The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to U.S. Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape including ransomware attacks believed to be regularly carried out from Russian soil.
Readers can see the current state of cyber security for federal agencies HERE
Blinken formally announced the office while discussing modernization efforts at the State Department on 27 October 2021. "I intend, with the support of Congress, to establish a new Bureau for Cyberspace and Digital Policy, headed by an ambassador-at-large, and to name a new special envoy for critical and emerging technology. Both will report to Deputy Secretary [Wendy] Sherman for at least the first year," Blinken confirmed.
In an email from Blinken to the department's workforce, the nation's top diplomat also said, "This structure will provide us with greater leadership and accountability to drive the diplomatic agenda with the interagency and abroad, and build on the extraordinary work that is already taking place across the department."
Blinken added: "We want to make sure that technology works for democracy, fighting back against misinformation, standing up for internet freedom, reducing the misuse of surveillance technology, and we want to promote cooperation - advancing this agenda tech by tech, issue by issue, with democratic partners by our side." He named cybersecurity one of the key pillars to the department's modernization, and is calling for a 50% increase in the department's IT budget.
The cybersecurity focus within the State Department follows uneven efforts during the Trump administration to set cyber diplomacy center stage. In 2017, then Secretary of State Rex Tillerson merged a former cybersecurity office with another bureau, spurring criticism from the security community.
In the waning days of Trump's presidency, then-Secretary of State Mike Pompeo reestablished a cybersecurity office called the Bureau of Cyberspace Security and Emerging Technologies but both Republican and Democratic lawmakers were critical of its setup and timing. The incoming Biden administration reportedly reviewed Pompeo's proposal and appeared to be moving forward with a similar model.
State Department spokesperson Ned Price told reporters that the new office will focus on international cyberspace security, international digital policy and digital freedom, according to The Hill. He said the department's new special envoy for critical and emerging technology will lead diplomacy efforts with allies and partners, and across multilateral forums. Price noted: "Even with the creation of this new bureau … these issues are going to be pervasive across the department, across the government. So it's not going to be squarely defined … to one bureau … but we do see tremendous value in ensuring that we have a bureau that is focused on these issues."
"Arguably, this is another sign [that] powerful nation-states do not quite know whether to categorize cyber conflict as a military domain, a diplomatic one, or both," says Tim Wade, a former network and security technical manager with the U.S. Air Force, and technical director for the firm Vectra AI. "The obvious question regarding the State office is how they will manage jurisdictional overlap with the U.S. Cyber Command at DOD when it comes to setting policy norms and defining national security strategy."
No one has been named ambassador-at-large or envoy yet. Following the announcement, several lawmakers who have long advocated for a comparable office praised the move. Sen. Angus King, I-Maine, co-chair of the Cyberspace Solarium Commission, and commission member Rep. Jim Langevin, D-R.I., applauded the decision while speaking with Deputy Secretary of State Wendy Sherman.
On Twitter, King noted, "As cyberspace becomes a battlefield of modern war and aggression, a @StateDept cyber bureau is exactly what we need to protect America’s networks and set international norms. Thank you to @SecBlinken and @DeputySecState for their leadership on this issue."
In a joint statement obtained by The Hill, King and Langevin said of the bureau: "We are in complete alignment with the Biden administration's approach, which is exactly the kind of move we need to better coordinate cyber diplomacy and set international norms around cybersecurity."
Discussing the State Department initiative, Bill O'Neill, vice president, public sector, for the firm ThycoticCentrify, says, "[This] is a clear indication that the federal government is continuing to make cybersecurity a priority. By integrating the bureau within the State Department, the current administration is signaling that the country's cyber defense measures will continue to be a domestic objective, as well as a global diplomatic priority."
The department's move rivals a bill put forward by Rep. Mike McCaul, R-Texas, ranking member of the House Foreign Affairs Committee. The House-passed Cyber Diplomacy Act would require the State Department to create a comparable office and prioritize cybersecurity across the agency.
Also taking to Twitter to praise the effort, Christopher Painter, the former coordinator for cybersecurity issues at the State Department in both the Obama and Trump administrations, said, "This is a great development and strong structure. I've long said that a new cyber bureau needs cross-cutting authority and be placed at a high level in the organization. This does both broad & appropriate mandate and reporting to the Deputy Secretary of State.
"Even better because @DeputySecState knows cyber, its importance, and how security, economic and human rights issues are interdependent. It's good to see these issues get the attention, resources and priority they deserve again."
ThycoticCentrify's O'Neill says, "[The office's] three main mandates … could very well be interpreted as a reinforced push for global collaboration to crack down on nation-state actors from a multilateral platform - including implementing and enforcing international standards and policies, refining remediation tactics and attack attribution measures, or creating new proactive frameworks for policing digital technology in the long term."
The State Department's bureau and special envoy will be a part of a wider interagency cybersecurity effort that includes the following officials:
- Anne Neuberger, who serves as deputy national security adviser for cyber and emerging technology - a principal adviser to the president;
- Chris Inglis, the nation's first-ever national cyber director, who now coordinates and works to unify the nation's cross-sector cyber strategy;
- Cybersecurity and Infrastructure Security Agency Director Jen Easterly, who is charged with securing government networks and critical infrastructure for the nascent DHS agency;
- Gen. Paul Nakasone, who heads U.S. Cyber Command and the National Security Agency - agencies that work to prevent and eradicate threats to U.S. national security systems.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or firstname.lastname@example.org
Weekly Cyber Intelligence Briefings:
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings