May 23, 2024 By Jonathan Reed 3 min read

U.S. Secretary of State Antony Blinken announced the new U.S. International Cyberspace and Digital Policy Strategy during the recent RSA Conference in San Francisco. The strategy emphasizes the role of technology in diplomacy and the urgent need to build international coalitions.

“Security, stability, prosperity — they are no longer solely analog matters,” Blinken said at the conference.

The new strategy focuses on “digital solidarity” not “digital sovereignty,” Blinken said, emphasizing the importance of collaboration with like-minded nations. Also mentioned was the need to limit the influence of ideologically opposed authoritarian nations.

What does this new document mean for cybersecurity in the context of international diplomacy? Let’s find out.

A dual approach to cyberspace and digital policy

As per the State Department document, the strategy’s dual approach consists of:

  1. Rebalancing responsibility for defending cyberspace onto the government and private sector organizations that are the most capable and best positioned to reduce risks.
  2. Realigning incentives to favor long-term investment in cybersecurity through diplomacy, partnerships and information-sharing.

As per the strategy, the Department of State and interagency partners will build digital solidarity through four areas of action, which are outlined below.

Action area 1: Promote, build and maintain an open, inclusive, secure and resilient digital ecosystem

In coordination with allies, partners, the private sector and civil society, the State Department will campaign for open, interoperable, secure, trusted and reliable telecommunication networks, especially on 5G wireless networks. This also includes the development and deployment of cloud security, database security and secure undersea cables and satellite communications.

Action area 2: Align rights-respecting approaches to digital and data governance with international partners

The State Department and other federal agencies are building and reinforcing digital solidarity emphasizing these three aspects:

  1. The trusted flow of data.
  2. Advocacy for multistakeholder, risk-based approaches to digital and data governance.
  3. The promotion of shared values and governance principles for critical and emerging technologies, like artificial intelligence.

However, the document states that “the rise of a growing digital sovereignty narrative that has been embraced by some of our close partners and allies has the potential to undermine key digital economy and cybersecurity objectives.”

The State Department argues against data localization, network usage fees, digital services taxes and other market access barriers that contribute to the perception of increased control. These might actually undermine growth and security objectives, as per the document.

Action area 3: Advance responsible state behavior in cyberspace and counter threats to cyberspace and critical infrastructure by building coalitions and engaging partners

The document says that when a state engages in any destructive, disruptive or destabilizing malicious cyber activity contrary to international norms, responsible states must cooperate to hold that irresponsible state accountable.

As part of its counter-adversary cyber activity, the State Department provides foreign policy guidance and uses diplomatic engagements to support the Department of Defense (DoD)’s efforts to reinforce deterrence and frustrate adversaries. Some tactics include seizing malicious cyber infrastructure, seizing cryptocurrency and fiat currency and sharing actionable threat intelligence with the private sector.

Action area 4: Strengthen and build international partner digital policy and cyber capacity

The strategy document mentions that “Adversaries, and the PRC (People’s Republic of China) in particular… look to out-match the United States and like-minded partners by offering holistic support for ICT development from full package training programs to higher-level education and scholarships.”

In response to these challenges, the State Department plans to continue to provide partners with expertise and training to develop and govern secure, rights-respecting digital ecosystems. Through technical assistance, ICT and telecom policy capacity building and training grants, the strategy document describes pro-competitive legal and regulatory reforms required to remain competitive.

Plenty of cyber diplomacy work to do

The U.S. International Cyberspace and Digital Policy Strategy emphasizes unity and solidarity. This approach is necessary given today’s dangerous and increasingly complex threat landscape. However, Washington should anticipate tough conversations with allies and partners whose use of technologies may not completely align with the State Department’s vision.

More from News

Exploring the 2024 Worldwide Managed Detection and Response Vendor Assessment

3 min read - Research firm IDC recently released its 2024 Worldwide Managed Detection and Response Vendor Assessment, which both highlights leaders in the market and examines the evolution of MDR as a critical component of IT security infrastructure. Here are the key takeaways. The current state of MDR According to the assessment, “the MDR market has evolved extensively over the past couple of years. This should be seen as a positive movement as MDR providers have had to evolve to meet the growing…

Regulatory harmonization in OT-critical infrastructure faces hurdles

3 min read - In an effort to enhance cyber resilience across critical infrastructure, the Office of the National Cyber Director (ONCD) has recently released a summary of feedback from its 2023 Cybersecurity Regulatory Harmonization Request for Information (RFI). The responses reveal major concerns from critical infrastructure industries related to operational technology (OT), such as energy, transport and manufacturing. Their worries include the current fragmented regulatory landscape and difficulty adapting to new cyber regulations. The frustration appears to be unanimous. Meanwhile, the magnitude of…

Why the Christie’s auction house hack is different

3 min read - Christie's, one of the world's leading auction houses, was hacked in May, and the cyber group RansomHub has claimed responsibility. On May 12, Christie’s CEO Guillaume Cerutti announced on LinkedIn that the company had “experienced a technology security incident.” RansomHub threatened to leak “sensitive personal information” from exfiltrated ID document data, including names, dates of birth and nationalities. On the group’s dark website, RansomHub claims to possess 2GB of data on “at least 500,000” Christie’s clients from around the world.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today