Home / Blogs

The New State Department Cyberspace Bureau: from Multilateral Diplomacy to Bilateral Cyber-Bullying

These days in Washington, even the most absurd proposals become the new normal. The announcement yesterday of a new U.S. State Department Cyberspace Bureau—with far-flung responsibilities and authority over anything relating to cybersecurity—is yet another example of setting the nation up as an isolated, belligerent actor on the world stage.

In some ways, the reorganization almost seems like a companion to last week’s proposal to take over the nation’s 5G infrastructure. Most disturbingly, it transforms U.S. diplomacy assets from multilateral cooperation to becoming the world’s bilateral cyber-bully nation.

The State Department role has long had a very limited role in dealing with cybersecurity over the decades. The small substantive cybersecurity expertise resided in the century-old office devoted to evolving and implementing ITU treaties and occasionally facilitating major initiatives by other agencies and industry in expanding the means of international cooperation for new cyber technologies during periods of technology change. Notably, this included the U.S. assisting in 1988 in bringing about the world’s existing cybersecurity instrument for datagram internets.

So what exactly is the Trump Administration proposing as the remit for the Bureau of Cyberspace and the Digital Economy?

  • Establish a global deterrence framework in which participating States make a political commitment to work together to impose consequences on States that engage in malicious cyber activities, based on participating States’ shared understanding of what constitutes responsible State behavior in cyberspace.
  • Develop and execute key adversary specific strategies to impose costs and alter calculus of decision-makers
  • Advise and coordinate external responses to national-security-level cyber Incidents
  • Promote adoption of national processes and programs that enable foreign territorial cyber, threat detection, prevention, and response
  • Build foreign capacity to protect the global network thereby enabling like-minded participation in deterrence framework
  • Maintain open and interoperable character of the Internet with multi-stakeholder governance, instead of centralized government control
  • Promote an international regulatory environment for technology investments and the internet that benefits U.S. economic and national security interests
  • Promote cross-border flow of data and combat international initiatives which seek to impose restrictive localization or privacy requirements on U.S. businesses
  • Protect the integrity of U.S. and international telecommunications infrastructure from foreign-based threats. Serve as the USG interagency coordinator for international engagement.
  • Secure radio frequency spectrum for U.S. businesses and national security needs
  • Facilitate the exercise of human rights, including freedom of speech and religion through the internet
  • Build capacity of U.S. diplomatic officials to engage in these issues.

If you peek at the org chart, the office titles are equally alarming as the remit.

  • DAS for Cyberspace: Four Key Adversaries and Cyber Operations; Cyber Stability and Deterrence
  • PDAS: Strategic Planning & Capacity Building; Office of Technology & National Security; Global Challenges & Policy Coordination
  • DAS for Digital Economy: Global Networks & Radio Frequency Coordination; Data and Digital Regulatory Advocacy

Although a few of those responsibilities have long existed within the State Department, most are new. And, for those that have existed, State has deferred to the many other agencies with the substantive expertise to undertake the international cybersecurity activities—limiting the State role only to coordinating representation in a few specialized venues. The Tillerson reorganization is an assertion of claim over Washington international cybersecurity turf. However, the good news is that absent massively staffing up to replace the few people who have the slightest clue about the subject matter; there is no capacity to accomplish any of the remits.

The really dismaying aspect of this reorganization is that none of the functions or office designations speak to multilateral cooperation with other nations on common interests, but rather a messaging of bilateral belligerence, e.g., “Office of Four Key Adversaries and Cyber Operations” or “Cyber Stability and Deterrence.” The functions and titles are aimed at cyberwar, not cyber diplomacy. It is an affront to the past hundred years during which the State Department staff and its extended community of agencies and industry participants have led the cyber initiatives in multilateral forums.

If the Administration really wants to cooperate globally toward increased cyber defense and infrastructure protection, it should consider abiding by the treaty instruments it has already signed for that purpose and cooperating with the other signatories in the venues it helped create.

What is proposed now is more suitable for a Bureau of Cyberwar. It is embarrassing for the nation, unlikely to further meaningful cybersecurity, and will encourage other nations to impose significant constraints and costs on U.S. business pursuing markets overseas.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Anthony Rutkowski, Principal, Netmagic Associates LLC

The author is a leader in many international cybersecurity bodies developing global standards and legal norms over many years.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com