein Obama deal, the JCPOA (the 2015 international agreement limiting Iran’s nuclear program), which was a road to a nuclear weapon. They [the Iranians] would've had it five years ago. They would've used it within the first week, in my opinion. And Israel would no longer be with us. Israel would've been gone years ago had I not done that.”

That was President Trump speaking last Friday on The Axios Show, where his interviewer, Marc Caputo, said it was to be a conversation on “power, and how you [Trump] think about it, and how you wield it.”

Over the next 34 minutes, Trump was direct in his views on war, people and negotiations though what he said at times was not totally factual or he left out relevant information. There were also instances where he seemed to be speaking honestly.

Why does Trump say things that many – if not most people – know are wrong? Also, the President, who in the past has sought to portray his role as a man seeking to end wars – and get the Nobel Peace Prize – during the Axios conversation bragged about his various military operations, including the killing of people. Why?

These are things worth discussing because no matter what he says or does in private, it’s what Trump says or does in public that has an impact and affects how people see him, both friends and enemies including foreign leaders.

For example, had Iran developed nuclear weapons, I believe it is highly unlikely they would have quickly used one or more against Israel. That’s because I know, and Iran’s leaders in Tehran certainly know, although it was not widely publicized, that Israel has for decades had a nuclear arsenal of its own, including more than 90 nuclear bombs and warheads. Some of them are on cruise missiles deployed on Israeli submarines, which means they would likely survive a first Iranian strike and potentially be in a place to strike back.

In short, even if Iran had nuclear weapons, I believe even Tehran’s religious leaders would be deterred from using any of them against Israel because they know that Israel could respond with nuclear weapons of their own.

President Trump, I’m sure, knows about Israel’s nuclear arsenal and the theory of mutual deterrence. A country with nuclear weapons has that kind of protection against other countries with such weapons. Think of North Korea, for example.

Back in 2017, Trump threatened North Korean leader Kim Jong Un with “fire and fury and frankly power the likes of which the world has never seen before.” At that time it was doubted that Pyongyang had a nuclear warhead and missile that could reach the U.S. Since then, it’s clear, the North Koreans do have nuclear weapons that can hit American territory and Trump these days speaks of friendship with Kim.

To me, Trump’s repeated claim that his actions against Iran have “saved” Israel are designed to support his own popularity in that country and, at the same time, imply that the radical Iranian religious leaders are crazy enough to use nuclear weapons against a nuclear-armed Israel.

It reminds me that back in the Cold War period, some top Reagan administration officials promoted the idea that the Soviet Union was considering a nuclear “first strike” against the U.S. because the Russians were constructing their Moscow subway system to serve for civil defense sheltering should we Americans strike back with any nuclear weapons we had remaining.

At another point during the Axios interview Trump said, “I destroyed their general. OK.? [Qasem] Soleimani, [who] was the father of the roadside bomb…It was his favorite weapon. And I killed him. And he killed thousands of [American] soldiers [during the Iraq war] and thousands of other people, tens of thousands of other people.”

Trump went on to describe the details of how he directed the U.S. Special Forces and CIA to carry out Soleimani’s January 2020 assassination in Iraq by blowing up a car he was traveling in, even after Israel backed out of assisting in the operation.

“And it was a flawless attack,” Trump said, adding, “Now, that was one of the biggest moments in the history of the Middle East, because he was the most feared man in 100 years…He was a bad guy, but he was smart. He was a very tough general. You know what he was going to do? He was going to blow up five of our military bases. I got him one week ahead of that attack.”

As for more recently in Iran, Trump said, referring to the U.S. and Israeli February 28 attacks, “I killed the Ayatollah (Ali Khamenei). And a number of IRGC (Islamic Revolutionary Guard) officials. And I sadly hurt the other Ayatollah (Mojtaba Khamenei, the son of the former Supreme Leader and now Supreme Leader), who I will tell you, I did not meet him. I did not speak to him…But he's got a certain braveness because he was, he’s badly injured.”

Trump described what led him to stop the bombing that, I believe, has some truth in it.

“If I were hitting them [the Iranians] right now, when you stopped, if we're not going to put boots on the ground, I mean you don't want [U.S. military] boots on the ground, right? If we're not going to put boots on the ground, probably the same people , they go deep into the caves. They're called granite caves. They're very powerful. They go deep and then when we stop, they'll come up and they'll probably be the same leaders. So nothing, okay?”

As Trump himself emphasized, he wants no part in putting American military on the ground in Iran, or really anywhere in any numbers for any extended time period. Despite his recent turn to military operations, he fears having to take responsibility for American troops being killed or wounded.

He also appears to have learned the limitations of just bombing or using missiles.

Trump said, “When I knocked them [the Iranians] out, we knocked them out so powerfully, we would right now have the Hormuz Strait totally closed. It would have mines all over it and it would have missiles flying over billion-dollar ships. And those ships will never sail.”

Then Trump summed up why he stopped bombing Iran and turned to negotiations.

Trump said, “I just looked. [The price of] oil is tumbling. The ships are roaring out of there [that] they want to go home. They want to go home. They're all full with oil. There's a gusher. I mean, we have seven [hundred] or eight hundred ships are leaving, but if I attack them, none of those ships are leaving. The stock market is way up, way, way up. The stock market is up over the last four or five days when it looks like we're going to make a deal. Stock market's up thousands of points. Everybody's richer. Now, would you rather have that or be like some stupid people?”

He then described “hard liners” who were telling him, “Oh, you got to take 'em [bomb Iranians] out yet.” Of which Trump said, “Well, what lemme tell you. And plus, I'm not looking to kill people. I have one primary wish as president, in terms of people. I never want to be the late great Herbert Hoover. So this is the kind of thing that could cause a worldwide depression.”

In his own words, Trump seemed to recognize the Iran war he started had to be ended before it caused, what he apparently feared coming, “a worldwide depression.”

The outcome of the current 60-day cease-fire negotiations is unclear, but I notice the third item of the Memo of Understanding reads, “The United States of America and the Islamic Republic of Iran commit to negotiating and achieving the final deal in maximum 60 days, extendable with mutual consent (emphasis added).

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Cuba’s New Spy Array Raises Concerns for U.S. Security

BLUFF — On 18 June, Center for Strategic and International Studies (CSIS) researchers released a new study that says Cuba has completed construction of a major signals intelligence antenna array at its Bejucal facility near Havana. CSIS says that based on commercial imagery and open source information, this new construction significantly enhances Cuba’s ability to monitor and locate radio transmissions across a large portion of the Western Hemisphere. This is a specialized listening system designed to intercept radio transmissions and pinpoint their geographic origin with high precision. Construction on the antenna field appears complete, and the CSIS team assesses the facility has very likely begun operations.

In 2024, CSIS identified four Cuban sites featuring equipment that could support signals intelligence (SIGINT) collection, including several with possible links to China. Follow-on analysis of two of these sites, conducted in 2025, found major changes underway at one location, while work at the other had largely stalled. New commercial satellite imagery reveals that activity at both sites has continued.

Commercial imagery of the Bejucal site shows newly completed work on a large circularly disposed antenna array (CDAA). The CSIS researchers Matthew Funaiole, Brian Hart, Joseph Bermudez Jr., and Aidan Powers-Riggs say that this site has undergone a major transformation over the past two years. An older linear antenna grid has been replaced with a Circularly Disposed Antenna Array (CDAA), a specialized system designed to determine the direction and origin of radio signals. According to CSIS, this is the largest and most capable Cuban CDAA installation documented to date. Due to its location near Havana, the Bejucal facility is well positioned to observe U.S. naval operations in the Caribbean, military aviation activity across the southeastern United States, and shipping traffic throughout the Gulf of Mexico.

The Bejucal complex occupies a historically significant military site. The surrounding area was used during the 1962 Cuban Missile Crisis, when Soviet nuclear weapons were stationed in Cuba. In recent years, the facility has frequently appeared in public reporting, congressional testimony, and official U.S. statements regarding foreign intelligence activities in Cuba. While CSIS notes that there is no declassified public evidence proving direct Chinese operation of the specific antenna array, U.S. officials have acknowledged that China operates at least three intelligence facilities in Cuba.

Based on official statements, construction patterns, and previous assessments, CSIS researchers believe Bejucal is likely one of those locations. However, the exact operational arrangements and level of foreign involvement remain undisclosed.

PRC SIGINT infrastructure in Cuba would allow the PRC to:

Monitor U.S. military exercises, missile tests, and space operations.
Map electronic profiles of U.S. assets and communications networks.
Potentially disrupt or influence communications in crisis scenarios

Cuba's proximity to the United States has long made the island strategically valuable for signals intelligence collection, and the completion of the Bejucal array reinforces the role that it can play for our adversaries in surveillance operations against the US. It is ironic that Cuba was ramping up its intelligence capabilities against the US at the same time that the Trump administration is imposing punishing economic sanctions on Cuba. In a May 2026 executive order, probably about the time that Cuba was finishing this upgrade, the Trump administration imposed additional sanctions on Cuba and cited the country's hosting of "foreign adversary facilities" targeting sensitive U.S. national security information.

That the Cuban government has responded to the crippling US economic blockade and sanctions with minor economic reforms while moving forward with increased surveillance activities is concerning but not surprising. This would fit with Cuba’s tactics: appear to be compromising while shoring up its ability to counter the US.

The Cuban government has not acknowledged its intelligence partnerships with US adversaries and now more than ever, the Cuban regime is likely arguing the need is great to better understand threats from the US. What is at risk for the US, however, is the potential that our adversaries can collect intelligence from the myriad military commands that are in the listening zones of these radars. This affects our ability to operate globally and with an element of surprise.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Deal That Should Not Have Happened

The announcement of a ceasefire between the United States and Iran surprised many observers. The underlying conditions appeared unfavorable to an agreement—and yet a deal emerged. For months, analysts pointed to profound disagreements over Iran's nuclear program, regional influence, sanctions, and ongoing military activity as reasons why the space for agreement was extremely narrow. Now that an MOU is in place, the immediate temptation is to ask whether it will hold—and perhaps it will not—but a more interesting question may be why it happened at all.

Prior to the agreement, we reviewed an ensemble of simulation scenarios examining hundreds of potential pathways in the evolving U.S.-Iran confrontation. The model incorporated historical, political, and behavioral data to explore how different decisions could shape the course of the crisis. Across the simulation set, indirect engagement, deconfliction channels, maritime security arrangements, and mediated diplomacy appeared repeatedly. Durable, comprehensive ceasefire agreements, however, appeared only rarely. Formal negotiated settlements consistently emerged as low-probability outcomes.

Importantly, this result did not emerge from simple rational-actor assumptions alone. The simulations incorporated leadership behavior, competing bureaucratic interests, and cognitive profiles associated with key actors. The consistent finding was that a comprehensive settlement of the underlying disputes was unlikely.

In negotiations where the observable bargaining space appears narrow, agreements generally emerge for one of three reasons. Either the bargaining space was larger than outsiders realized, the preferences of one or more parties shifted, or the purpose of the agreement is being misunderstood.

The recent ceasefire may contain elements of all three.

The first explanation for the U.S.-Iran MOU is hence straightforward: the public may not be seeing the full agreement. History offers many examples of diplomatic arrangements that included private understandings, sequencing commitments, implementation mechanisms, or parallel agreements that were not immediately disclosed. Negotiators frequently leave politically sensitive concessions outside the public text while embedding them in separate channels.

If this explanation is correct, then the apparent contradiction largely disappears. The agreement was possible because the actual bargaining space was larger than outside observers understood.

The second possibility is more subtle.

Analysts often assume that national interests are relatively stable. In reality, what changes quickly in international politics are neither capability nor intent, but priority. States rarely pursue all objectives simultaneously. Leaders constantly reprioritize. Strategic goals that appeared paramount six months ago may become secondary when confronted with new pressures, risks, or opportunities.

Viewed through this lens, the ceasefire may reflect changing intensities of preferences rather than changing interests. For Tehran, avoiding further military degradation may have risen in importance relative to other objectives. For Washington, avoiding a prolonged regional entanglement may have become increasingly valuable as policymakers confront simultaneous challenges across multiple theaters. If preferences shift sufficiently, an agreement can emerge even when public positions remain largely unchanged.

And there is a third explanation—which may be the most important one. The ceasefire may not actually be designed to settle the U.S.-Iranian(-Israeli) conflict.

One of the most striking findings from our simulation work was the repeated emergence of mechanisms designed not to resolve disputes, but to manage them. Across multiple scenarios, actors established maritime deconfliction channels, backchannels, military hotlines, standing contact groups, intermediary-led diplomatic tracks, and crisis-management frameworks designed to prevent accidental escalation without resolving the deeper issues driving the conflict. In other words, these arrangements did not solve the underlying dispute. They created procedures for living with it. This distinction is increasingly important in a world characterized by persistent strategic competition in multiple theatres.

During the Cold War, many consequential diplomatic achievements were not comprehensive settlements. They were negotiated governance mechanisms. Arms-control agreements, crisis hotlines, incident-at-sea protocols, and confidence-building measures did not eliminate strategic rivalry between the United States and the Soviet Union. They reduced the probability that rivalry would spiral into catastrophe.

Viewed from this perspective, the U.S.-Iran ceasefire may be less significant as a durable resolution of the conflict than as an emerging framework for managing it. If so, its apparent fragility is not necessarily evidence of diplomatic failure. The agreement may not solve the dispute, but it may create enough structure to reduce immediate escalation risks while preserving room for continued competition—and perhaps, over time, a broader diplomatic opening.

This interpretation carries implications far beyond the Middle East. Maritime tensions in the South China Sea, security competition in the Taiwan Strait, navigation disputes in the Red Sea, and strategic rivalry across Eastern Europe may increasingly depend on mechanisms designed to prevent further escalation rather than eliminate disagreement. In each case, the challenge is not necessarily achieving consensus. It is creating enough structure to keep competition from becoming uncontrollable.

Too often, we evaluate diplomatic agreements through a binary framework: success or failure, peace or war, settlement or breakdown. Yet some of the most consequential arrangements in international politics occupy a different category altogether. They function as temporary governance systems for managing unresolved disputes.

In such environments, the relevant question is not whether a conflict has been solved. It is whether sufficient structure exists to keep competition from becoming uncontrollable.

That broader perspective may ultimately matter more than the details of the current ceasefire itself. As geopolitical competition intensifies, durable settlements may become rarer. In their place, we may see the growing importance of improvised, often fragile arrangements around maritime chokepoints, contested regions, and strategic flashpoints that function less as peace agreements and more as operating systems for managing persistent rivalry.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Before the IC Trusts AI, It Needs to Prove It Can Assure It

Artificial intelligence is moving quickly into national security work. That is not a future trend. It is already happening in analysis, collection support, cyber defense, logistics, language processing, software development, and mission planning.

The real question is no longer whether AI will be used, it is.

The harder question is whether we can trust it inside mission environments where bad data, weak access controls, poor model governance, or untested automation can create real operational risk.

For years, cybersecurity leaders have been trained to think about systems, networks, endpoints, identity, and data. AI changes that model. It does not replace those risks; it adds a new layer of uncertainty on top of them. An AI system can be technically functional yet unreliable, manipulated, over-permissioned, poorly sourced, or impossible to explain.

That is a problem in any enterprise. In national security, it is a significant mission risk. AI assurance is not just a compliance exercise. It is the discipline of proving that an AI-enabled capability is fit for purpose, secure enough for its environment, monitored after deployment, and governed by people who remain accountable for the outcome.

Most organizations still treat AI adoption as a technology deployment. Buy the tool, issue a policy, run a pilot, brief the results. That approach may work for low-risk productivity use cases. It does not work when AI is connected to sensitive data, operational workflows, classified environments, or decision support. The model is just part of the risk. The larger risk is the infrastructure around it. In a traditional system, we asked: who has access to the data? In an AI-enabled workflow, we also have to ask: what can the model infer, summarize, combine, expose, or act upon once access is granted? A user may not be authorized to see every underlying source in a system, but an AI tool connected to that system can, and may generate a summary that reveals sensitive relationships, operational context, or protected information.

The same is true for retrieval-augmented generation (RAG). RAG can make AI more useful by grounding responses in ‘trusted’ data. However, it can also create a new attack surface if source material is stale, poisoned, poorly labeled, or pulled from repositories with weak access controls. If the retrieval layer is not governed, the model can confidently produce bad answers from bad inputs.

The answer is not to slow-roll AI into irrelevance. The answer is to operationalize assurance. There are five things national security organizations and cleared industry should be doing now.First, inventory AI use cases like mission systems. Leaders need to know what AI capabilities are being used, what data they touch, who can access them, and what decisions or workflows they influence. Shadow AI is not a user behavior problem alone. It is usually a signal that the enterprise has not provided secure, usable options fast enough.

Second, treat data provenance and lineage as core requirements for data management. AI assurance starts before the model ever generates an answer. Organizations need to know where training data, reference data, embeddings, and retrieval sources came from, how that data moved through the environment, how it was transformed, who validated it, who can modify it, and whether those changes are logged. Provenance tells us the origin of the data. Lineage tells us what happened to it along the way. Without regimented data management, the organization cannot confidently assess whether the model’s output is accurate, up to date, authorized, or appropriate for the mission. If the data supply chain is weak, opaque, or poorly governed, the AI output is already questionable.

Third, test AI models against mission-specific use cases. This could include adversarial prompts, poisoned documents, prompt injection, tool misuse, and hallucinated citations and references.

Fourth, monitor after deployment. Models change. Data changes. User behavior changes. Threat actors adapt. Assurance has to be continuous and include logging, drift detection, output review, access monitoring, and clear thresholds for when a tool should be paused, updated, restricted, or removed.

Fifth, keep humans accountable. Humans-in-the-loop should have clear and accountable responsibilities defined. What is the reviewer expected to verify? What decisions can never be fully delegated to the AI tool?

The organizations that get this right will be the ones that build disciplined AI operating models. They will have clear use cases, controlled data access, measurable evaluations, audit trails, and documented risk ownership.

AI is becoming one of the most important force multipliers in national security and economic competition. It has the potential to narrow gaps between larger and smaller countries, established and emerging companies, and well-resourced and resource-constrained organizations. Capabilities that once required large teams, specialized infrastructure, or years of institutional advantage are becoming more accessible through AI-enabled tools. That is why assurance matters. For the Intelligence Community and the national security industrial base, AI assurance should become a core discipline. Before we scale AI into mission operations, we need to prove we can govern it, test it, monitor it, and explain when it should not be trusted.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Learning Velocity: The Next Strategic Advantage

Entrepreneurs realize that speed compresses learning. They know some of their initial assumptions will be wrong or only partially right, so going fast allows them to test ideas and move from opinions to evidence to products before they run out of cash or time.

A startup that spends years to get to market may end up solving the wrong problem. The startup that launches in weeks or months figures out what their audience cares about, what is irrelevant and they evolve their approach in real-time. Test, learn, adapt and repeat the cycle.

The most successful entrepreneurs know that the original idea is often less important than the rate at which they improve it.

This thinking has existed for decades. Now, AI enters stage left.

The Importance of Learning Velocity

We are entering an era where learning velocity is reducing the time between a question and an answer, an idea and a test and a mistake and its correction.

Learning Velocity is the speed at which an individual, organization, or nation converts information into capability, decisions, and action. Increasingly, competitive advantage is determined not by who possesses the most information, but by who learns from it fastest.

AI changes the speed and quality of the learning cycle.

Can we understand if a disinformation attack is starting before it succeeds?

Can we routinely build synthetic adversary simulations worldwide to improve our preparation?

Can we see 10,000 new accounts emerge in a few weeks to amplify identical narratives across five platforms in five languages and know exactly who is driving it?

Can we identify the next TikTok or Discord well before it gains altitude?

Adversaries realize the pace at which they learn is often as important as what they learn if they are to win the race to market. From Silicon Valley to Bekaa Valley, the learnings are the same. It’s all a matter of how it is applied.

Are We Ready?

Throughout history, strategic advantage has often belonged to those who learned faster than their adversaries. U.S. military doctrine embraced the OODA Loop—Observe, Orient, Decide, Act—as a model for accelerating decision cycles faster than opponents.

Times have changed. Bad actors are compressing learning cycles from months to days and increasingly from days to hours. The public and private sector too often operates on models of learning that are designed for a slower century.

Their advantage is not necessarily better technology, more information, or greater resources. Their advantage is that they learn faster.

Let’s imagine how they learn for a minute.

Imagine the Fastest-Growing University in the World

It has no campus, no admissions office, no tuition, and no accreditation.

Its students come from every country. Its curriculum updates daily. Its teaching assistants are powered by artificial intelligence.

Its graduates include cybercriminals, fraudsters, influence operators, hostile intelligence services, extremist groups, and increasingly, highly capable lone actors.

Welcome to the New University for Bad Actors

Freshman Year: Open-Source Intelligence

Freshmen begin with open-source intelligence 101.

Their textbooks include LinkedIn, Google Earth, company websites, SEC filings, public procurement records, satellite imagery, and social media.

Their first assignment is simple: learn everything possible about a target without ever touching its network.

They learn how to map executive organizational charts, vendor relationships, facility layouts, and employee behavior patterns almost entirely from publicly available information. Whether or not they put on the “freshman 15”, they will learn how to use commercial satellite imagery, drone footage, all forms of digital media, ship, aircraft and supply chain tracking data, patent filings, geolocation tools and more.

Sophomore Year: AI-Assisted Learning

This is not followed by a sophomore slump. Rather, they rapidly move into AI-assisted learning.

Their professors are ChatGPT, Claude, Gemini, Perplexity, Grok, DeepSeek, and other large language models.

What once required months of research can now be accomplished in hours.

Generative AI enables bad actors to create deepfake videos, cloned voices, fabricated identities, realistic images, and highly personalized communications at scale. AI agents can conduct individualized outreach to thousands of targets simultaneously, making social engineering attacks more believable and more effective.

They learn how people form trust. Why a narrative resonates or fails with an audience. How to choose the right topics, build a plan and create polarization. And they start to see where trust is weak and where attacks may be more successful.

They are becoming better students of human behavior.

Junior and Senior Year: Laboratories and Code

Juniors enter the laboratories ready for one of the most important shifts in intelligence and strategic competition.

Hugging Face, GitHub, ArXiv, Discord developer communities, Papers with Code, Stack Overflow, Reddit, Kaggle, and open-source communities become classrooms where they learn how innovation occurs and where the world is going.

They learn which AI capabilities have the most promise in the next year. They can see which technologies are gaining acceptance and which ones are losing steam. Perhaps most important, they witness which workforce skills will be most valuable. They know the performance benchmarks, which datasets matter and where the problems lie.

These students realize they can see which technologies have promise years before they become mainstream.

They are also keenly aware of the speed of innovation. They can read the signals of repository growth, model releases, publication speed and more.

The graduation ceremony is brief. No champagne, just more learning ahead.

Graduate Studies: Shared Learning Networks

Graduate students enter encrypted networks, private forums, and invite-only communities where ideas, techniques, and lessons learned are exchanged among peers. Successful attacks are dissected and analyzed. Indicators of compromise, response timelines, victim profiles, and operational mistakes are openly discussed so that future attacks become more effective.

Every successful operation becomes a lesson for the next one.

Some students have more to learn.

Doctoral Research: Data as a Weapon

Doctoral candidates study commercial data ecosystems, public records, and digital surveillance.

They discover that some of the most valuable information does not need to be stolen. It can be purchased.

Post-doctoral researchers venture into dark web marketplaces and specialized forums where knowledge, tools, services, and expertise are exchanged at extraordinary speed. Personal information, new malware, breached corporate data, criminal service marketplaces, critical infrastructure targeting and more.

The dark web and shared learning networks provide that competitive advantage – information others don’t have.

Why Are They Learning Faster Than We Are?

Bad actors are not necessarily learning more than we are. The real difference is how fast they learn.

When resources are constrained and survival depends on adaptation, speed of learning becomes a competitive weapon. The most successful entrepreneurs build companies with an idea, often inadequate finance resources and a ticking clock showing they could run out of time.

Speed is not only an asset, it is about survival of the idea.

A New Era Deserves a New Model

The challenge for many established institutions is not a lack of intelligence, talent, or resources. It is resistance to change.

We don’t like failed pilots, so people stop experimenting. Our budgets are annual. Our feedback loops are slow. We may learn quickly, but we act slow.

Behavioral economists refer to this as loss aversion. Humans experience the pain of losing existing processes, authority, expertise, and familiar ways of working more intensely than the potential gains associated with adopting new approaches.

The reality is learning faster than adversaries and adapting faster will be our advantage to create and sustain.

Learning Velocity will become our long-term strategic advantage, which means we need a practical way to evaluate our progress.

The model is defined as the speed at which an individual, organization, or nation converts knowledge into capability.

The Learning Velocity Model

L — Locate

How quickly can we identify emerging threats, opportunities, technologies, and changing conditions?

Measure in days, hours, minutes and seconds.

E — Evaluate

How quickly can we determine what matters and separate signal from noise?

What is in the way of any decision?

Are we learning in the best places?

A — Align

How quickly can insights spread across teams, agencies, departments, and decision-makers?

If any insights are blocked, is this done to improve our security?

R — Respond

How quickly can knowledge be converted into decisions, actions, and measurable outcomes?

Time from moment we know to moment we impact. The full timeline is important.

N — Navigate

How quickly can we adapt when assumptions prove wrong or circumstances change?

How do we learn from failure? Are we improving our ability to anticipate?

Preparing for a World Beyond AI

AI will continue to serve as a learning accelerator. It will be joined by quantum computing, which will make it possible to simulate a problem in minutes or hours. 6G will expand how we connect billions of sensors, vehicles, drones and devices to feed AI systems. Digital twins will create virtual versions of supply chains, aircraft, power grids and more so we can test operational concepts before deployment. The physical world will become measurable in new ways, ranging from advanced sensors to satellites.

And of course, as these technologies converge, new transformational waves will be experienced.

The future competitive advantage will belong to the organization or country with the fastest and most adaptable learning system, not the most information.

Moore’s law was first proposed in 1965. Gordon Moore, co-founder of Intel, predicted that the number of transistors on a chip would double every two years, leading to major improvements in computing power. It illustrated how we compressed the cost of computation.

The skeptics said you can’t keep shrinking transistors forever or the manufacturing costs will be prohibitive or the growth rate is unsustainable.

The skeptics were wrong.

The cognitive security version of this model, which has blanks to fill in, will be something like “learning velocity doubles every X years while the cost of learning falls by half.”

It’s up to us to define this model and turn a theory into an advantage that improves security of our world.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Forty-Year Cyber Policy Failure Congress Refuses to Address

Late last month, the former deputy assistant director of the FBI's Cyber Division testified before the House Homeland Security Committee that the federal government should consider designating ransomware operators as terrorists and pursuing felony murder charges against attackers whose intrusions kill patients. The testimony was a serious response to a serious problem. It was also a measure of how far the cyber policy conversation has drifted from the question that would actually change the threat environment.

Terrorist designations are post-hoc. Homicide prosecutions are post-hoc. Sanctions are post-hoc. Indictments of foreign operators are post-hoc. The entire architecture of American cyber enforcement is built around consequences imposed after the harm has occurred — and for forty years, Congress has steadfastly refused to legislate the one consequence that would matter most to attackers and most to victims: the right to interrupt an attack while it is underway.

A homeowner in most American states may use deadly force to stop an intruder reaching for a television. A hospital CISO watching a confirmed exfiltration leave her network in real time may do exactly one thing: document the theft and call the FBI. If she does anything else — if she reaches one hop downstream to interrupt the transfer in progress — she has committed a federal crime under 18 U.S.C. § 1030.

This asymmetry is not the product of careful legislative deliberation. It is the product of forty years of legislative avoidance. And the avoidance, I will argue, is the most consequential cyber policy choice the United States has ever made.

A legislative record without a victim

Congress has not been idle on cyber. Since the mid-1980s, it has produced a continuous body of federal cyber legislation that is, by any reasonable measure, substantial.

The Computer Fraud and Abuse Act was enacted in 1986 and amended in 1994, 1996, 2001, and 2008. The Computer Security Act of 1987 (Public Law 100-235) established NIST's authority over federal civilian computer security and, in the process, drew the jurisdictional line between civilian and national-security systems that still governs federal cyber organization today. The Federal Information Security Management Act passed in 2002 and was modernized in 2014. The Cybersecurity Information Sharing Act was enacted in 2015. The Cybersecurity and Infrastructure Security Agency was stood up as an operational component of DHS in 2018. The Office of the National Cyber Director was established by statute in 2021.

This is a Congress that has been continuously engaged with cyber for four decades. It has legislated the boundaries of federal system security. It has criminalized unauthorized access in five separate statutory revisions. It has structured the federal-private information-sharing relationship. It has built and rebuilt the organizational architecture of national cyber defense.

In forty years, it has not once legislated whether the victim of an active exfiltration has the right to interrupt the transfer.

The Active Cyber Defense Certainty Act was introduced in 2017 by Representatives Tom Graves and Kyrsten Sinema. It was reintroduced in 2019. Neither version received a floor vote. The bill's existence proves Congress knows the question is on the table. The bill's fate proves Congress has decided to keep it there.

The shape of the asymmetry

The legal vacuum has produced an operational reality that, when stated plainly, is difficult to defend.

A ransomware operator working from a non-extradition jurisdiction faces, in practice, a probability of prosecution approaching zero. Successful prosecutions of foreign ransomware operators in 2025 numbered in the low double digits worldwide, against an industry whose estimated annual revenue exceeds one billion dollars. The victim — typically a hospital, a school district, a mid-market manufacturer, a municipal government — faces the full weight of regulatory liability, civil litigation, board accountability, and operational harm.

One side of this exchange bears nearly unlimited downside risk. The other side bears nearly none. This is not a threat environment. It is a market, and the market is functioning exactly as its incentive structure predicts.

The conventional response is to point to the things we have done. The Treasury Department has sanctioned mixers and exchanges. DOJ has clawed back ransom payments, most notably the partial Colonial Pipeline recovery. FBI and partners have disrupted Hive, LockBit (twice), and the ALPHV/BlackCat infrastructure. CISA has improved baseline guidance. None of this is nothing. All of it, taken together, is too small.

These are tactical wins inside a strategic loss. Sanctions disrupt laundering for measurable but brief windows before volume routes around them. Takedowns are followed by re-branding inside a quarter. Indictments of foreign operators function as press releases. The asymmetry between attacker risk and defender risk is not closing. It is widening.

What the "next hop" means, and what it doesn't

Let me be precise about the legal change I am arguing for, because precision is the only thing that protects this argument from being misread as a call for vigilantism.

I am not arguing for hack-back authorities. I am not arguing for retaliation. I am not arguing for the right to compromise an attacker's infrastructure as a punitive measure, to recover data through offensive operations, or to engage in any conduct whose purpose is to inflict harm on the attacker.

I am arguing for the legal recognition of a category that exists in every other domain of self-defense and exists nowhere in cyber: the right to interrupt a crime in progress.

When an exfiltration is underway, the defender can typically observe the immediate next hop — the command-and-control server, the staging system, the relay — through which the data is transiting. Current law permits the defender to log this traffic, to characterize it, to share indicators of compromise, and to report it. Current law forbids the defender from taking any action against that next-hop system to interrupt the transfer in progress, even when attribution to the attacker's infrastructure is unambiguous and even when the action contemplated is narrowly scoped to interrupting that specific transfer.

This is the gap. Not punishment. Not retaliation. Interruption.

The doctrinal analogue is the long-settled law of defense of property and defense of self. American common law has never required a victim to wait until a crime is completed before responding. The reasonableness standard — proportionality, immediacy, scope — is the mechanism by which we distinguish legitimate interruption from vigilantism. We apply this standard to homeowners, to merchants, to security guards, and to law enforcement. We have declined, uniquely, to apply it to cyber defenders.

The objections, and where they fail

The standard objections to active cyber defense are serious and I want to take them seriously.

Attribution is hard. Sometimes. It is also sometimes trivial. The exfiltration to a known command-and-control server with a known operator and a known wallet, observed in real time from the victim's own network, does not present the attribution problem that the objection imagines. The objection conflates the hardest cases with all cases. A reasonableness standard — the same standard we apply in every other domain of self-defense — would distinguish them.

Collateral damage is real. Yes. The attacker's infrastructure frequently transits compromised third-party systems — hospitals, universities, small businesses whose servers have been weaponized without their knowledge. An action against the next hop could disrupt the operations of an innocent party. This is a genuine concern. It is also a concern that applies, in different forms, to every domain of self-defense we currently permit. The legal response is not prohibition. The legal response is a proportionality requirement.

The CFAA was written for good reasons. It was. The CFAA in 1986 was a response to a specific set of harms — unauthorized access, fraud, malicious intrusion — that the existing criminal code did not adequately address. Its drafters were not contemplating the question of whether a victim observing real-time exfiltration has any right to interrupt the transfer. They could not have been. The threat environment that question arises in did not yet exist. A statute written for one purpose, applied four decades later to a question its drafters did not contemplate, is not legislative wisdom. It is legislative inertia.

Active defense will escalate. Possibly. The same argument was made against every expansion of self-defense doctrine in American legal history. The empirical question of whether a narrowly defined interruption right would produce more harm than it prevented is exactly the question Congress has declined to investigate, by declining to hold the hearings, declining to advance the bill, declining to commission the study.

What the silence costs

The forty-year silence on this question is not a neutral position. It is itself a policy choice, and the choice has a price.

The price is paid in the asymmetry. Every additional year the question goes unanswered, the gap between attacker risk and defender risk grows. The ransomware industry's revenue trajectory is not a mystery and it is not unpredictable. It is a rational market response to a legal environment in which the cost of attacking is approximately zero and the cost of defending is approximately unlimited.

The price is paid in moral coherence. A legal regime that permits deadly force in defense of a four-hundred-dollar television and forbids software-based interruption in defense of a hospital's entire patient record system is not internally consistent. The inconsistency does not become coherent because we have grown used to it.

The price is paid in deterrence. Deterrence requires consequence. There is no deterrence in cyber today, against any actor of any sophistication, because there is no consequence. The consequence that matters most — the one the attacker actually fears — is interruption of the operation in progress. Sanctions, indictments, and takedowns are post-hoc. They impose costs that the attacker can model and price in. Interruption is the consequence the attacker cannot model, because the attacker does not know when, by whom, or how it will arrive.

That is the consequence Congress has declined to authorize for forty years.

A modest proposal

I am not proposing that Congress pass the Active Cyber Defense Certainty Act as written. The 2017 and 2019 versions of that bill were imperfect, and reasonable people disagreed about specific provisions. I am proposing that Congress hold the hearing.

Forty years of avoidance is enough.

The question on the table is narrow, specific, and legally tractable. Does the victim of an active exfiltration, under a reasonableness standard, have the right to take action against the immediate next hop in the transfer chain to interrupt the transfer in progress? It is a yes-or-no question. Congress has answered every other cyber question it has been asked since 1986. It can answer this one.

I expect that when Congress finally holds that hearing, the answer will involve a tightly scoped right, a high reasonableness standard, a mandatory reporting requirement, and meaningful liability for abuse. That is what the legislative process is for. The current answer — that the question is too uncomfortable to ask — is not a legal position. It is an abdication.

The grandmother in Ohio has more enforceable rights tonight than the hospital CISO watching her patient records leave the building.

That is not a security policy. That is a forty-year-old silence.

It is time to break it.

The author is a former Commander of the U.S. Army Computer Emergency Response Team with 25 years experience in information technology, cyber operations, cybersecurity and compliance. The views expressed are his own.

A Historic Summit between China and North Korea

There was no absence of Chinese and North Korean media coverage of Chinese President Xi Jinping’s visit to North Korea for meetings with Chairman Kim Jong Un. Mr. Xi’s last visit was in 2019, and what a difference seven years makes when you are dealing with North Korea.

Mr. Xi received royal treatment during his two-day visit in June 2026. Chinese and North Korean media coverage spoke of expanding cooperation on trade, agriculture, construction, and technology and enhancing exchanges in diplomacy, law enforcement and military affairs. Interestingly, China’s Minister of Defense, Dong Jun, and his North Korean counterpart, No Kwang-Chol, also participated in some of the meetings.

During the visit to the North Korea-China Friendship Tower to honor fallen soldiers from the 1950-1953 Korean War, Messrs. Xi and Kim stressed the importance of carrying forward their traditional friendship, with the “spirit of resistance against the U.S.”

Discounting the symbolism, what did China accomplish from the visit, the first foreign trip in 2026 for Mr. Xi?

1. Reaffirmation that North Korea is China's only ally, pursuant to the 1961 Treaty of Friendship, Cooperation and Mutual Assistance. Following Mr. Xi’s visit, it’s likely North Korea will receive an impressive gift from China.

2.North Korea’s recommitment to a one-China policy over the Taiwan issue.

3.A message to Russia’s Vladimir Putin that China will ensure that North Korea remains economically and strategically tethered to China. North Korea keeps China apprised of their military support to Russia for its war in Ukraine.

4.A message to President Donald Trump that China retains considerable leverage over North Korea and any U.S. effort to seek rapprochement with North Korea will be transparent to Beijing and dependent on China’s support.

What did North Korea accomplish from the visit of Mr. Xi?

1.De facto recognition that North Korea is a nuclear weapons state.

2.The prestige accrued to Mr. Kim from the visit of Mr. Xi.

3.A likely uptick in trade and agricultural assistance, pursuant to commitments Mr. Xi made during the visit. Also, likely closer collaboration between the Korean People’s Army and China’s People’s Liberation Army.

Clearly, what Mr. Kim got from the visit was the prestige of having two great powers – China and Russia – vie for North Korea’s attention. The September 2025 Victory Day celebration in Beijing, with Mr. Kim standing next to Messrs. Xi and Putin, preceded by the visit of Mr. Putin to Pyongyang and now Mr. Xi’s visit to Pyongyang all contribute to an enhanced profile for a North Korean leader who is building more nuclear weapons that can be mated to ballistic missiles that can target South Korea, Japan, and the U.S.

It’s likely the U.S. was discussed in private discussions between these two leaders. Mr. Kim probably made the case for North Korea’s nuclear program and counseled against China overtly again calling for the denuclearization of the Korean Peninsula.

In fact, Mr. Kim probably made it clear to Mr. Xi that the construction of the new Uranium Enrichment facility at Yongbyon was a message he was sending to the U.S. : North Korea’s nuclear program will make it clear (to the U.S.) that the Yongbyon nuclear complex now has a new facility that is spinning sophisticated centrifuges to produce more Highly Enriched Uranium (HEU) for nuclear weapons. Indeed, the Yongbyon facility was the facility that Mr. Kim offered to dismantle in February 2019 at the Hanoi Summit with Mr. Trump, in exchange for the lifting of sanctions imposed in 2016. Mr. Kim’s message to the U.S.: You missed an opportunity and now we will use this new HEU facility to build more nuclear weapons.

It is interesting that Mr. Xi’s last visit to North Korea was in June 2019, a few months after Mr. Trump’s summit with Mr. Kim in Hanoi. It’s clear that China was expecting a briefing on the summit and the status of U.S. relations with North Korea.

Having a friendly North Korea as a buffer state with a South Korea aligned with the U.S. is important to Beijing. Expecting China to facilitate contact between Mr. Trump and Mr. Kim is unrealistic and not in China’s interest. The ball is in the U.S. court.

The author is a former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This article was originally published in The Washington Times and is republished here with the author's permission.

DNI Day One: Three Strategic Decisions for National Security Evolution

Authors’ Note:

This paper is intended to frame a discussion, not settle one.

Too often, debates about intelligence reform begin with organizational charts and predetermined solutions. We believe the more important starting point is identifying the strategic decisions that should not be avoided. The next Director of National Intelligence will have to address questions surrounding enterprise leadership, resource alignment, technological modernization, and strategic competition. This first paper examines those issues and the questions that should be asked. A second paper will explore potential answers.

Introduction

The next Director of National Intelligence inherits an Intelligence Community facing simultaneous technological, geopolitical, and institutional disruption.

The post-9/11 reforms that created the DNI helped solve many of the Intelligence Community's integration challenges. Those reforms were designed for a world still shaped by the aftermath of 9/11, where the primary concern was improving information sharing and coordination among intelligence agencies. They did not anticipate the strategic environment the next DNI will face.

Today, artificial intelligence is changing and improving how intelligence is collected, analyzed, and consumed. Commercial providers increasingly own capabilities once reserved for governments. Space has become a critical intelligence domain and a contested warfighting environment. Adversaries exploit the seams between foreign and domestic authorities, using cyber operations, influence campaigns, technology theft, and economic coercion to achieve strategic objectives below the threshold of armed conflict.

At the same time, the Intelligence Community faces growing fiscal pressures associated with the costs of advanced technologies, commercial data, and modern collection systems. The Community must modernize while sustaining a full operational tempo. Intelligence professionals continue to support ongoing crises and competition across the Middle East, Russia's war against Ukraine, strategic competition with China and tensions surrounding Taiwan, challenges throughout the Southern Hemisphere, and emerging frontiers such as the Arctic and space. The next DNI will not have the luxury of choosing between today's missions and tomorrow's investments; success will require doing both.

This paper identifies three strategic decision areas that deserve immediate attention from the next DNI. The question is no longer whether the Intelligence Community must evolve. The question is whether it can evolve fast enough to stay relevant.

Scenario 1:
Resist the Urge to Build New Bureaucracies

Core Question

Is the Intelligence Community suffering from a lack of organizations—or a lack of integrated management?

Discussion

Since its creation in 2004, ODNI has steadily taken on missions, oversight responsibilities, and coordinating functions. While these additions addressed legitimate needs and emerging challenges, they also have raised a more fundamental question: has ODNI become too focused on expanding its own mission responsibilities and not focused enough on its primary responsibility to lead, integrate, and support the existing functions of the Intelligence Community?

The DNI was created to serve as the nation's senior intelligence integrator, bringing together the capabilities, expertise, and resources of a diverse Intelligence Community. Its value was never intended to come from building large operational organizations or owning missions. Its value comes from setting priorities, convening stakeholders, aligning resources, resolving disputes, and ensuring that the Intelligence Community functions as a coherent enterprise.

As new challenges emerged, the Intelligence Community often responded by creating new centers, offices, governance structures, and oversight mechanisms. While many have delivered value, the cumulative effect has been to draw ODNI toward mission execution and away from its core service imperative: enabling the success of the organizations that conduct intelligence collection, analysis, operations, and support to policymakers and warfighters every day.

The central question for the next DNI is whether ODNI is best positioned as another mission-focused organization within the Intelligence Community or whether it should recommit to its original role as the leadership, integration, and convening body for the enterprise.

The next DNI should examine whether the current structure is optimized to lead the Intelligence Community as a unified enterprise or whether a renewed focus on Community Management would better support integration.

KEY ISSUES:

·Should ODNI return to a Community Management model focused on enterprise leadership, integration, and resource alignment?

·Has the growth of ODNI strengthened the Intelligence Community or diluted ODNI's ability to serve as the enterprise integrator?

·What functions are uniquely appropriate for ODNI, and what functions should remain with existing intelligence agencies and departments?

·How should the DNI exercise leadership across the Intelligence Community without creating additional layers of bureaucracy?

·What mechanisms are needed to align collection, analysis, technology adoption, workforce development, partnerships, and budgets across the enterprise?

·Should National Intelligence Managers be empowered as true enterprise leaders responsible for integrating mission execution across agencies?

·How should ODNI lead the integration of emerging priorities such as Artificial Intelligence, commercial data, and space capabilities without becoming the owner or operator of those missions?

·What is the appropriate role of ODNI in supporting Defense Intelligence, NCTC, NCSC, and other mission organizations while avoiding duplication of effort?

Scenario 2:
Resource the Intelligence Community for the AI and Space Age

Core Question

Can the United States afford fragmented investment decisions in an era where artificial intelligence, commercial data, and space capabilities are becoming decisive intelligence advantages?

Discussion

In Washington, strategy ultimately becomes a resource question. Priorities, authorities, organizational responsibilities, and technology adoption all follow the allocation of resources. In FY2026 alone, the Administration requested approximately $115.5 billion for intelligence activities, including $81.9 billion in the National Intelligence Program and $33.6 billion in the Military Intelligence Program, increases of $8.5 billion and $5.4 billion respectively over the previous year. One of the most important issues facing the next DNI is whether the Intelligence Community's current resource structure is aligned with how intelligence is actually produced, consumed, and operationalized today.Complicating this challenge is the longstanding divide between funding in the National Intelligence Program (NIP) and the Military Intelligence Program (MIP). While often treated as distinct funding streams with separate constituencies, the reality is considerably more complex. The current arrangement is rooted less in strategic design than in a series of historical compromises intended to balance the authorities of the Secretary of Defense, the Director of National Intelligence, and the broader Intelligence Community.

Today, that framework increasingly obscures more than it clarifies. What many outside the Intelligence Community do not realize is that substantial portions of intelligence resources funded through the National Intelligence Program directly support military operations, combat support activities, and defense intelligence functions. Likewise, many intelligence capabilities developed to support military missions provide strategic warning, indications and warning, and national-level intelligence for policymakers across the government.

The distinction between "national" and "military" intelligence made more sense in an era when intelligence missions, collection platforms, customers, and operational environments were more clearly separated. Today, the same satellite constellation may support strategic warning, operational planning, targeting, humanitarian assistance, maritime awareness, and battlefield operations. Commercial data is consumed by analysts and warfighters alike. Artificial intelligence models may support national policymakers, combatant commanders, and tactical operators simultaneously.

The more important question is not how funding is labeled, but whether the Intelligence Community is organized to make coherent investment decisions across the enterprise. The next DNI should examine whether the current MIP-NIP construct encourages integrated capabilities and enterprise modernization or reinforces organizational boundaries that no longer reflect operational reality.

This question has become increasingly urgent as the Intelligence Community enters a period in which technological advantage may matter as much as traditional intelligence tradecraft. Artificial intelligence, commercial data, advanced sensors, and space-based capabilities are reshaping how intelligence is collected, analyzed, and consumed. The challenge is no longer simply acquiring information. The challenge is processing, validating, integrating, and acting upon unprecedented volumes of data at operational speed.

At the same time, the Intelligence Community faces fiscal pressures and rapidly rising costs associated with artificial intelligence infrastructure, commercial data, cloud computing, advanced collection systems, and space capabilities. The challenge is establishing common priorities, investment strategies, and architectural principles across an Intelligence Community that remains divided among multiple agencies, departments, funding streams, priorities, and acquisition authorities.

For much of the Intelligence Community's history, the government drove intelligence innovation through its own research, development, and procurement activities. Today, that dynamic has fundamentally changed. Artificial intelligence, commercial remote sensing, cloud computing, advanced analytics, and many of the data sources increasingly relied upon by intelligence professionals are being developed and scaled by industry. For the first time in Intelligence Community history, a significant portion of future intelligence advantage will be derived from capabilities developed, built, and funded outside government.

This reality presents both opportunity and risk. The opportunity lies in unprecedented access to innovation, competition, and commercial investment. The risk is fragmentation: duplicative purchases, incompatible architectures, inconsistent security standards, vendor lock, and missed opportunities to leverage enterprise buying power. At no point in Intelligence Community history has the opportunity for partnership with industry been greater. Equally, at no point has the need for enterprise discipline been more important.

Taxpayers should expect intelligence resources to produce secure, interoperable, and mission-driven capabilities regardless of which budget line funds them. Achieving that outcome will require greater alignment across intelligence priorities, acquisition decisions, technology architectures, and commercial partnerships than the current construct was originally designed to support.

Key Issues

• Would National Intelligence Program and Military Intelligence Program merger be more cost effective or is increased alignment enough?

• The Department of Defense is the largest consumer of intelligence, owns most of the nation's collection infrastructure, and operates the largest intelligence enterprise. What is the appropriate relationship between the DNI, OUSDI&S, the Joint Staff, and Combatant Commands in setting intelligence priorities?

• Who should establish enterprise collection investment priorities?

• How should the Intelligence Community approach commercial GEOINT, commercial data, and emerging commercial intelligence capabilities?

• What is the right balance between AI-enabled analysis and human expertise?

• What role should open-source and commercially available information play in future intelligence architectures?

• How can the Intelligence Community modernize technology and data architectures while avoiding duplication, vendor lock, and fragmented acquisition strategies?

• What common standards, security frameworks, and enterprise investments are required to maximize taxpayer value and mission effectiveness?

Scenario 3:
Competing Without Borders

Core Question

Are U.S. intelligence institutions aligned with the realities of modern strategic competition?

Discussion

America's principal adversaries do not recognize the traditional boundaries between foreign intelligence, domestic security, law enforcement, cyber operations, economic competition, and influence campaigns.

China conducts technology acquisition, influence operations, cyber espionage, economic coercion, and military modernization as part of a coordinated national strategy. Russia blends intelligence operations, cyber activities, disinformation, political influence, and proxy networks to shape perceptions and undermine democratic institutions. Iran and other actors increasingly exploit digital platforms, transnational networks, and non-state actors to advance strategic objectives while remaining below the threshold of armed conflict.

These activities are not isolated intelligence challenges. They are components of long-term campaigns designed to influence decision-making, shape global narratives, acquire technology, weaken alliances, and gain strategic advantage without resorting to conventional war.

Yet many of the institutions responsible for defending the United States remain organized around distinctions that are becoming increasingly difficult to separate in practice even if rooted in well-intentioned constitutional constructs. Foreign intelligence, counterintelligence, law enforcement, economic security, cyber defense, and influence operations often fall under different authorities, organizations, and policy frameworks despite being employed simultaneously by America's adversaries.

The challenge for the next DNI is not simply improving intelligence collection. It is confronting the reality that America's principal adversaries have learned to exploit the seams between intelligence, law enforcement, counterintelligence, cyber defense, economic security, technology protection, and influence operations. These gaps are no longer theoretical vulnerabilities. They have become operational opportunities for foreign adversaries seeking strategic advantage below the threshold of armed conflict.

While America's adversaries increasingly pursue integrated national campaigns, the United States often responds through separate organizations, authorities, and policy frameworks. Foreign intelligence, counterintelligence, economic security, cyber defense, influence monitoring, and law enforcement remain divided among multiple institutions, even as adversaries employ them simultaneously.

For much of the post-Cold War era, the Intelligence Community focused on warning, collection, and analysis. Those functions remain essential, but strategic competition demands something more. The Intelligence Community must help identify, expose, disrupt, and provide options to impose costs on adversary campaigns that span diplomatic, economic, informational, cyber, and military domains. This requires not only intelligence excellence, but also stronger integration across government and a renewed focus on irregular warfare and strategic competition.

Key Issues

·Are U.S. intelligence, law enforcement, and national security institutions organized to compete against adversaries that operate across traditional bureaucratic and legal boundaries?

·How should the Intelligence Community support whole-of-government campaigns for strategic competition and irregular warfare?

·What role should counterintelligence play in protecting U.S. technology, research institutions, critical infrastructure, and economic competitiveness?

·How should the United States balance civil liberties and openness while countering foreign influence, manipulation, and information operations?

·Is the current division between intelligence and law enforcement authorities optimized for the realities of modern strategic competition?

·What role should economic security and technology protection play in Intelligence Community priorities and how does ODNI handle this work?

·Should the United States consider new institutional models, including an expanded counterintelligence architecture or an MI5-like construct, to address foreign influence and hostile state activity?

Conclusion

A successful DNI will not be measured by how many organizations are created, merged, renamed, or eliminated.

Success will be measured by whether the Intelligence Community becomes more integrated, more technologically agile, more operationally relevant, can defeat our adversaries, and be more capable of providing options for decision-makers during strategic competition.

The next DNI's greatest challenge will not be managing the Intelligence Community inherited from 2004. It will be preparing the Intelligence Community required for 2045.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

AI Is Speeding Up Intelligence, But Not the System Around It

AI is compressing parts of the intelligence cycle, but modernization is occurring unevenly across collection, analysis, validation, dissemination, and policymaker integration. The resulting friction—not the technology itself—creates the defining opportunity for IC leaders.

It’s tradecraft, not technology, that is a primary constraint on intelligence performance in the AI era. This piece examines where that constraint is already being tested and what IC leaders can do about it.

Compression is Already Happening

In some areas, AI is already reshaping intelligence work in meaningful and measurable ways. Former NGA Director Vice Adm. Trey Whitworth (Ret.) has repeatedly highlighted how AI is revolutionizing GEOINT. Full-motion video analysis that once required extensive manual exploitation is increasingly automated and continuous. Project Maven fundamentally changed the economics of GEOINT warfighter support by applying computer vision to operational imagery workflows. Some AI-generated products are being disseminated to senior policymakers with minimal human involvement.

Even before Anthropic’s game-changing Mythos product, SIGINT and cyber operations similarly benefited from AI. NSA's Human Language Technology program automates speaker identification and translation across more than 90 languages—enabling analysts to triage millions of intercepted communications and focus only on the relevant fraction. Cyber Command and NSA increasingly operate in what Former NSA Director Gen. Paul Nakasone (Ret.) called "persistent engagement"—environments where collection, analysis, decision-making, and cyber effects occur continuously rather than sequentially.

Open-source intelligence has arguably made the strongest strides. During recent conflicts, policymakers leveraged commercially available satellite imagery, social media, and public telemetry data in near real time. CIA's OSIRIS platform uses LLMs to synthesize vast volumes of open-source data, deliver summaries, and support analyst engagement through a chatbot. Former Open Source Enterprise Director Randy Nixon argued that these advances enabled OSINT to become “the INT of first resort”—a model for all-source intelligence collection and analysis.

But Compression Is Uneven

GEOINT, SIGINT, and OSINT lend themselves to AI adoption: they are data-rich, measurable, and in OSINT's case, unclassified. Clandestine tradecraft and rigorous analytic tradecraft are harder to accelerate.

The Beginning of a Strategy

Deputy Director Michael Ellis recently said that CIA expects AI to become an everyday “co-worker” for analysts within the next few years. He described a future where AI systems help analysts draft reports, identify patterns across massive datasets, test conclusions, and surface threats. Ellis also said that analysts are already experimenting with how to evaluate, validate, and cite AI-enabled insights. Questions that were largely theoretical only a few years ago are becoming practical tradecraft challenges:

How should AI-assisted analysis be sourced and validated?
What level of confidence should accompany machine-generated insights?
How should analysts distinguish between AI-enabled synthesis and human judgment?
What standards should govern the use of AI-generated content in finished intelligence?

These are important developments because they signal that intelligence leaders are thinking about how technology adoption requires tradecraft modernization.

Coordination, Validation, and Analytic Workflows

Deploying AI tools for isolated analytic tasks (e.g., search, discovery, drafting) is relatively straightforward. An analyst may now receive machine-generated correlations in seconds yet still wait hours or days for cross-agency coordination, sourcing validation, or product approval. Reimagining those surrounding workflows—how information moves, how trust is established, how products are reviewed, and how analysts interact with machine-generated outputs—is substantially more difficult.

The opportunity is enormous but requires redesigning the processes themselves—while continuing to deliver on policymakers’ daily needs.

Policy Integration and Decision Support

The compression challenge becomes even more visible when intelligence intersects with policymaking.

The traditional model of intelligence dissemination was built around periodic delivery and daily briefing cycles like the President’s Daily Brief. However, policymakers now consume intelligence alongside operational updates, open-source reporting, and social media—and make decisions at the edge, often faster than traditional dissemination cycles allow. To adapt, intelligence agencies will need to provide continuously updated context, machine-assisted forecasting, and dynamic collaboration embedded directly into policymaking workflows.

Consider what this looks like in practice: a combatant commander or ambassador can query an AI-enabled analytic system for a continuously refreshed threat picture, stress-test an assumption against alternative scenarios, and receive a validated assessment—all in the 30 minutes before he walks into a meeting with his foreign counterpart. Elements of this reality exist today. During Operation Epic Fury, the 38-day air campaign against Iran, AI synthesized targeting data across the battlespace in real time to support strikes on roughly 13,000 targets in just over a month—a pace of machine-assisted decision-making with no precedent in U.S. operations.

The challenge for intelligence leaders is driving development and adoption to make it systematic, trusted, and governed. As OSIRIS proved, AI-enabled platforms are already beginning to empower policymakers to interact with intelligence this way. In that environment, intelligence is no longer a product delivered to decision-makers. It is the environment in which they decide.

That does not mean abandoning rigor or replacing strategic analysis with real-time reporting. In fact, the opposite is true. As information velocity increases, the value of trusted analytic judgment, validation, and expert perspectives will increase.

The Emerging Risk: Asynchronous Modernization

The danger is that different parts of the system are modernizing at different speeds. Accelerating functions does not eliminate friction between functions. In some cases, it can increase it.

·Faster collection can overwhelm coordination processes.

·Faster analysis can outpace dissemination workflows.

·Automated insight generation can challenge validation, trust, and decision integration.

The Leadership Challenge

Leading companies discovered that AI could not remain a standalone innovation initiative. As AI began reshaping workflows, governance, and strategy, responsibility migrated from CIOs and innovation teams to CEOs and boards. Intelligence leaders must make a similar pivot. Modernization cannot be outsourced to technologists, innovation offices, or isolated teams. Pockets of ‘AI money’ and lists of ‘AI projects’ are technocratic, not strategic.

To fundamentally modernize how the system operates, IC leaders must be directly involved in reimagining the intelligence cycle, redefining tradecraft expectations, reshaping decision models, and aligning institutional incentives. That means three things.

First, leaders must connect the technology agenda to the mission agenda. The private sector learned that AI transformation fails when it is treated as an IT problem rather than a strategic one. The IC faces the same risk. The goal is decision advantage at the speed of policymakers and warfighters. Keeping that mission orientation at the center of the technology agenda is a leadership responsibility that cannot be delegated.

Second, leaders must own the coherence problem. It is not enough to authorize AI investments and track deployment metrics. Leaders must make architectural choices about which parts of the cycle to accelerate together, how to manage the seams between them, and what governance structures are needed to ensure the system absorbs new capability without creating new failure modes.

Third, leaders must redefine what tradecraft means in an AI-assisted environment. The standards that govern sourcing, analytic confidence, and product integrity were built for human workflows. They need to be deliberately redesigned—not abandoned—for an environment where machine-generated insights are embedded throughout the production chain. Deputy Director Ellis’s four questions are the right starting point.

AI may compress intelligence production, but only leadership can compress the distance between insight and decision.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why Human Intelligence Matters More in an AI World

An impending casualty of artificial intelligence, we are told, is the human spy. The conventional wisdom is that in our AI future, there’s little need to recruit agents, plan secret rendezvous, or conduct dead drops—the old-school tradecraft of espionage. “Human spies in the field will become rare,” wrote David Ignatius after surveying the growing field of AI intelligence startups. “The future of espionage is written in zeros and ones.”

Yes, AI will become an indispensable tool for case officers, agents, fabricators, counterintelligence services, and the rest of the intelligence world. But this will have the paradoxical effect of increasing the importance of old-fashioned human intelligence.

Economics tells us that the value of something is determined by the benefit it provides on the margin—not by its raw power or pervasiveness. We should expect that AI will lower many barriers to technical intelligence collection and analysis. This has happened in other spheres: Open-source encryption put tools once reserved for states into everyone’s hands. Likewise, you no longer need a national space program — just a credit card — to order up high-resolution satellite photography and buy AI-powered software to analyze the results.

Human intelligence is scarcer and harder to replicate, and so its marginal value will rise. Vast amounts of data alone cannot reveal what a foreign leader intends to do, nor what is happening inside an “air-gapped” network. Human sources can.

Human intelligence has always helped validate technical collection. That role will grow in importance as AI poisons the information environment. Electronic channels will be flooded with fabricated phone calls, forged documents, and other convincing synthetic media. Signals intercepts will be harder to trust on their own. A human agent can help cut through that deluge of disinformation—and help distinguish authentic source material from forgeries.

Finally, AI is making digital communications less trustworthy, as we already see with scammers using deepfake images, audio, and video calls for fraud. As deepfakes get harder to detect, the rational response will be to distrust electronic communications. The corollary? Secure, person-to-person communication will rise in value. Case officers have long relied on dead drops, brush passes, and brief meetings to communicate with their agents. In an AI-saturated world, these traditional techniques may be the most reliable methods of communication we have.

None of this means that technical intelligence will become unimportant. And AI will certainly transform human intelligence operations—for better and for worse. It will help case officers select operational sites, prepare for agent meetings, and improve their ability to persuade foreigners to commit espionage. At the same time, AI will supercharge surveillance, provide fabricators with an unlimited source of plausible but false information, and help counterintelligence services predict the activities of case officers operating in their countries.

Still, as AI makes technical collection cheaper, deception easier, and digital communication less trustworthy, the value of human sources will rise. And the case officer, working in the shadows of our artificial future, will matter more than ever.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The AI Race Won't Be Won by the Best Model—But by the Fastest Military

The United States Intelligence Community does not ordinarily deal in hyperbole. When the Office of the Director of National Intelligence released its annual threat assessment on March 18, artificial intelligence featured prominently among a complex array of challenges — elevated, alongside quantum computing, to what the IC now treats as a central driver of power and strategic risk.

The document concluded that Beijing “is the most capable competitor in this field” and aims to displace the United States as the global AI leader by 2030, warning that AI has already been used in recent conflicts to influence targeting and streamline decision-making.

How Washington responds, and whether its current posture matches the urgency its own intelligence community has outlined, came into sharp relief in May, as President Trump touched down in Beijing alongside Nvidia CEO Jensen Huang for a high-stakes summit that put AI and semiconductors at the center of United States-China diplomacy.

The three-month problem

According to some assessments, open-source Chinese AI models currently trail the most advanced American proprietary systems by roughly three to six months — DeepSeek’s own V4 release acknowledged that gap, which broader estimates from Epoch AI place closer to seven months. Yet that sliver of a lead is effectively meaningless from a military standpoint, because it takes not months but years for armed forces to absorb AI technology and translate it into a genuine battlefield advantage.

Carlos Perez, Director of Security Intelligence at TrustedSec, says the public numbers may not tell the full story.

“It is also important to recognize that China operates models that are not publicly available, so we have limited visibility into their true capabilities,” he tells The Cipher Brief. “Companies such as Alibaba and Tencent operate under significant government oversight and legal obligations tied to state investment and regulation. As a result, the actual capability gap may be smaller or larger than public comparisons suggest.”

China is not waiting for Washington to sort out its strategy.

The 2026 threat assessment describes Beijing’s approach as a coordinated, national-level strategy aimed at displacing the United States as the most influential AI power by 2030. Beijing is deploying autonomous drone programs at speed, integrating swarm intelligence into military doctrine, and leveraging a centralized governance architecture that allows civilian AI firms to be folded directly into People’s Liberation Army modernization efforts.

Alibaba and Baidu were both added to the Pentagon’s Chinese Military Companies list in February. DeepSeek has since become part of the People’s Liberation Army’s efforts to modernize its military healthcare infrastructure, according to analysis by the Foundation for Defense of Democracies. The House Select Committee on China concluded last year that the company was built, at least in part, on restricted American semiconductor chips and that its app functions as a direct pipeline for foreign intelligence collection on American users.

Aaron Estes, vice president of product management at Binary Defense and a former defense and intelligence official with 25 years of experience, tells The Cipher Brief the threat is more nuanced than a simple capability gap.

“The danger is that once these models are ‘good enough,’ the advantage shifts from model quality to speed of deployment, access to operational data, integration with command systems, and willingness to use AI in real-world workflows,” he explains. “A three-month gap in frontier model performance can disappear quickly if the other side is better at turning AI into operational tempo.”

Indeed, the real gap is not in the models. China can put its tech sector to work for its military tomorrow. The United States has to pass a bill first.

A policy vacuum in the middle of a race

On January 9, Defense Secretary Pete Hegseth signed the Department of War’s AI Acceleration Strategy — a document that declared speed wins, that the risks of moving too slowly now outweigh the risks of moving imperfectly, and that 2026 was the year the Pentagon would get serious about military AI dominance. Overlapping innovation offices were folded into a leaner CTO Action Group.

The document landed with fanfare. Yet, the budget did not follow. Washington keeps declaring AI a national security imperative while trimming the agencies and funding lines that would actually make it one — a contradiction the Bloomsbury Intelligence and Security Institute flagged in its recent read of the annual threat assessment.

Congress passed a more than 3,000-page National Defense Authorization Act that touched on AI across dozens of provisions — banning both the Defense Department and intelligence agencies from using DeepSeek and directing the Pentagon’s chief digital officer to build a department-wide AI assessment and procurement framework — yet defense analysts say it falls well short of the enforceable legal architecture the military needs.

Matthew Wein, a former policy advisor to the Department of Homeland Security, underscores that the White House’s March National Policy Framework for AI does not fill that gap.

“A strategy would be helpful to indicate where the government thinks we have an edge over competitors and how to maintain national security priorities as the technology landscape continues changing,” he tells The Cipher Brief. “It would also help the private sector understand how the government assesses China’s capabilities and give a blueprint for the frontier labs to use as a foundation to maintain their edge going forward.”

However, Leah Siskind, Director of Impact and AI Research Fellow at the Foundation for Defense of Democracies, argues that the threat itself is being mis-framed.

“There isn’t one AI threat, there’s a whole portfolio,” she tells The Cipher Brief. “Adversaries using AI for influence operations and cyber. Adversaries stealing or distilling American models. Adversaries racing us to military applications. A coherent strategy has to work all three at once, and right now Congress is moving faster than the executive branch on the first two.”

Siskind points to two bipartisan bills sitting on the floor — the AI OVERWATCH Act, which would codify congressional review of advanced chip sales to adversaries, and the Deterring American AI Model Theft Act, which creates a statutory framework to address Chinese model distillation attacks.

“The question is whether the White House, Commerce, and the AI czar’s office get behind them or fight them,” she continues.

The dispute between the Pentagon and Anthropic made that governance vacuum concrete. Anthropic was the first AI company to deploy frontier models on classified government networks, a position formalized by a $200 million DoD contract in July 2025. Talks broke down after the company refused to waive restrictions on autonomous weapons and mass domestic surveillance.

The Pentagon designated Anthropic a supply-chain risk—the first time that authority, historically reserved for foreign adversaries, had been applied to an American company —and Anthropic subsequently sued. As Siskind puts it: “Treating American frontier labs like Anthropic as national security supply chain risks is a strategic gift to Beijing.”

From experimentation to the edge

There is a basic problem that receives insufficient attention. Most military AI systems only work when connected to the internet. In a war, an enemy will cut that connection fast. OpenAI’s Pentagon contract actually reflects this limitation — its models can only be accessed through the cloud, meaning they cannot be built into weapons, sensors, or equipment troops use in the field.

The Army’s Project ARIA, Army Rapid Implementation of Artificial Intelligence, announced in March, explicitly aims to develop AI capabilities designed to function in denied, communications-degraded environments, but that effort remains in early development. Perez points out that AI is already deployed operationally on the intelligence and planning side, largely through platforms developed by companies such as Palantir, but stresses that the greater challenge is at the tactical level.

“Ukraine has demonstrated how AI can be integrated into autonomous drone operations and real-time battlefield adaptation, and this is an area where the U.S. is still learning and evolving rapidly,” he says.

Meanwhile, the Stanford AI Index, an annual comprehensive measurement of global AI progress published in April by Stanford University’s Institute for Human-Centered Artificial Intelligence, found that the United States ranks 24th globally in AI adoption at 28 percent. Singapore sits at 61. The UAE is at 54. Those figures reflect the civilian economy, not the military, but the pattern maps uncomfortably onto the Pentagon’s own trajectory.

Estes emphasizes that fixing it requires more than a strategy document.

“The Pentagon’s biggest obstacle is not a lack of AI technology. It is the gap between prototype and trusted operational use,” he continues. “Battlefield AI needs clean data, secure deployment environments, clear authorities, auditability, human accountability, and integration into existing systems that were never designed for this pace. That is where most AI programs get stuck.”

The Beijing question

Against that backdrop, President Trump’s arrival in Beijing in May was particularly important. He landed with a delegation that included Apple CEO Tim Cook, Tesla CEO Elon Musk, and Nvidia CEO Jensen Huang — the latter a last-minute addition whose presence signaled that semiconductors and AI were central to the agenda alongside tariffs, rare earths, Taiwan, and the Iran war.

Treasury Secretary Scott Bessent announced that Washington and Beijing would establish a protocol on AI best practices aimed specifically at preventing the most powerful models from falling into the hands of non-state actors. Pressed on why substantive dialogue with China was even possible, Bessent was candid.

“The reason we are able to have wholesome discussions with the Chinese on AI is because we are in the lead,” he responded. “I do not think we would be having the same discussions if they were this far ahead of us.”

How durable that lead is remains an open question. The Commerce Department has cleared roughly 10 Chinese companies — including Alibaba, Tencent, ByteDance, and JD.com — to purchase Nvidia’s H200 chips. However, no deliveries have been made: Beijing has quietly been steering its major tech platforms away from purchases to support domestic chipmakers instead.

China hawks on the Hill see the chip approvals as proof of exactly the problem they have been warning about — that Washington has no coherent line between competing commercially with Beijing and containing it militarily. The United States named AI the defining challenge of the era. It is now debating whether to sell China the chips that define it.

Wein says the path forward requires the government to be a better customer, not just a louder regulator.

“A more lax regulatory environment may be helpful for labs’ commercial growth, but a government strategy would also give them a useful framework from one of their largest customers, and position the United States as a standard setter in the space,” he asserts.

The cost of getting that wrong is not theoretical.

“The risk of relying too heavily on general-purpose commercial AI is that we end up with tools optimized for broad productivity, not contested military environments,” Estes adds. “Military AI has to work with incomplete data, deception, adversarial manipulation, degraded communications, classified context, and life-or-death accountability. What the United States actually needs are AI systems built from the ground up for the realities of warfare, not adapted from products designed for the consumer market.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Can the Pentagon Buy Faster Before the Next War Arrives?

“The reasons why DoD (the Defense Department) accepts flawed business cases are both structural and cultural in nature. Poor acquisition decisions are compounded by a budget planning process that requires DoD to secure long-range funding commitments before a program’s business case is fully understood. The current process incentivizes ‘starting fast’ -- awarding massive development contracts quickly, often in the name of preserving the industrial base, and obligating funds rapidly to ensure the budget is not ‘lost’ to another program. Success is all too often measured by activity (money spent), not by outcomes (capability delivered).”

That’s a quote from a Government Accountability Office (GAO) report released June 9, entitled, Weapon Systems Acquisition: Beyond Business as Usual -- Using Leading Practices to Curb Waste and Save Billions. It describes long-term problems within the military procurement systems that have emerged from U.S. arms use in the Iran and Ukraine wars that in turn has drawn the attention of the White House, the Pentagon and the Congress.

The June 9, GAO report said, “DoD plans to invest over $2.4 trillion to develop and acquire its costliest weapon systems. The need for smart spending and increased urgency and innovation for these acquisitions are national imperatives to help DoD maintain a competitive edge over adversaries. But DoD continues to struggle with delivering timely, cost-effective solutions to the war-fighter, and slow, linear development approaches persist.”

The result, according to the GAO, is “the expected time frame for major programs to deliver an initial [operational] capability now exceeds 12 years. Every month of delay in a weapon system acquisition program causes a war-fighter to rely on aging, less-capable equipment for longer.”

The GAO found, “In contrast, leading commercial companies iteratively develop business cases to respond to users’ needs and finish fast, helping them stay on budget. They re-assess business cases regularly to avert problems sooner. They also ramp up investments as products demonstrate progress.”

In contrast, the GAO said, “DoD has yet to fully adopt these leading practices because acquisition policies do not treat iterative development as a founding principle for all weapon system acquisitions programs.”

However, as the GAO points out, “As noted in its November 2025 policy memorandum aimed at revamping the defense acquisition system, DoD now plans to maximize acquisition flexibility, among other changes.”

Perhaps the poster child for DoD procurement issues is the built F-35 aircraft, whose prime contractor has been Lockheed Martin.

The F-35 Lightning II is a family of fifth-generation strike fighters – with versions in the Air Force, Navy and Marines -- that integrate low-observable (stealth) technology with advanced sensors and computer networking capabilities. According to the GAO, DoD completed the final phase of the original F-35 development program in March 2024 -- over a decade later and at a cost of $250 billion more than originally planned. Now, DoD is upgrading F-35 capabilities by adding technology innovations under modernization efforts.

The GAO said, “In recent years, the program paid contractors hundreds of millions of dollars in incentive fees that were intended to improve on-time delivery. However, the structure of on-time delivery incentives allowed the contractor to deliver aircraft up to 60 days late, and still earn some of the fee.”

In addition, since 2017 there have been disputes over software with Lockheed claiming certain portions of the software were developed at the company’s expense and could not be used by the military unless it paid licensing fees. At the same time the Pentagon claimed that the government had paid for the F-35’s software development, and the military should not pay twice for access to it.

According to a 2025 GAO report, the Pentagon did not have the data rights needed to perform software diagnostics and some maintenance activities on the F-35s, including engine repairs, without an authorized contractor, because Lockheed Martin owned key intellectual property.

The newest GAO report on the F-35, sent last Wednesday to the House and Senate Armed Services Committees, said, “DoD operates and sustains over 800 F-35s and plans to buy about 1,700 more aircraft by the mid-2040s. DoD uses the F-35 to perform a wide range of missions and it is vital to the success of U.S. combat operations and homeland defense, according to DoD.”

GAO also said sustainment costs for the planned life of the overall F-35 program through 2088 have been estimated at $1.6 trillion.

However, the main finding of last week’s GAO report is: “Since 2021, F-35 sustainment costs have increased as fleet size has grown, but the F-35 fleet continues to not meet sustainment performance goals, with mission capable (MC) rates and full mission capable (FMC) rates declining.”

For example, according to the GAO, while operating costs have grown, the Air Force full mission capable rate for its F-35A aircraft in 2025 was 28.5 percent; the Navy F-35Cs were 15.3 percent, and the Marine F-35B and C versions were 16.2 percent and 22 percent respectively.

The GAO report said the F-35 Joint Program Office (JPO) “identified depot repair speed and the ability to procure parts as root causes driving low sustainment performance rate.” It also added that “an investment of about $13.7 billion in addition to previously planned spending through fiscal year 2031 to meet performance objectives. Overall, the strategy aims to achieve a fleet-wide [F-35] readiness level of an 80 percent MC rate and a 65 percent FMC rate by 2030.”

In 2025, GAO found that, according to JPO officials and maintainers, “the F-35 has faced significant corrosion issues that maintainers cannot repair without contractor support due to a lack of technical data.” The GAO recommended the DoD determine whether it had access to technical data needed from manufacturers, but last week’s new GAO report said they had not.

“We have consistently found,” the GAO said, “that technical data issues have hindered F-35 sustainment. While the [Defense] Department has taken some incremental steps to address these issues, significant challenges remain without a clear timeline for resolution.”

This is a problem recognized on Capitol Hill. The Senate Armed Services Committee, in its Friday press release describing the panel’s approved version of the Fiscal Year 2027 National Defense Authorization Act listed “Shifts burden of proof to contractors to justify restrictions on technical data” as one of its several major legislative reforms for the Pentagon.

Another DoD reform approved by the Senate committee: “Requires acceleration of the adoption and purchase of low-cost munitions, including a pilot program on air defense interceptors.”

Picking up on this issue last Friday was former-Joint Chiefs Chairman, Air Force General C.Q. Brown Jr. Speaking at the Center for a New American Security’s 2026 National Security Conference, Brown said, “The challenge we have is when you look at munitions, we don't prioritize those as much and they become the numbers [that] will go up and down. The numbers are enough just to keep the stockpile, but not enough to actually execute [if you are in a war].”

Brown went on to say, “Resourcing is an issue. If you can't get a budget on time, you can't write a contract.” That’s a reminder that the last time Congress passed a defense appropriations bill before October 1, when the federal fiscal year begins, was in 2010, for the fiscal year 2011 Pentagon budget. In each of the past 16 years, the DoD has had to rely on continuing resolutions and omnibus reconciliation packages, which delay defense funding for months into the fiscal year.

Brown called for “consistency and delivery” by which he meant how quickly you're able to scale numbers of items and deliver them, knowing funds are available.

“One of the things that I was pushing for as the Air Force chief and again as a [Joint Chiefs] Chairman is multi-year procurement,” Brown said.

He went on, “If you did multi-year procurement with a floor, you're always producing X number. You can always go above that, but never go below a certain number. That keeps industry with some level of certainty and that builds that trust so they can continue to deliver.”

Brown added, “How well do we understand across all our various weapon systems? Who are the primes [prime contractors] to do this work? Who are the subs [sub-contractors] and what [does]] the supply chain looks like. And then on top of that, what is the workforce or whatever automation you're going to use. It was a work I was doing as the [Joint Chiefs] Chairman to identify as we looked at all of our operational plans.”

Brown then continued, “So if you buy affordable mass [of weapons and munitions] today and put it on the shelf, will it still be viable five years from now, or five weeks from now? And so the key part here is how can you actually have a level of affordable mass that's adaptable that you can continue to upgrade over time and change out -- either software or parts or hardware and then you can scale it very quickly.”

Brown said at one point, “The aspect of [defense] production is also part of deterrence,” adding, “and showing that you can surge capability” is an important part.

As Brown and others have pointed out, Ukraine and Iran have suddenly focused more attention on innovation at the lower weaponry and munitions levels, at the same time that costly changes are continuing to be needed in the more complicated air and space armament such as the F-35.

Like it or not, the American people may have to learn to live with spending $1 trillion-plus, hopefully for a Department of Defense, rather than a Department of War.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Warning Paradox: Why Correct Intelligence Often Fails

In the months before Russia’s February 2022 invasion of Ukraine, the U.S. Intelligence Community did something remarkable. It got the call right—and said so out loud, rather than only in classified internal documents.

Intelligence assessments identified the likely invasion, the timing window, and plausible operational scenarios with a level of confidence the IC rarely displays outside classified channels. The CIA director flew to Moscow to deliver the warning directly. Intelligence was declassified at a pace and volume rarely seen in modern American practice. By any fair measure, the warning was a success.

Yet the policy response did not match the clarity or urgency of the warning.

That is the Warning Paradox: the recurring pattern in which intelligence correctly anticipates strategic events, but institutions fail to convert warning into preventive action before the forecast becomes a crisis.

My experience during the run-up to the Ukraine invasion showed that the Warning Paradox is not inevitable. The corporate intelligence team I led at the time reached the same conclusion. My team’s pre-invasion assessment correctly identified the likely move, the timing window, and the implications for our people, facilities, and supply chains across the region. The Wall Street Journal later documented that work on the front page of its December 12, 2022, print edition. Our assessment placed the start of hostilities within the twenty-four-hour window in which the invasion ultimately began.

Decision-makers took the warning seriously. Contingency posture was raised. People were moved. By the time Russian tanks crossed the Ukrainian border, the enterprise was in a defensible position. On the corporate side, our warnings translated into action.

The policy response in governments around the world, however, did not match the clarity or urgency of the warning.

Although sanctions planning was underway before the invasion, the most consequential measures were imposed only after Russian forces crossed the border. Lethal aid to Kyiv increased substantially only after the invasion became reality, not while it remained a contested forecast. Alliance posture stiffened in response to the war rather than in anticipation of it. The warnings were correct and early. The response was neither.

Ukraine was not an anomaly. It was one of the clearest recent examples of the Warning Paradox: intelligence got the threat right, but institutions failed to act with the urgency of the warning.

The August 6, 2001, Presidential Daily Brief did not produce a different September 11th outcome. The accumulating signal on Hamas before October 7, 2023, did not produce a different response inside the Israeli system. Crimea in 2014, COVID-19 in late-2019/early 2020, and the Afghan collapse in 2021 are each, in their own way, variations on the same theme. These cases differ in scale, context, and institutional setting. However, they point to the same recurring failure that warnings can be analytically valid and still die before they become a decision. A correct warning is not a sufficient condition for preventive action.

The bottleneck is rarely analytical. Intelligence producers often identify emerging threats with more accuracy than later public narratives allow. The gap persists between what the intelligence community sees and what the policy customer can absorb, decide on, and act on under uncertainty. That gap is structural. It persists for three reasons that appear to be features of the system, not bugs.

First is the asymmetric cost of acting on a warning that does not materialize. A policymaker who acts on a high-confidence warning that turns out to be wrong pays a visible, attributable price, often in squandered political capital, damaged relationships, or the “cried wolf” label. A policymaker who fails to act on a warning that turns out to be right pays a price too, but it is diffused across the system, shared with predecessors and peers, and absorbed by the institution rather than the individual. The incentive structure does not reward preventive boldness. It rewards explainable caution. Until that asymmetry is acknowledged and consciously offset, intelligence will continue to land in front of consumers whose private calculus rewards waiting over action.

Second is the consumer literacy gap: the uneven ability of decision-makers to understand probabilistic warnings and convert them into action. Intelligence is a product designed for a customer. Yet the customer is often a decision-maker whose training in absorbing probabilistic warnings is uneven at best. “We assess with high confidence” is a precise analytic statement; the structures to translate it into a specific decision tree, a sequenced set of preventive moves, and a named owner are not consistently present on the consumer side. This is less a criticism of individual policymakers than of the system around them, one that has invested heavily in producing intelligence and very lightly in building the institutional muscle memory to both receive and act upon it. The same pattern repeats in the corporate world. Boards are briefed on threats they could not, if asked, translate into a Monday morning action item.

The third is the governance gap between warning and decision. Inside both government and large corporate enterprises, no single office holds the authority to convert warnings into preventive action. The intelligence producer’s job ends with the warning. The policymaker’s job begins with a decision. The implementer’s job begins at execution. Between warning and decision is a coordination space nobody owns by name. This is the same governance gap that organizational risk practitioners describe in different vocabulary, and it is the most consistent reason correct intelligence fails to produce appropriate preventive action.

After nearly three decades in the Intelligence Community, including fourteen years at the Defense Intelligence Agency, I have seen what correct warning looks like when it lands well — and when it reaches decision-makers who cannot or will not convert it into action. The years since leaving public service, now leading corporate intelligence at a Fortune 50 enterprise, have taught me that the pattern is not peculiar to government. The exact vocabulary may differ, but the grammar remains the same.

The intelligence does not need to change as much as the consumer system around it does.

First, assign ownership. Someone in the room, by title, must be responsible for converting warnings into preventive action and be measured on it. In the absence of named ownership, a warning is a briefing, not a decision input.

Second, build the institutional muscle memory to receive information as a decision input. Decision-makers should rehearse the conversion of warnings into action, as operators or emergency services personnel do with contingency responses. Tabletop exercises, decision drills, and scenario planning before a crisis are inexpensive relative to the cost of surprise. They are also irregular at best in most organizations.

Third, lower the political cost of acting on a warning that doesn’t materialize. This is the hardest of the three because it is cultural rather than procedural, and it requires senior leaders, whether in government or in the C-suite, to defend subordinates who acted prudently on sound intelligence even when the worst-case scenario does not occur. Until acting on a warning is professionally survivable when the warning proves overcautious, the incentive structure will continue to punish exactly the behavior we say we want.

Chuck Randolph, a colleague in the corporate security community, puts the point more directly: “Intelligence without action is just information.” The line is uncomfortable because it is correct.

In many of the most consequential cases, the U.S. Intelligence Community is not failing simply because it cannot see the risk. The failure lies in the consumer system, which cannot act on what it is shown. Until that changes, we will continue to be surprised by events we warned ourselves were coming. We will continue to mistake analytical success for policy success, and policy failure for intelligence failure.

The Warning Paradox is not a forecasting problem. It is a consumer problem. Like most consumer problems, the people best positioned to solve it are the ones least accustomed to thinking of themselves as the bottleneck.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America's Veterans Are a Defense-Tech Asset — We're Wasting Them

I spent my formative adult years in service to my country—from seventeen to twenty-nine—and the core of how I identify myself remains that of a United States Marine. When I separated, the playbook was clear: suit up for the boardroom. Investment banks and consulting firms were the promised land, where top talent was expected to go.

It was not an easy transition. Few banks at the time viewed a Marine infantry officer's background as preparation for a career in finance. Frustrated by what my peers and I experienced, I helped found Veterans on Wall Street in 2009—a consortium of Bank of America, Citigroup, Credit Suisse, Deutsche Bank, and Goldman Sachs, led by veterans at each institution and focused on veteran hiring, transition support, and charitable giving. It was the right response for that moment.

That moment has passed.

The world has shifted decisively beneath our feet. Artificial intelligence, autonomous systems, cybersecurity, space, and advanced manufacturing are reordering the global balance of power and creating one of the most acute talent shortfalls in modern economic history. America's strategic competition with near-peer adversaries is no longer primarily a contest of battalions. It is a race to build, deploy, and operate AI systems, autonomous platforms, and secure communications infrastructure faster and more effectively than any rival. The conflicts unfolding today across the Middle East and beyond are shaped as much by autonomous systems, electronic warfare, sensors, and AI-enabled targeting as by boots on the ground.

The organizations building these systems need people who understand not only the technology, but the operational environments in which it will be used. Veterans who have worked in signals intelligence, operated in contested communications environments, or commanded logistics chains in austere conditions bring something no computer science curriculum can replicate: they have been the end user. They understand which failure modes matter.

The numbers are striking. More than 200,000 servicemembers separate from active duty every year. Meanwhile, technology occupations are projected to grow roughly twice as fast as overall employment over the next decade, with particularly acute demand in AI, data science, cloud infrastructure, and information security—roles that remain structurally undersupplied.

Yet the existing Transition Assistance Program (TAP) often functions as a checklist rather than a tailored pathway. Only about 52 percent of servicemembers complete the recommended one-year TAP timeline—a program designed for an economy that has itself moved on from the jobs it was built to funnel veterans into.

The irony is that veterans may be better positioned for the defense-tech economy than almost any other talent cohort—if we invest in the translation layer. Their skill sets naturally lend themselves to roles where human judgment, leadership under uncertainty, and adversarial thinking are most valuable: precisely the roles least susceptible to AI disruption and most critical to national security. They did not just study modern conflict. They fought it.

This is not a resume-translation problem. It is a strategic investment problem.

I learned this in a different context. In October 2004, my battalion deployed in support of what would become Operation Phantom Fury—the Second Battle of Fallujah, the bloodiest battle of the Iraq War. Eight days before the assault, we received an attached Iraqi Army company: 36 men out of an original 146, the rest having deserted. I didn't speak Arabic. My interpreter was a 55-year-old former physics teacher. Their weapons handling was dangerous. Their loyalties were uncertain. The decision before me was whether to lead them into combat or tuck them behind our movement through the city, as my peers planned to do. I led them from the front. And what emerged was an effective fighting unit—clearing houses alongside us, gathering intelligence no one else could access, saving lives on both sides.

The lesson I carried forward: the hardest leadership decisions are rarely about resources or capability. They are about the will to build the bridge between what you have and what the mission demands. That is exactly where we stand today on veteran transition.

The emerging defense-tech sector is already recognizing this. Firms such as Anduril and Shield AI—both co-founded by veterans—are hiring aggressively from military ranks. Organizations like MVA Foundation (MilVet Angels) have backed these up and coming defense tech startups, along with others like Hermeus, Ursa Major, and Cowboy Space Corp—a portfolio that maps almost precisely onto the Pentagon's own list of mission-critical technology priorities. What makes their model distinctive is its structure: all carried interest from exits flows back into a foundation funding veteran transition and entrepreneurship programs, creating a self-reinforcing cycle between investment returns and the next generation of veteran technologists. Palantir has taken a complementary approach through its American Tech Fellowship—a high-intensity program recruiting transitioning veterans and enlisted leaders, requiring no tech degree, and connecting graduates directly with defense tech employers. The core insight mirrors the best veteran transition efforts: the most persistent barrier is translation, and veterans routinely underestimate how directly their military experience maps to the roles AI-era employers can't fill. These are promising efforts. They are not yet at scale.

What would scale look like? Three things.

First, rebuild TAP around defense technology pipelines. The NSCAI and CNAS have argued for years that the program underdelivers, but they frame it as a workforce-quality problem. It is a national security routing problem. Statute already requires counseling to begin twelve months before separation, yet GAO finds 70 percent of servicemembers miss that threshold and commanders routinely waive attendance against their own services' rules. The answer is not another reform package layered onto a $500 million interagency program. The Secretary of War should use existing authority and appropriated dollars to redirect counseling toward critical-technology tracks, strip waiver discretion below the general-officer level, and replace completion rates with twelve- and twenty-four-month placement metrics tied to commanders' evaluations.

Second, fix SkillBridge's throttling problem. More than 25,000 servicemembers participated in fiscal year 2025 across 6,000-plus partners, but GAO's 2024 review found commanders deny or discourage participation because losing someone for 180 days reads as a readiness hit while the national security benefit accrues elsewhere. The Department of War should change how participants are counted against unit manning in their final 180 days, set a service-wide floor on approval rates with denials reviewable above the immediate commander, and require outcome reporting tied to placement in critical-technology sectors. The talent bench exists; the accounting rules are what keep commanders from releasing it.

Third, the private sector must signal that this is a strategic priority, not a corporate social responsibility initiative. Emerging defense tech companies competing for government contracts should be first movers. They have both the operational need and the patriotic case. When I helped found Veterans on Wall Street, the animating insight was that the private sector had to lead—that institutions with resources and relationships had to build the bridge before the government could cross it. The same logic applies now, in a sector with far higher national stakes.

A generation ago, top talent was expected to go into finance and consulting. Today, technology—and America's defense-tech companies—are building the arsenal of democracy for the 21st century. The people who know best how that arsenal must perform are already among us: 200,000 men and women separating from service every year, looking for someone to show them where they fit in the new economy.

The answer is in front of us. We just need the will to build the pipeline.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Economic Security in an Age of Strategic Competition

There is a growing perception among long-standing US allies that they need to expand commercial relations with the People’s Republic of China (PRC). A thaw or détente with the PRC brings both rewards, particularly for a sluggish economy like Britain’s, but also major risks. History shows that a superpower can ruthlessly exploit détente with the West.

Economic Security and Intelligence

Economic security and intelligence are nothing new. Before the Second World War, for example, Britain ran a small outfit known as the Industrial Intelligence Centre (IIC). Run by a former MI6 officer, Desmond Morton, the IIC provided a coordination of intelligence on German rearmament and, working with MI5, assessed Britain’s commercial vulnerabilities. British intelligence helped to devise the UK government’s War Book, which set out emergency regulations to protect critical national infrastructure in the event of war. After the Second World War, during the Cold War, it became a staple of British and other western intelligence to assess the size and strength of economies behind the Iron Curtain.

Risky Business

In 1972 President Nixon and his national security advisor, Henry Kissinger, ushered in a policy of détente with the Soviet Union. Its purpose was to further divide the Soviet Union from China. Papers at the Nixon library show that Kissinger was under pressure from British firms, in particular, to open up markets behind the Iron Curtain. Britain was in a dire economic doldrum following an oil shock due to a war in the Middle East.

Kissinger and Nixon knew that not all commercial technologies could be transferred to America’s main strategic enemy, the Soviet Union. The White House was accurately afraid of dual use technologies, namely those that were civilian but could also be used for military purposes. Kissinger limited the sale of high end computers and microchips, for example, only allowing second tier components to be sold to the Soviets.

Although Nixon and Kissinger accurately guessed that US industries would be targets for Soviet espionage, the extent to which the Soviets exploited détente would have been beyond their wildest imaginations. The collection of scientific and technical intelligence from the US was conducted by Soviet military intelligence (GRU) and the KGB, whose operating arm, Line-X, reported to Directorate T (Technology). In 1973 the KGB assigned an officer to New York whose full-time job was to collect (steal) US scientific and technical intelligence (S&T). By 1980 the US was producing more S&T intelligence for Moscow than the rest of the world combined. Visiting Soviet trade delegations to US research centers, laboratories and fortune 500 companies, for example, were packed with undeclared Soviet intelligence officers. In an agricultural delegation of a hundred Soviet officials about one third were known or suspected Soviet intelligence officers. In one visit to a Boeing laboratory a delegate applied adhesive to his shoes to obtain metal samples. The size of the Soviet onslaught was so large that entire fields of US research and development became replicated in the Soviet Union. The East German spy master, Markus Wolf, recalled the East German computer company, Robotron, was, thanks to Soviet espionage, an unofficial subsidiary of IBM.

Soviet S&T espionage was often facilitated by sloppy security at US defense contractors. An employee of TRW Corporations in Redondo Beach, CA, which manufactured a US spy satellite, recalled that workers “regularly partied and boozed it up during working hours with the ‘black vault’ housing the Rhyolite [spy] satellite project”. Bacardi rum, he claimed, was kept behind the cipher machines and a cipher-destruction device was used as a blender to mix banana daiquiris and Mai-Tais.

Soviet espionage was so far reaching that, ironically, by the end of the Cold War both sides of the conflict, NATO and the Soviet Union, were dependent on US S&T.

Business Risk

Fast forward to the present day – a time when the world is vastly more complicated than the last century’s Cold War. Western countries did not need the Soviet economy. By contrast, China is intertwined with the world economy.

Beijing is seeking to portray Washington’s new approach to economic, defense, and foreign policies as undermining the post war rules based international order that it created. Meanwhile the PRC, which, has previously railed against the international order (though in reality it vastly benefited from that order), is holding itself out to be the stable player on the world stage. The PRC’s attitude is that it will play by the rules when it suits it but is happy to break them whenever it decides to do so.

Recent diplomatic outreach to Beijing by Western leaders include agreements framed as pragmatic economic wins. If middle powers, like Britain, for example, pursue a strengthening of commercial relations with China, they will need a strategy to mitigate risk like Nixon and Kissinger developed. Britain does not have a strategy for doing so. Even China hawks, like former US ambassador in Beijing, Nicholas Burns, have stated that for economic growth the US will need to continue to trade with China, but will need to carve out elements of national security and critical infrastructure. The latter is a principle stretching back to the UK government War Book.

There is no reason why the PRC would not seek to exploit a détente with the west as the Soviets did before. The Chinese state and its intelligence services have never encountered a western business whose intellectual property they did not want. The Chinese Communist Party (CCP) uses a constellation of front companies to do business with the outside world. Often such companies will enter into business ventures to obtain intellectual property from their western counterparts, but then pull the plug, bankrupting their western counter parties. To add insult to injury, Chinese firms will often sell the product they have stolen back to western markets.

The name of the game for western businesses must therefore be risk mitigation regarding China. In the last century, governments held the monopoly on the know-how and intelligence critical to the technologies that shaped our world – nuclear weapons. It took state resources to detect technology transfer. Soviet S&T espionage was only discovered when French intelligence recruited an agent in KGB Line-X in the 1980s. The same is not true today. Private sector companies today hold the keys to innovations that will shape our lives this century – microchips, A.I., quantum and bioengineering. It is therefore private sector companies that are best placed to mitigate risk of stolen intellectual property. And unlike in the past, this can be done by using A.I. driven publicly available data.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Future of Intelligence Space Assets: SAR, Electro-Optical and AI Fusion

The combination of synthetic aperture radar (SAR) and electro-optical reconnaissance is changing modern intelligence collection. What was once a competition between sensor systems has turned into an integrated targeting system that can provide constant almost real-time global surveillance. The future of space-based intelligence is not one or the other. It is about using both SAR and optical imagery together with artificial intelligence, multiple satellites and automated targeting systems.

For a time, electro-optical satellites were the best for strategic reconnaissance. Systems like the KH-11 series provided very detailed visual information allowing analysts to identify aircraft types, monitor missile deployments and assess enemy military infrastructure with great accuracy.

Optical systems have always had limitations.

Clouds, smoke, darkness and bad weather could make it hard or impossible to collect information. Enemies knew about this weakness and often used weather to hide their movements. Synthetic aperture radar completely changed this. Unlike electro-optical satellites, SAR systems send out radar pulses and measure the energy that bounces back from the earth’s surface. Because radar waves can go through clouds and work in any light, SAR satellites can provide surveillance in any weather, day or night. This made radar reconnaissance more important. The real change is happening now with both systems working.

A modern intelligence cycle often starts with SAR detection.

Radar satellites continuously monitor areas looking for unusual activity, movement patterns or changes in infrastructure that might indicate military activity. A SAR satellite might detect soil near a missile field, unusual patterns at a naval base or the movement of launchers in bad weather. Because SAR is good at monitoring areas it's a great way to detect suspicious activity. Once something suspicious is detected optical systems are used to get information. Electro-optical satellites can then determine whether a detected object is a decoy, a logistics vehicle, a formation or a ballistic missile launcher. SAR provides detection and persistence; optical systems provide confirmation and attribution. Together they create a more powerful intelligence system.

This fusion is becoming more important as mobility increases.

During the Cold War strategic targets were often predictable. Today’s battlefield is mobile spread out and deliberately deceptive. Hypersonic missile launchers, ship ballistic missile units, mobile ICBMs and rapidly relocatable air defense systems require continuous tracking rather than periodic observation. Combined SAR/ electro-optical targeting enables custody of such targets across multiple environmental conditions. The war in Ukraine has shown aspects of this evolution.

Commercial SAR providers have demonstrated the ability to monitor troop concentrations identify damaged infrastructure and track movements despite poor weather and battlefield obscurants. Meanwhile optical imagery providers supplied detailed visual confirmation of equipment losses and force deployments. The integration of governmental ISR streams has accelerated intelligence dissemination timelines dramatically compressing what once took days into hours or even minutes. The United States (Proliferated Architecture) and China are both investing heavily in low-Earth orbit constellations designed around sensor fusion concepts.

Instead of relying on a few high-end strategic satellites, next-generation architectures employ many smaller assets operating together across multiple orbital planes. SAR satellites may maintain persistent broad-area surveillance while optical satellites conduct rapid revisit identification missions.

Artificial intelligence is key to making this architecture work.

The volume of data generated by ISR constellations far exceeds the capacity of human analysts alone. Automated systems are now increasingly responsible for anomaly detection, pattern recognition and cross-sensor correlation. AI algorithms can compare SAR signatures across time identify changes in terrain or infrastructure and automatically task assets for further inspection. The reconnaissance architecture itself is becoming semi-autonomous. This trend is especially important in surveillance.

The world’s oceans represent one of the difficult ISR environments due to weather, scale and vessel mobility. SAR systems are exceptionally effective at detecting ships because metallic structures strongly reflect radar energy. A radar satellite can identify vessels through storms or at night when ships disable AIS transponders to conceal their location. Optical satellites can then refine identification, determine vessel class, assess deck activity and verify cargo or weapon configurations.

The strategic implications are profound.

For planners, combined SAR and optical targeting reduces sanctuary. Traditional concealment methods based on weather, darkness or camouflage become increasingly ineffective when adversaries possess multi-sensor coverage. Effective concealment now requires defeating sensing modalities simultaneously dramatically increasing operational complexity. This development also affects nuclear deterrence dynamics.

Mobile missile forces historically relied on mobility and concealment for survivability. Persistent fusion between SAR and electro-optical platforms threatens to erode that survivability by enabling tracking of transporter-launchers across wider geographic areas. Such capabilities may intensify concerns about counterforce vulnerability among peer nuclear powers. At the time the increasing dependence on integrated ISR architectures creates new vulnerabilities.

Combined targeting systems rely heavily on data fusion networks, satellite communications, cloud-based processing and AI-driven automation. Disrupting any component of this chain - through cyberattacks, electronic warfare, kinetic ASAT operations or orbital interference - could degrade the effectiveness of the reconnaissance ecosystem. Consequently, future space competition is unlikely to focus on building better satellites. Instead, competition will center on resilience, data integration, processing speed and survivability under contested conditions. Nations capable of sustaining sensor fusion architectures during conflict will possess operational advantages. The future battlefield will likely feature ISR "kill webs" than isolated collection platforms.

Future trends

SAR satellites, SIGINT assets, airborne ISR, unmanned systems and terrestrial sensors will operate as interconnected nodes in a continuous surveillance and targeting network. Detection by one sensor will automatically trigger tasking across others producing situational awareness at unprecedented speed. This evolution represents one of the significant transformations in intelligence collection since the dawn of the space age. The decisive advantage no longer belongs merely to the nation with the photograph from orbit.

It belongs to the nation of integrating radar persistence, optical precision, automated analytics and rapid targeting into a unified operational architecture. In the emerging era of power competition, combined SAR and optical targeting is becoming more than an intelligence capability.

It is rapidly evolving into the new era of modern military power itself.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Morning Brief: What the PDB Can Offer the Corporate Leadership Team

CEOs of major corporations need to make hugely consequential decisions every day, but many start their mornings in fragmented and reactive information environments. Compare that to the President and other senior US national security leaders who often begin their day when their intelligence briefer delivers the President’s Daily Brief (PDB). The PDB briefer provides a curated engagement to help their principal understand the issues of the day; the briefer might share insight on the motivations of a key foreign leader, walk through the nonobvious implications of a recent development, or offer a path to pose questions directly to the Intelligence Community. The PDB briefing model offers a compelling template for companies that want to improve the information and decisionmaking environments of their key leaders.

The PDB has been around for more than 60 years. It is the pinnacle of the Intelligence Community’s analytic support, delivering the most important and high-quality analysis and intelligence reporting. Perhaps more importantly, it pairs a senior leader with a briefer whose sole job is to enable their principal to understand everything they need to know about national security issues for that day in about 30 minutes. The briefer becomes intimately aware of the principal’s world – who are they talking to later that morning, which NSC meeting do they have to attend in the afternoon, what policies are they trying to advance, and where are their blind spots on national security threats that could harm Americans. Through those daily conversations, the briefer helps the principal identify the questions to ask to get to the heart of a complex issue and sometimes passes those questions to the IC in the form of taskings that will result in a follow-up written response.

The briefer uses their mastery of analytic tradecraft to explain the argumentation behind each assessment in the PDB. They provide context and offer the principal a confidential sounding board to talk through policy quandaries. They deliver bad news effectively and dispassionately by expertly walking through the strength of the sources underlying key judgments. In short, having a daily briefer gives the principal an opportunity to better accomplish his or her goals.

In the private sector, executive leadership teams are often left to their own devices, triaging emails from the day before, trying to make sense of dashboards showing the most recent overnight data, and trying to read a few different news sources to get a handle on a threat to the company’s wellbeing that seems important even as the key implications remain hazy. CEOs might meet with a chief of staff, which helps, but that role is built to clear obstacles, drive decisions, and put out the day's fires — work that runs on deadlines, unlike readiness to answer any major question the CEO could raise, even the ones they never ask. So no matter how capable the chief of staff or how large their team, that readiness is the first thing the calendar crowds out. An executive assistant can walk through the schedule but can't explain why tomorrow's agenda is built around the wrong question. Everything feels reactive because it is.

The PDB process offers a better way. Imagine a major company that creates a small team of senior managers that understands all the inputs flowing to the executive leadership team from across the company—data from sales and marketing teams, supply chain updates, cyber threat assessments—and can identify what the leadership team needs to know each morning. Just like the staff that creates the PDB’s content, these managers would work with internal stakeholders to create a set of products delivered to the leadership team with a predictable rhythm while facilitating the production of ad-hoc “breaking news” style internal assessments. The team would work with a set of briefers drawn from the company’s most promising midlevel employees – rising stars who have demonstrated exceptional abilities to make sense of huge amounts of data and understand the needs of someone in a leadership role, and who have unquestionable judgment and discretion.

Both groups would work together to produce and deliver the briefing package for the CEO and other executive team members. The CEO’s briefing package might be the smallest but would include the most important internal company information combined with external news pulled in by the briefer overnight. It would form the core of the briefing package for every other leadership team member so each would know what the CEO is reading each morning, allowing them to be better prepared to answer questions from the CEO while also giving them additional material relevant to their core roles – the chief marketing officer might get extra news reporting on trending influencers while the chief financial officer might get a rundown on the latest indicators of how the Fed might vote the following week. Strong companies will protect both teams from institutional pressure by making their mandate for objective delivery explicit – one way to handle this would be for the briefing team to report to the board to help protect their independence.

On any given morning, the CEO’s briefer would explain the electoral dynamics affecting how a visiting governor will ask for concessions from the company at their breakfast meeting; unpack the data in a recent HR study on employee retention rates; highlight the mitigation of a recent cyber intrusion event; and unpack the political dynamics in a major foreign market that could lead to retaliatory tariffs. The briefer can go deep into all of these issues because she spent all night working to understand them. If she can’t answer the CEO’s questions, she’ll issue a tasking to the right department, which will deliver an answer the briefer can use by the next morning. Before she leaves for the day, she’ll give a download of the briefing to the chief of staff, record feedback on various items in the briefing to share with key recipients and review the menu for the next day’s briefing items with the production team.

As the saying goes, when information is cheap, attention becomes expensive. As AI shifts the cost of information and even analysis toward zero, a key constraint on senior decision-making shifts to something more scarce — a trusted human whose sole mandate is to be prepared to help a leader be ready to start their day in an environment in which seeing what’s around the corner is both increasingly important and difficult. The PDB briefing experience creates a partnership between principal and briefer that extracts the most value from the least amount of time, which is inarguably the most valuable resource for any senior leader. Companies facing fast-moving, loosely connected threats, where being caught flat on any single one is costly, will find that having a corporate PDB briefing team is less a luxury than a wise investment having leaders who are exquisitely prepared to meet each day.

Phillip Consentino recently retired after a 25 year career in CIA’s Directorate of Analysis in which he served as managing editor of the PDB from 2019-2022.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author's views.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Russia’s Taliban Embrace Signals a New Power Shift in Afghanistan

Sometimes the only thing more frightening than Afghanistan’s problems is the Taliban’s solutions and the recently signed Russia-Taliban military-technical agreement may be the most alarming one yet. The partnership signals that Afghanistan’s security architecture is being rebuilt without the United States, and increasingly by America’s rivals. Washington should pay close attention because the deal hands one of the world’s most repressive regimes a pathway to becoming more capable and deeply entrenched in a regional order where Russian influence is expanding at America’s expense.

No one should be fooled by the bland language of the arrangement struck between Sergei Shoigu, one of Russia’s most powerful figures, and Taliban Defense Minister Mawlawi Mohammad Yaqoob. In Russia’s playbook, such arrangements are practical templates for influence, opening the door to weapons transfer, spare parts, maintenance contracts, training missions, surveillance systems, encrypted communication tools, and intelligence sharing, ultimately producing deep security dependence. It also creates space for Russian military contractors to embed inside Taliban's security institutions and for Moscow to establish listening posts inside Afghanistan, expanding its visibility into rival intelligence activity across the region.

The arrangement marks a clear shift from Russia’s arms-length contact with the Taliban to something closer to institutional partnership. For Moscow, it delivers a foothold inside the Taliban’s security state, a lever in the region, and potentially a quiet logistics corridor through Afghanistan, including toward Iran. For the Taliban, it offers legitimacy, military hardware, technical assistance, and a powerful patron that will not attach lectures about human rights or political inclusion to its support.

The reported rationale, countering the threat from ISIS-K, the Islamic State’s regional branch, is genuine enough to give both sides cover. ISIS-K has mounted attacks inside Afghanistan, challenged Taliban authority, recruited across Central Asia, and claimed the 2024 Moscow concert hall attack that killed over 140 people. While both Russia and the Taliban have reasons to fear it, reducing the deal to counterterrorism alone misreads its scope. As threats stack up — ISIS-K, border instability, militant flows, and narcotics trafficking — Moscow is exploiting each layer of risk to justify a deeper role in Afghanistan, where the United States spent two decades trying to shape the outcome.

Russia did not arrive at this partnership out of ideological sympathy, as the history between the two sides is complicated enough to rule that out. In the late 1990s, the Taliban recognized Chechnya's independence, openly supporting a separatist cause that Moscow treated as an existential threat. Years later, Russia was reportedly the third largest external backer of the Taliban insurgency against U.S. forces, after Pakistan and Iran. What drives Moscow today is the same cold logic that has long shaped its Afghanistan policy: not affection for the Taliban, but a calculated bargain of what that regime can deliver. That is why Moscow first removed legal barriers to dealing with the Taliban, then became the first country to formally recognize the regime, and has now moved into a deeper security partnership.

Under the new arrangement, Taliban arrives at the table with every disadvantage that makes it an ideal Russian partner. It is isolated internationally, starved for cash, absorbing Pakistani airstrikes along a contested border, and desperate for external legitimacy. For the Taliban’s ruling clerics, accepting help from Moscow may mean swallowing some pride, but their need for outside support is real. For Russia, that desperation is more of a feature than a flaw: a partner weak enough to need help, isolated enough to accept the terms, and useful enough to serve a larger regional strategy. A stronger Taliban may be dangerous, but a dependent Taliban is exactly what Moscow wants.

This is a playbook Moscow has refined elsewhere. Across the Sahel, Russia used Wagner Group and its successor structures to offer struggling regimes what the West often withholds: weapons, trainers, protection, and political backing without rigid preconditions. Moscow’s offer is structurally simple: show up with ammunition and discreet support when others walk away. In places where governance has collapsed and security guarantees are scarce, that formula has proved devastatingly effective. The same template has now arrived in Afghanistan.

The Taliban's military has a well-understood Achilles' heel, and they badly need what Russia can provide. Taliban forces can hold territory, run checkpoints, and enforce loyalty with remarkable effectiveness, but they remain vulnerable to airstrikes, drones, and advanced surveillance. They also rely on aging Soviet-era equipment, captured stocks, and leftover U.S.-supplied hardware inherited from the previous government's collapse, much of which is difficult to sustain. Russian support could close these gaps, including by training technicians, repairing helicopters and armored vehicles, supplying cheap drones, upgrading communications, and possibly even strengthening air-defense capabilities over time.

For the Taliban, political payoff compounds the military one. Every handshake with a major power makes the regime look less like a permanent pariah and weakens the assumption that it can be kept outside the international system indefinitely. Every technical channel also opens a pathway to broader commercial engagement - from mining contracts and railway projects to regional connectivity initiatives - each one gradually normalizing Taliban rule.

The most important piece of this arrangement is intelligence cooperation. The Taliban can provide what Russia cannot easily get on its own: human access across districts, border crossings, prisons, mosques, smuggling routes, and militant networks. That means eyes and ears on who moves, who recruits, who shelters foreign fighters, who disappears across borders, and who returns with new skills or fresh instructions. Russia, in turn, brings capabilities the Taliban has limited means to develop domestically, including surveillance tools and biometric systems, creating a dangerous exchange.

The danger sharpens when we trace what Russian equipment could actually do in Taliban hands. Military-grade drones could help hunt ISIS-K, but they could also give Moscow visibility over Afghan terrain, border and customs zones, and security movements. Encrypted Russian communications tools may help Taliban commanders avoid interception by rivals while remaining visible to Russian signals intelligence. Biometric databases could help identify ISIS-K and other suspects, but they could also turn Afghan border crossings into screening nodes serving Russian security priorities.

The most obvious danger lies in targeting. The Taliban is not a clean counterterrorism partner, even if it governs a country riddled with extremist groups, many of which it tolerates or quietly protects. Russian intelligence tools intended to hunt ISIS-K could easily be redirected by Taliban factions toward other targets, including regional rivals, Afghan political opponents, or competing factions. The same capabilities could also be used to pressure businesses, monitor communities, and harden the coercive machinery the Taliban relies on to keep dissent from organizing.

Russia's machinations, however, extend well beyond the bilateral arrangement. At a Shanghai Cooperation Organization (SCO) meeting in Bishkek in May, Moscow framed its Taliban partnership not as a narrow bilateral preference, but as a player in collective regional stability — one that Tajikistan, Uzbekistan, Kazakhstan, and China are likely to reinforce, or at least tolerate. Through this framing, Taliban security cooperation is being gradually folded into the SCO orbit, giving the Taliban targeted access to a multilateral intelligence architecture while allowing Russia to be the primary gatekeeper of that relationship. The message to the region is unmistakable: Moscow now holds the direct Taliban line and is best placed to manage threats from Afghanistan.

Here, Taliban and Russian interests may also converge in ways that quietly extend the partnership's reach — for example, in suppressing Tajik militant networks inside Afghanistan to reduce threats to Tajikistan, a CSTO member Russia is treaty-bound to defend. Meanwhile, Moscow is simultaneously positioning itself as a mediator between the Taliban and Pakistan — whose relationship has collapsed into open hostility along the Durand Line — placing Russia not just as Taliban’s partner but as a potential broker with Pakistan.

To be sure, Russia is not blind to what it is getting into by betting on a regime with deep self-limiting features, risks Moscow appears willing to accept if the new arrangement holds. The Taliban is neither a nimble political system nor capable of easy course correction, driven instead by ideological certainty and its own sense of manifest destiny. It increasingly operates on a logic of risk because risk has repeatedly paid off. The man at the top of the regime trusts almost no one, yet constant jockeying runs beneath him across the ranks with different factions needing allies, resources, networks, and outside patrons simply to survive. That contradiction shapes Taliban politics and remains the regime’s main weakness. That gap between centralized command and fractured allegiance is also the fault line along which the entire arrangement with Moscow could eventually crack.

At the same time, the Taliban has learned to make uncertainty work in its favor. It rarely needs a clear view of the future because unpredictability itself has become part of its governing style, a way to preserve options, test limits, and keep others off balance. Ironically, this is also one area where Washington still holds a form of leverage. Washington is often described as unpredictable, but unpredictability can be a deterrent when adversaries cannot easily calculate how it might respond in a crisis.

The problem is not that Washington is confused about Taliban-ruled Afghanistan, but that the debate around it often lacks the right framing. When Afghanistan is discussed, the focus usually defaults to ISIS-K threat and the residual al-Qaeda presence, asking whether these groups can strike the American homeland. From that starting point, the Taliban gets cast as either a human rights problem demanding condemnation or as a reluctant counterterrorism partner worth practically engaging, with little analytical space in between. The more important question is not only whether ISIS-K poses a threat to the United States (it does), but whether the Taliban's evolving security state, including its external patrons, militant relationships, and deepening integration into Russia's orbit, is creating a threat landscape that will be far harder to confront once it fully takes shape.

That’s why, for the United States, the lesson embedded in this relationship is both clear and uncomfortable. Afghanistan’s security architecture is being rebuilt in America's absence — and, in some ways, against American interests. Isolation has not changed the Taliban; instead, it has driven the regime toward partners who ask fewer questions and deliver more practical assistance. Russia, meanwhile, also benefits from a strikingly different position in its dealing with the Taliban: no Russian hostages held by the group, no clear constraints on Russian intelligence activity inside Afghanistan, and no Taliban-generated political pressure that would otherwise complicate Moscow’s calculus. The asymmetry matters because while Washington carries the heavy weight of a twenty-year war, Moscow is now buying influence at a discount.

None of this argues for recognizing the Taliban, legitimizing its rule, or copying Moscow's approach to engagement. But pretending that isolation and sanctions alone will contain a regime actively cultivating powerful patrons is no longer credible. If that assumption continues to guide U.S. policy, Afghanistan will keep drifting into a security order where American influence is weak, Russia’s leverage is growing, and the Taliban’s staying power becomes more sophisticated.

The Russia-Taliban handshake was quiet, but its consequences are unlikely to be. If Washington does not define a realistic Afghanistan policy before these arrangements harden, Russia and others will keep writing the rules in a country where the United States paid the highest price only to watch its rival collect the benefits.

The Cipher Brief participates in the Amazon Affiliate program and may make a small commission from purchases made via links.

Sign up for our free Undercover newsletter to make sure you stay on top of all of the new releases and expert reviews.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Governance Failure and Civil Resistance in Azad Jammu and Kashmir

The June 2026 events in Azad Jammu and Kashmir (AJK) are the most recent example of a larger governance issue rather than a singular political crisis. Authorities banned the Jammu Kashmir Joint Awami Action Committee (JKJAAC) on June 5–6, detained dozens of activists, interfered with internet and mobile services, and asked for more security guards in advance of a long march and strike that was scheduled to take place throughout the region (Pakistan Today, 2026a; Express Tribune, 2026a; Express Tribune, 2026c). The clash stems from years of unsolved grievances, failed agreements, and rising irritation with the gap between formal autonomy and effective authority, even though these measures were justified as being required to protect public order.

The Architecture of Managed Dependency

Many of the institutions of self-government, such as an elected president, prime minister, legislative assembly, and judiciary, are present in AJK. However, Islamabad continues to have a significant influence in important policy areas like infrastructure, electricity, water management, and security. According to Zamin (2025), AJK's elected institutions frequently have little control over the policy areas that have the biggest impact on day-to-day living.

This paradox is especially apparent in the energy industry. With almost 3,000 megawatts feeding the national grid and much more unrealised potential, hydropower projects supported by AJK's rivers greatly contribute to Pakistan's electricity generation (Wikipedia, 2024; The News, 2026). Residents still have to deal with load shedding and electricity costs, which are generally thought to be out of proportion to local production costs, notwithstanding this contribution (The News, 2026). One of the main causes of political unrest is the belief that local resources mostly benefit the larger federation while local communities receive little in return.

Political developments have heightened these concerns. Changes in governance in AJK typically reflect developments in federal politics rather than local election preferences. Following political shifts in Islamabad, the PTI-aligned administration was replaced by a PPP-led government, strengthening perceptions that AJK's institutions act as extensions of federal political dynamics rather than representations of local democratic choice (The Diplomat, 2025; Express Tribune, 2026b).

Three Years of Agreement, Three Years of Non-Implementation

The current issue cannot be understood without first reviewing the pattern of previous agreements and unsuccessful implementations. Since 2024, negotiations between the government and the JKJAAC have generated numerous settlements aimed at resolving economic and political problems. However, several obligations were postponed, partially implemented, or unresolved. Following significant protests in May 2024, officials pledged financial aid, discounted utility bills, and reduced wheat prices (Wikipedia, 2024). The movement called off its protests, but implementation delayed. Further agreements concluded in late 2024 and 2025 followed a similar pattern. Compensation measures, legislative review, telecommunications reconnection, and public services did not offer the level of change that many citizens expected (Voicepk, 2026).

By May 2026, negotiations had once again broken down. Disputes over legislative representation and implementation methods increased the distance between the parties. The JKJAAC rejected government proposals on the refugee-seat issue and boycotted an All Parties Conference convened to address the matter (Express Tribune, 2026b). For many campaigners, conversations appeared to yield paper commitments rather than genuine progress in practice.

The implications went beyond politics. Protest-related violence in 2024 and 2025 resulted in civilian deaths, communication limitations, and growing mistrust between government and civil society groups (Voicepk, 2026; Al Jazeera, 2025). During this time, the movement shifted from a campaign centred on economic concerns to a broader platform arguing for governance change, accountability, political representation, and increased local control over resources (JURIST, 2025).

The Proscription and Its Implications

The decision to identify the JKJAAC under anti-terrorism legislation marks a significant step up in the state's response. The organisation is a coalition of traders, lawyers, labourers, transportation workers, and community representatives that has mostly operated through strikes, demonstrations, and negotiations with government officials (NewsX, 2026). Applying legislation designed to fight violent organisations to a movement with proclaimed civic goals profoundly alters the legal status of political opposition in AJK.

Authorities claim that the group jeopardised public order and security. Critics argue that the prohibition risks criminalising political opposition instead of addressing the root causes of instability. According to opposition politicians and civil society campaigners, the bill severely restricts democratic rights and peaceful political engagement (Express Tribune, 2026b).

The timing of the ban is equally important. It happened right before a planned protest rally and shortly before elections. When combined with communication limitations and large-scale security deployments, the action has raised doubts about whether the goal is counter-terrorism, election stability, or the containment of organised political opposition (Pakistan Today, 2026b; Express Tribune, 2026c). Regardless of aim, the decision has reduced the opportunity for conversation at a time when confidence between the state and civil society is already exceedingly low.

The International Dimension

Unlike prior protest cycles, the June 2026 crisis has sparked increased international attention. Members of the British Parliament and Kashmiri diaspora have expressed worry about arrests, communication limitations, and the overall political situation (NewsX, 2026). Reports of families being unable to reach relatives in AJK fueled criticism of the government's response.

The situation is also unfolding in the background of the unresolved Kashmir conflict and ongoing tensions between India and Pakistan. Following Operation Sindoor and the following cease-fire, regional tensions remain high (Carnegie Endowment, 2025). AJK is a unique territory that is both politically disputed and strategically significant. As a result, internal dissent is frequently regarded via a national security perspective rather than just as a governance issue.

The Substance of the Demands

To assess the proportionality of the state's response, one must examine the substance of the JKJAAC's demands. The movement's platform includes lower electricity tariffs, food and fuel subsidies, more local benefits from hydropower projects, accountability for protest-related violence, civil liberties protection, and parliamentary representation improvements (Kashmir Welfare Foundation, 2026).). While some initiatives are politically problematic, the overarching agenda prioritises governance, economic fairness, and institutional responsibility over secession or armed opposition.

Movement leaders have constantly described the campaign as peaceful and nonviolent (Pakistan Today, 2026c). At the same time, popular sentiment in the AJK is not uniform. Some citizens support the movement's goals but are dissatisfied with the inconvenience created by ongoing strikes and shutdowns (Pakistan Today, 2026d).

Conclusion: The Cost of Structural Deferral

The events of June 2026 reveal a long-term government failure. AJK's formal autonomy has not been matched by comparable political authority, and its resource richness has not resulted in broadly shared economic gains. Repeated agreements have boosted expectations without resolving underlying complaints, while rising conflict has gradually destroyed trust between the state and civil society.

The fundamental question is not whether the demands for accountability, representation, and economic fairness will continue. The evidence from the last three years suggests they will. The more pressing question is whether AJK's governance structures can adapt to meet those demands through actual reform rather than repeated cycles of protest, repression, and non-implementation. Without such reform, the tensions visible today are unlikely to disappear; they will merely re-emerge in new forms, carrying growing political and reputational costs for the state.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

How Gulf States Turned Crisis Into Confidence

The Epidemic of Patriotism

How war, intelligence, technology, and state competence are building a new nationalism in the Gulf.

There is an old idea in political theory that war makes the state.

The pressure of external threat forces governments to centralize, to coordinate, to invest in systems that work. States that survive conflict emerge more capable than they entered it. The ones that don't fracture.

What nobody talks about is what comes next.

When the state performs, when it absorbs the shock, sustains order, and demonstrates visible competence, the state makes something else.

It makes patriots.

I recently spent time in the UAE during a period of acute regional pressure following Iran's barrage of missiles and drone strikes across the Middle East. What I expected to find was tension. What I found instead was something more interesting.

Patriotism. Everywhere. Organic, visible, and unforced.

Towering signage along major highways with mottos like “Proud of UAE.” UAE flags woven into the texture of daily life, not militarized, not performative, but present in the way that identity becomes present when people feel their nation has held the line.

The population wasn't reacting to crisis. It was consolidating around the idea of the state itself.

The question I came back with: why did this work? Why did external threats produce loyalty rather than anxiety? Why did the GCC, especially Saudi Arabia, UAE, and Qatar emerge from a period of regional instability with greater public confidence, not less?

The answer isn't just geography or leadership or cultural cohesion. The answer is in intelligence and defense architectures.

The Intelligence Backbone Nobody Sees

States that perform in a crisis don't do so by accident.

Behind the public calm in the UAE, behind the intercepted drones and the uninterrupted skylines and the visible symbols of continuity, is a decision-making infrastructure that most people never see and analysts rarely discuss in this context.

Over the last decade, the Gulf states have made serious, sustained investments in the tools of modern statecraft: open-source intelligence collection, AI-enabled data fusion, integrated sensor networks, and the analytical pipelines that allow governments to move from information to decision at operational tempo.

This is not hypothetical. It is observable in procurement patterns, in the capabilities demonstrated during the March–April 2026 Iranian attacks, and in the speed and coherence of governmental response across multiple GCC states simultaneously.

When Iran launched, these states knew.

Not just from allied intelligence sharing, though that mattered, but from indigenous systems built to ingest, fuse, and act on data at scale. Commercial satellite feeds, open-source signals, pattern-of-life analysis, cross-domain data pipelines that would have been the exclusive domain of major intelligence agencies a decade ago.

The state saw clearly. And because it saw clearly, it acted. And because it acted, the public saw competence.

But seeing clearly was only part of it.

The battlefield that Iran chose to contest is not the battlefield of the 20th century. It is not decided by who has more tanks, more ships, or more aircraft. Iran didn't send a conventional military force. It sent drones and missiles, cheap, scalable, and increasingly precise instruments that have fundamentally democratized the ability to project lethal force across distance.

The drone is the great equalizer of modern conflict.

It lowers the cost of precision strike to a level that non-state actors, regional powers, and asymmetric adversaries can sustain indefinitely. It saturates traditional air defense frameworks designed for a different threat geometry. And it shifts the decisive advantage away from platform count and toward something harder to procure and harder to replicate: the architecture of detection, classification, and response at machine speed.

The GCC understood this shift before the attack came.

The investments made across Gulf states in counter-drone systems, AI-enabled sensor fusion, and integrated kill chains weren't legacy procurement decisions, they were deliberate bets on the direction the battlefield was moving. The question was never who had more. It was who could out-sense, out-decide, and out-react fast enough to neutralize a swarm before the next one launched. That is not a hardware problem. It is an architecture problem.

And on the night Iran tested it, the architecture held.

The state acted decisively. And the public, watching intercepted threats fall before they reached their targets, saw a government that had invested in the right problems before the crisis arrived.

Technology continues to advance, and the GCC states are in an accelerating race to optimize their asymmetric architectures, sharpening their ability to detect and defeat incoming threats at machine speed, while developing the offensive capacity to reach back and eliminate the sources before they can launch again. That is not a static capability. It is a compounding one.

That is the mechanism. That is how intelligence and technology become patriotism.

Competence as the New Social Contract

Patriotism in the Gulf was never purely tribal or historical.

It has always carried a transactional dimension, a contract between population and state that runs something like: deliver safety, deliver prosperity, deliver order, and you have legitimacy. What has shifted is the evidence base for that contract.

Citizens don't observe the intelligence and defense architectures directly. They observe outcomes. Intercepted missiles. Functioning infrastructure. Stable markets. Governments that communicate clearly and move without visible panic.

In an era of OSINT and data driven decision-making, the speed and quality of state response have increased measurably. The lag between threat and action, the gap that historically exposed state weakness, has compressed. Governments with modern day focus on intelligence collection from open-source and sensitive sources, data exploitation, and data fusion to enhance their decision-making cycle, simply look more competent, because they are more competent, at least in the domains the public can witness. This matters enormously for legitimacy.

When people can compare their government's performance against the chaos visible across their borders, in real time, on their phones, through open-source feeds that show burning cities and collapsing infrastructure elsewhere, the contrast is stark. The Gulf didn't just survive the pressure. It appeared to absorb it without breaking stride. That contrast is where modern patriotism is being forged.

A New Kind of Nationalism

What I observed in the UAE is not the nationalism of the 20th century.

It is not rooted in historical grievance, ethnic solidarity, or liberation mythology. It is not state-manufactured in the top-down sense that Western analysts often assume when they look at Gulf political culture.

But it isn't accidental either.

I spoke with Jonny Gannon, a retired CIA officer with extensive experience in the Middle East. His observation cuts to the heart of what makes the UAE's approach distinctive: "The UAE hasn't just invested in infrastructure and technology, but also in symbols and stories of unity. Identity politics and divisive behavior is actually not allowed."

