Home / Blogs

The New State Department Cyberspace Bureau: from Multilateral Diplomacy to Bilateral Cyber-Bullying

Anthony Rutkowski

These days in Washington, even the most absurd proposals become the new normal. The announcement yesterday of a new U.S. State Department Cyberspace Bureau — with far-flung responsibilities and authority over anything relating to cybersecurity — is yet another example of setting the nation up as an isolated, belligerent actor on the world stage.

In some ways, the reorganization almost seems like a companion to last week's proposal to take over the nation's 5G infrastructure. Most disturbingly, it transforms U.S. diplomacy assets from multilateral cooperation to becoming the world's bilateral cyber-bully nation.

The State Department role has long had a very limited role in dealing with cybersecurity over the decades. The small substantive cybersecurity expertise resided in the century-old office devoted to evolving and implementing ITU treaties and occasionally facilitating major initiatives by other agencies and industry in expanding the means of international cooperation for new cyber technologies during periods of technology change. Notably, this included the U.S. assisting in 1988 in bringing about the world's existing cybersecurity instrument for datagram internets.

So what exactly is the Trump Administration proposing as the remit for the Bureau of Cyberspace and the Digital Economy?

  • Establish a global deterrence framework in which participating States make a political commitment to work together to impose consequences on States that engage in malicious cyber activities, based on participating States' shared understanding of what constitutes responsible State behavior in cyberspace.
  • Develop and execute key adversary specific strategies to impose costs and alter calculus of decision-makers
  • Advise and coordinate external responses to national-security-level cyber Incidents
  • Promote adoption of national processes and programs that enable foreign territorial cyber, threat detection, prevention, and response
  • Build foreign capacity to protect the global network thereby enabling like-minded participation in deterrence framework
  • Maintain open and interoperable character of the Internet with multi-stakeholder governance, instead of centralized government control
  • Promote an international regulatory environment for technology investments and the internet that benefits U.S. economic and national security interests
  • Promote cross-border flow of data and combat international initiatives which seek to impose restrictive localization or privacy requirements on U.S. businesses
  • Protect the integrity of U.S. and international telecommunications infrastructure from foreign-based threats. Serve as the USG interagency coordinator for international engagement.
  • Secure radio frequency spectrum for U.S. businesses and national security needs
  • Facilitate the exercise of human rights, including freedom of speech and religion through the internet
  • Build capacity of U.S. diplomatic officials to engage in these issues.

If you peek at the org chart, the office titles are equally alarming as the remit.

  • DAS for Cyberspace: Four Key Adversaries and Cyber Operations; Cyber Stability and Deterrence
  • PDAS: Strategic Planning & Capacity Building; Office of Technology & National Security; Global Challenges & Policy Coordination
  • DAS for Digital Economy: Global Networks & Radio Frequency Coordination; Data and Digital Regulatory Advocacy

Although a few of those responsibilities have long existed within the State Department, most are new. And, for those that have existed, State has deferred to the many other agencies with the substantive expertise to undertake the international cybersecurity activities — limiting the State role only to coordinating representation in a few specialized venues. The Tillerson reorganization is an assertion of claim over Washington international cybersecurity turf. However, the good news is that absent massively staffing up to replace the few people who have the slightest clue about the subject matter; there is no capacity to accomplish any of the remits.

The really dismaying aspect of this reorganization is that none of the functions or office designations speak to multilateral cooperation with other nations on common interests, but rather a messaging of bilateral belligerence, e.g., "Office of Four Key Adversaries and Cyber Operations" or "Cyber Stability and Deterrence." The functions and titles are aimed at cyberwar, not cyber diplomacy. It is an affront to the past hundred years during which the State Department staff and its extended community of agencies and industry participants have led the cyber initiatives in multilateral forums.

If the Administration really wants to cooperate globally toward increased cyber defense and infrastructure protection, it should consider abiding by the treaty instruments it has already signed for that purpose and cooperating with the other signatories in the venues it helped create.

What is proposed now is more suitable for a Bureau of Cyberwar. It is embarrassing for the nation, unlikely to further meaningful cybersecurity, and will encourage other nations to impose significant constraints and costs on U.S. business pursuing markets overseas.

By Anthony Rutkowski, Principal, Netmagic Associates LLC
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC