White House Releases International Cyber Behavior Strategy
The U.S. Government's guidelines for interagency and international cooperation to establish norms for responsible behavior in cyberspace, called International Strategy for Cyberspace, was released on Monday.
Cyberspace has quickly developed into an arena that is critical to national and international economies, security, and personal and political freedom, but it also represents a "new terrain for conflict," Secretary of State Hillary Clinton said during an event marking the release. "The United States will act internationally to promote and open, interoperable, secure and reliable information and communications infrastructure."
The new strategy represents a "new era of engagement based on mutual interests and mutual respect," said Deputy Defense Secretary William Lynn.
To satisfy the basic requirements of an open and reliable information infrastructure, the international community must foster basic norms of behavior that cross areas of politics, law enforcement, business and technology. The strategy identifies these norms as:
- Upholding fundamental human freedoms.
- Respect for property.
- Valuing privacy.
- Protecting from crime.
- Right to self defense.
- Global interoperability.
- Network stability.
- Reliable access.
- Multi-stakeholder governance.
- Cybersecurity due diligence.
The international strategy is one of 10 initiatives identified in a near-term action plan in the 2009 Cyberspace Policy Review, which called for developing a cybersecurity policy framework and strengthening of international cooperation. It also is the third leg in a set of cyber policies issued by the White House in the last month. The National Strategy for Trusted Identities in Cyberspace was released last month, and a comprehensive cybersecurity legislative proposal was released last week.
Although the Cyberspace Policy Review focused on cybersecurity, the international strategy folds security issues into the mix along with business, political and national defense issues. This was reflected in the lineup of speakers at the release of the document. In addition to White House Cybersecurity Coordinator Howard Schmidt, Secretary of State Clinton and Deputy Defense Secretary Lynn, there was Attorney General Eric Holder, Commerce Secretary Gary Locke and Homeland Security Secretary Janet Napolitano.
"Our work is a team sport," Schmidt said.
DHS is the lead agency for civilian and private-sector cybersecurity within the United States, but Napolitano said the department can also help in international capacity building with the development of computer emergency response teams and information-sharing programs. Holders said future international efforts will build on recent law enforcement successes in taking down a number of international criminal networks.
The strategy is not prescriptive, but offers a starting point for patient, persistent negotiations between the United States and its allies and partners, Clinton said. Because of the broad range of areas covered, departments across the executive branch will be engaged in promoting the framework and implementing polices, both at home and abroad. John Brennan, presidential adviser for counterterrorism and homeland security, said agency progress will be assessed in six months.
The strategy focuses on seven interdependent areas:
- Economy: Promoting international standards for open markets.
- Network security: Enhancing security, reliability and resiliency.
- Law enforcement: Extending international collaboration and the rule of law.
- Military: Preparing for and responding to 21st-century challenges.
- Internet governance: Promoting effective and inclusive governance structures.
- International development: Building capacity, security and prosperity.
- Internet freedom: Supporting fundamental freedoms and privacy.
Rep. James R. Langevin, (D-RI), co-chair of the CSIS Commission on Cybersecurity for the 44th Presidency, said there is a growing need for a coherent U.S. international strategy in cyberspace.
"The United States needs to articulate a positive agenda of norms, consequences and cooperation," Langevin said in a prepared statement. "The agenda needs a vision of how the international community will manage cyberspace to ensure continued openness, connectivity and security."
The Bush administration policy of unilateral actions did not produce this kind of environment, he said. "There are still few consequences for malicious activity in cyberspace, and there are no cooperative structures to create such consequences. Real progress requires engagement with other countries. This means that the United States must put forward proposals to other governments for norms and other confidence-building measures."
William Jackson is the senior writer for Government Computer News (GCN.com).