That framing matters. What Gannon is describing is a deliberate parallel architecture, one that runs alongside the defense and intelligence investments and is equally intentional. While the GCC was building the data pipelines and counter-drone systems that would absorb Iran's attack, it was also constructing the cultural conditions that would make a population capable of responding with pride rather than panic.

The billboards. The flags. The national narratives. The deliberate suppression of the sectarian and tribal fault lines that have fractured other states in the region. These are not decorative. They are load-bearing.

A population divided against itself cannot consolidate around a state under pressure. The UAE understood that social cohesion is not a soft outcome, it is a strategic asset. And it built both the hard and soft architecture with the same discipline.

It is aspirational. It is performance-based. And it is digitally amplified in ways that accelerate its spread.

The younger generation across the GCC is patriotic about *what their states are building*, AI cities, space programs, global financial hubs, intelligence architectures that rival those of countries ten times their size. They are proud of capability. Of systems that work. Of governments that appear to know what they are doing.

Crises accelerate this.

When missiles fly, populations ask questions that normally stay dormant: Who protects us? Has the threat been curtailed? Are we safe?

The Gulf answered those questions with visible, competent performance, enabled by tools most of the world's analysts don't fully credit in this context.

The Irony Iran Didn't Intend

There is a strategic irony in what Iran's March - April 2026 strikes produced.

The intended effect was intimidation. The demonstration of reach. The signaling of capability and willingness to escalate.

The actual effect, in the Gulf at least, was consolidation.

The GCC states that were targets, or could be targets, emerged with sharper national identity, higher public confidence in their governments, and stronger regional cohesion than before the attack.

Iran's strike package became the proof of concept for Gulf state competence.

Every intercepted drone was a data point. Every functioning hospital, every uninterrupted supply chain, every calm official statement backed by visible governmental control, each one reinforced the social contract between citizen and state.

The war made the state. The state made the patriots.

Two Kinds of Patriotism

Not all patriotism is built the same. And the difference matters more than people recognize.

On September 11, 2001, the United States experienced one of the most powerful eruptions of national unity in its modern history. At the time, I was a young CIA case officer and I felt the power of national unity and the need to protect the homeland at all costs. Flags on every overpass. Record military enlistments. Increased approval ratings for government institutions that hadn't existed in decades and haven't been seen since. It was real. It was visceral. But it didn't last.

Within a few years, the wars in Afghanistan and Iraq had begun to hollow it out. By the time those wars ended, the patriotism of September 12th had transformed into something closer to its opposite: criticism and distrust of institutional decisions over 20 years and a political culture defined by the fractures that grief and vengeance had papered over. The reason was structural, not incidental.

The patriotism that followed 9/11 was built on shared trauma and collective grief. It was the patriotism of deep national wounds, powerful in the moment, but dependent on an enemy and an emotion rather than a demonstrated capability. When the wars that followed proved costly, and inconclusive, the foundation cracked. Because the foundation was based on pain.

The Gulf in 2026 is a different story.

Patriotism emerging across the GCC was not born from a failure to stop attacks against the homeland nor forged in grief. It emerged from a population watching its governments absorb a real threat, intercepted in the air, managed on the ground, communicated clearly, and perform.

That is a fundamentally different foundation.

Ukraine offers a third model, and in some ways the most instructive of all.

When Russia launched its full-scale invasion in February 2022, the global intelligence community made two catastrophic analytical errors simultaneously. It underestimated the will of the Ukrainian people to fight. And it overestimated the capability of the Russian military to win.

Both errors stemmed from the same failure: modeling hardware and not morale. Counting battalions and not belief. What followed rewrote assumptions that had governed Western military analysis for a generation.

Ukraine's patriotism did not emerge in 2022. It was forged earlier, in 2014, when Russia seized Crimea and ignited the Donbas conflict. By the time the full invasion came, Ukrainian national identity had already hardened into something that satellite imagery and order-of-battle assessments couldn't capture. The invasion didn't create Ukrainian patriotism. It revealed how deep it had already run. And then that patriotism enabled something remarkable.

Facing a conventionally superior adversary, Ukraine didn't try to match Russia tank for tank. It fused commercial off-the-shelf technology, open-source intelligence, and decentralized decision-making into an asymmetric capability that the Russian military, designed for a different era, structured around a different doctrine, couldn't absorb or adapt to fast enough.

Drone units guided by commercial satellite feeds. Targeting decisions informed by crowdsourced OSINT. Battlefield coordination running on consumer applications. The entire architecture of modern conflict compressed into tools available on the open market, operated by a population that had decided what it was defending and why.

This is the COTS revolution meeting the will-to-fight, and the combination proved more decisive than most professional militaries predicted.

Russia, by contrast, demonstrated what institutional brittleness looks like under pressure. A military built on centralized command, information opacity, and top-down control couldn't adapt at the speed the battlefield demanded. The architecture that was supposed to project strength became a liability the moment it encountered a distributed, adaptive, data-informed adversary.

Ukraine's lesson reinforces the same underlying principle as the GCC's, but from a different angle.

The GCC built institutional architecture first, and patriotism followed from demonstrated state competence. Ukraine had the patriotism first, and it drove a population to build the architecture, improvised, distributed, and lethal, from the ground up.

In both cases, the fusion of technology, intelligence, and national will produced an outcome that conventional analysis failed to anticipate.

In both cases, the side that could see more clearly, decide faster, and act with coherent purpose held the line.

That distinction, between patriotism as a response to failure and patriotism as a recognition of competence, or as a foundation for building it, may be the most consequential strategic variable of the current era that nobody is systematically measuring.

What This Means

This is not a story about the Gulf being exceptional. It is a story about a principle that generalizes.

States that invest in the architecture of modern statecraft, advanced systems, the intelligence pipelines, the data-enabled decision layers that allow governments to sense, process, and act faster than their adversaries, earn something that cannot be bought or manufactured through propaganda. They earn demonstrated competence.

And demonstrated competence, in moments of real pressure, produces legitimacy. Legitimacy, sustained over time, produces loyalty.

The epidemic of patriotism spreading across the GCC is not a communications campaign. It is not state-engineered sentiment. It is the downstream effect of governments that invested in their intelligence and defense infrastructure, demonstrated that infrastructure under fire, and let the results speak for themselves.

Security creates loyalty.

Competence creates legitimacy.

And in an era where citizens can watch state performance in real time — open-source, unfiltered, and comparative — the gap between governments that have the intelligence and defense architectures and those that don't is becoming impossible to hide.

The Gulf built those architectures. The crisis revealed it. The patriotism followed.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Expect Russia to Escalate Its Attacks on our Democracies

The Kremlin Files: For many in the West, Russian information warfare still conjures images of hacked emails, troll farms, and social media manipulation during the 2016 U.S. election and the Brexit vote in the UK. But those operations were not isolated incidents. They were part of a much older Russian playbook—one refined over a century by Soviet and later Russian intelligence services. Today, that same machinery is evolving again, becoming more aggressive, more technologically sophisticated with cognitive AI, and more focused on exploiting the deepest social fractures within democratic societies. The latest revelations about Russian-linked operations in Europe should therefore not surprise us. They should warn us.

A report released last week by the Organized Crime and Corruption Reporting Project (OCCRP) focuses on a new effort, ostensibly by the Russian Presidential Administration, hidden under several front companies, to sow discord and distrust among ethnic minorities and groups in several different countries. Dead pigs’ heads thrown onto the territories of Mosques, synagogues defaced, slurs against historic atrocities—all intended to get various groups in democracies fighting with and among each other, and for the benefit of the Russian Federation. The reporting is important, and more attention needs to be drawn to it in Europe and the United States. But the tactics are not new; they are classic Russian “active measures,” what they now call “measures of support,” carried out by their intelligence services. We can expect more of the same in the months and years to come.

The KGB was very clear on what active measures, or information warfare, were, and how they were meant to be used. The famous archivist-turned-defector Vasiliy Mitrokhin detailed active measures as he quoted from the official KGB training and operational guide: “agent-operational measures aimed at exerting useful influence on aspects of the political life of a target country which are of interest, its foreign policy, the solution of international problems, misleading the adversary, undermining and weakening his positions, the disruption of his hostile plans, and the achievement of other aims.” Sound familiar? The definition is worth breaking down further to demonstrate how it was applied and still applies to the Russians’ tactics today.

Russian active measures are principally the work of the SVR (the Service for Foreign Intelligence), the GRU or “GU” (military intelligence), and the FSB (the Federal Security Service). The SVR has a dedicated Directorate for this work, including information and cognitive warfare focused exclusively on the United States as the “main adversary” (glavnii protivnik) and on all of our close NATO and European allies. The goal is to use intelligence operations to discredit our democracies, mislead policies and political groups, and sow discord and disunity within our societies. The SVR and GRU both did this in 2016 with elections in the United States and with the UK’s Brexit, as cited by non-partisan reporting from the Senate SSCI committee (of which current Secretary of State Marco Rubio was a senior member), the DNI, and, in the case of the UK, by the report of a special commission.

There are always three elements of active measures, as I outline in my book and in its chapter on the same topic: identify the target, determine the operational method, and, most importantly, apply maskirovka to conceal Russia’s hand. All of this can be seen at play in the events in France, Germany, Armenia, and other countries, as highlighted in the OCCRP report, and many other incidents from recent years.

In the case of the dead pigs’ heads thrown onto Islamic centers, the goal is to incite potential unrest and political action by French political groups on all sides. The Russians hoped that these would be reported and activated as intended “cognitive strikes” within French society, and labeled as “racist attacks.” Distrust would be amplified with every media mention. The Russians no doubt (and likely correctly) guessed that some would deplore the attacks, some might try to explain them from one optic or another in light of French politics, and some might actually empathize (disgusting, but true with all such racist and ethnic hatred). But all of these are a win for Russian intelligence.

The Russian goal is to sow discord, just as they did in the U.S. elections of 2016 with social media trolling. Russian intelligence picked up issues then (in 2016 and 2020, in the case of U.S. elections). It will focus now on the most divisive issues to attack: racism, ethnic strife, abortion, LGBTQ, and other issues—again, not for or against, since the Russian services lack any sentimentality and no morals—but to foment societal division. A weakened adversary cannot counter Russia in Ukraine, the Baltics, or wherever Putin next chooses to launch aggression.

The methods selected can vary: from bribing a journalist to write a story to recruiting a politician or lobbyist to help start a political action group to sending actual operatives, as in this case, to carry out fake attacks to stir discord. The Soviets and Russians have done it before, many, many times.

And there is another key point here—the Russian services and their political masters in the Kremlin—President Putin and his siloviki —are not necessarily for or against any single political group or ideology, even when it appears there may be synergy with Russia’s views. That is incidental (including in the case of the 2016 election). Benefit to any one candidate was not their overall goal, though they may capitalize opportunistically in the short term. Any such gains are still subordinate to the overarching goal—to attack our citizenry and democracy, making the West weak and, ideally, our populations divided. The attack is fundamentally against democracy itself, and the Russians aim to get the French, or Armenians, or Americans to hate each other and fight viciously over the issues that Russian intelligence selects for their cognitive warfare.

Democracy is the threat. That is why Putin ultimately had to destroy Ukraine—he cannot stand a free and functioning democracy, yet another one, thriving on his borders like the Baltic states have done for 30+ years since their independence. Democracy and free societies work, but Putin can’t let the Russian people get wind of that. The West has to be portrayed as split, divided, and weak.

The Russian intelligence services and their Soviet forebears have been at this for 100 years, since the Bolshevik revolution in its earliest days. Spread disinformation, make use of “useful idiots” in the West who actually believed in communism, all the while Lenin insisted that “Iron Felix” Dzerzhinsky stood for organized terror. A divided opposition and adversaries would be weaker in trying to stop the revolution, Stalin’s expansionism before and after World War II, or the Cold War policies of the USSR within the Warsaw Pact. Today, they need NATO and the EU to be weak, the transatlantic partnership divided. We should not help them achieve their goals.

The final element, though, is the most important: what the Russians call maskirovka. The best translation for the term's intelligence understanding is likely “denial and deception.” Hide the hand and make it look like someone, anyone else, is to blame. The OCCRP report cites Russian Presidential Administration aides discussing and ordering that the operatives “believe they are working for Ukraine.” That is the essence of maskirovka, false flags, and deception. Just like the alleged Venezuelan manipulation of voting machines, what former U.S. Attorney General William Barr said was a “bullshit” theory (his word). But it makes for great maskirovka—blame the Venezuelans, anyone but the Russians.

And finally, about the Russian Presidential Administration directing so-called front companies in the report, like the SDA and SNG media, with lofty goals and mission statements like: to “compensate for the lost ties between residents of the countries of the post-Soviet space after the dissolution of the USSR, acknowledged as one of the largest geopolitical catastrophes in the world.” Again, more maskirovka, more hidden hands so that even if found to their roots, the roots don’t point to the intelligence services. The Russians use diversified cover for their intelligence service officers across all of their government, including in the Presidential Administration. It is filled with former and current KGB/SVR/FSB and GRU hardliners.

Why did they fail in this plot? Poor implementation and judgment of us, the West, their adversaries. The Russians have been underestimating the strength of free and fair investigative journalism for years. Bellingcat has repeatedly exposed its operations; OCCRP now joins that list and deserves real credit for doing so. But we still have a long way to go in countering Russian active measures and disinformation. Many in the United States, the UK, and across the EU –including some of our leaders-- still do not fundamentally believe the Russians are engaged in this kind of activity. And what Russian intelligence officers, organized crime groups, hackers, and proxies accomplished in 2016 can now be amplified exponentially through cognitive AI—magnifying social media trolling and influence operations ten-thousandfold.

The West must understand that this threat is neither temporary nor improvised. It is systemic, deeply rooted in Russian intelligence doctrine, and likely to intensify as the Kremlin feels increasingly isolated and strategically threatened. Moscow will continue turning to old and trusted tools—deception, division, provocation, and manipulation—because they are cheaper than tanks and often more effective. Democracies cannot defend themselves if their citizens no longer trust one another, their institutions, or even the basic idea of objective truth. If we think “elections are rigged,” that is a huge win for Putin. That is the real target of Russian active measures—democracy. Recognizing that reality is the first step toward resisting it. Russian intelligence services are trying to make “useful idiots” of us all. We shouldn’t let them.

Qatar's New Online Influence Machine

For years, Qatar has positioned itself in Washington as a trusted American partner: a host to major U.S. military assets, a mediator in hostage negotiations, and a wealthy Gulf state capable of talking to nearly everyone in a turbulent region. At the same time, Doha has earned a reputation for exerting influence by illicit means, such as the bribes that secured it the right to host soccer’s 2022 World Cup. Less recognized is the Qatari regime’s employment of an artificial media platform that poses as an independent news organization while promoting Doha’s agenda.

To complement Al Jazeera, its global media powerhouse, Doha created Eekad, an Arabic-language media platform that presents itself as an independent fact-checking and open-source investigative outlet. In actuality, Eekad is part of an opaque digital ecosystem with links to Qatari government ministries and contracted PR firms that consistently pushes narratives aligned with Qatar’s geopolitical interests, while attacking many of Doha’s regional rivals.

Eekad produces polished content that mimics serious investigations by using satellite imagery, network analysis graphs, and short-form videos designed for mass consumption across the Arabic-speaking world. It has built a strong audience online but obfuscates who funds, operates, and controls the platform. What is clear, however, is that multiple Eekad employees simultaneously worked at Al Jazeera, Qatari ministries, and state-affiliated organizations.

Eekad’s messaging follows a remarkable pattern. It regularly criticizes Israel, Saudi Arabia, and the United Arab Emirates while defending Hamas and dismissing criticism of Qatar. For example, after Hamas’s October 7, 2023 massacre in Israel, the platform questioned reports of atrocities committed against Israeli civilians while portraying criticism of Hamas as part of coordinated foreign influence campaigns. This jibes with Qatar’s position of holding Israel “solely responsible” for the October 7 massacre.

Eekad has also repeatedly defended Qatar’s reputation by attempting to debunk criticism of Doha. The platform worked to discredit allegations of labor abuses tied to the 2022 World Cup despite FIFA finding that “severe human rights impacts did ultimately occur in Qatar.”

These are the same narratives and talking points that Qatar has peddled outside the shadows of social media. Documents submitted to the U.S. Department of Justice pursuant to the Foreign Agents Registration Act show how Qatar has spent over $235 million dollars employing dozens of American lobbying and public relations firms to polish Qatar’s reputation and promote its relationship with the United States.

In some cases, Doha has employed U.S. firms specifically for outreach to traditional media. Tucker Carlson’s viral 2025 interview with Qatar’s prime minister is a product of these efforts. Qatar has invested in a significant U.S. media campaign in recent months, hiring a former CNN producer to serve as a registered agent in the United States, and encouraging Qatar-based academics to “examine strategies of sectarian hate speech and propaganda on social media in the Gulf region.”

The patterns hinting at direct Qatari government control of Eekad are difficult to dismiss. Washington tends to think about foreign influence through the lens of Russian troll farms or Chinese espionage, but Qatar is working to earn itself a place on that list.

Today’s influence campaigns increasingly operate through decentralized digital ecosystems: “independent” brands, influencers, and social media networks that can maintain plausible deniability while still advancing state interests. This is no secret to Qatar, which brought a group of conservative influencers to Doha over Thanksgiving 2025 on a luxury trip that resembled a sophisticated foreign influence campaign rather than an educational endeavor. One influencer, a veteran with nearly half-a-million followers on X, said he had an “eye-opening few days” learning about “the unique and mutually beneficial military and financial partnerships that we share with Qatar.” Months later, another online personality said that Qatar had invited him on the influencer trip but then told him that “they ran out of money for ticket allocation” after he posted a video “questioning Qatar’s influence in America.”

Platforms like Eekad are effective because they do not resemble traditional state propaganda outlets. Their content adopts the aesthetics of scrappy open-source intelligence and online fact-checking outlets, helping the material to appear credible to ordinary viewers. It is a suitable approach for countries like Qatar, which seek to maintain close military and diplomatic ties with Washington while promoting narratives directly harmful to American interests.

When meeting with Qatari counterparts, senior U.S. leaders should make clear they aware of Qatar’s underhanded methods and that Washington will strip Doha of the privileges of being ally if behaves like an adversary.

The Cipher Brief participates in the Amazon Affiliate program and may make a small commission from purchases made via links.

Sign up for our free Undercover newsletter to make sure you stay on top of all of the new releases and expert reviews.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Back to top