U.S. International Cybersecurity: Evaluating Our Priorities

International cybersecurity has become increasingly important in international affairs as the world continues to digitize and globalize. Many countries, including the United States, see cybersecurity as a top priority and are investing heavily in improving their cybersecurity capabilities.

Naturally, cybersecurity has been elevated to the very core of U.S. science and technology policy as indicated in the latest account of such policies prepared by Professor Nicholas Vonortas and International Science and Technology Policy Master’s students Brennan Hoban and Connor Rabb, for the next UNESCO Science Report. This major international publication is published every five years on November 10 in celebration of the World Science Day for Peace and Development and maps science, technology, and innovation policy and governance around the world. Vonortas, Hoban, and Rabb share part of their research findings for the UNESCO Science Report.

What is cybersecurity and what are the ramifications of a cyberattack?

Cybersecurity includes data privacy and protection, which has become an issue of major public importance in the U.S., lagging behind others such as the European Union and China in terms of explicit and comprehensive data protection legislation. In recent years, major breaches of data privacy have ignited a fierce debate about how major tech companies such as Alphabet (Google’s parent company), Amazon, Facebook, and Twitter use and store Americans’ data.

Cyberattacks can cause lasting damage such as stealing critical information from companies that can gut their competitive strategy, interfering with national elections, suppressing underprivileged populations, shutting down the electricity grid, spreading lies and misinformation of the internet, jamming critical infrastructure in space (satellites), and creating national security emergencies with nuclear weapons. We depend on cybersecurity to protect critical information and systems. According to a 2019 survey by the Pew Research Center, Americans see cyberattacks from other countries as the top international threat, above threats from terrorist militant groups and global climate change. This is likely related to alleged “sweeping and systematic” Russian interference in the 2016 US presidential election, according to Special Counselor Robert Mueller. 

What has the U.S. done to prevent breaches of cybersecurity that affect consumers?

The U.S. has not yet had a federal level consumer data privacy law or a data security law. Instead, it relies on a patchwork of regulations from various levels of government and domains to cover its cybersecurity and data privacy legal framework. The most notable agencies involved in the U.S. cybersecurity framework is the Department of Defense’s Cyber Command and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

In 2018, the federal government created a new Cyberspace Solarium Commission (CSC) to “develop a consensus on a strategic approach to defending the U.S. in cyberspace against cyberattacks of significant consequences”. The CSC makes recommendations on several pillars:

  1. reforming government
  2. strengthening norms
  3. promoting resilience 
  4. operationalizing work with the private sector, and 
  5. using military power

The actions in these pillars focus on working with allies and partners to shape and promote responsible behavior in cyberspace, denying benefits to adversaries exploiting cyberspace to American disadvantage, and imposing costs on actors who target America in and through cyberspace. There is a strong emphasis on defending against catastrophic cyberattacks and implementing policies to better recruit, develop, and retain talent with cybersecurity skills.

What are the major takeaways from the Cyberspace Solarium Commission?

The major recommendations of the Solarium regarding government reform include the appointment of a National Cyber Director and the creation of a House Permanent Select and Senate Select Committee on Cybersecurity. Further recommendations are for Congress and the executive branch to pass legislation and implement policies designed to better recruit, develop, and retain cyber talent to deepen the pool of candidates for cyber work in the federal government.

To hold its position as a global leader in science, technology, and innovation, the U.S. has prioritized artificial intelligence, quantum computing, the fifth-generation mobile network communications (5G), and cybersecurity. Broader fields of emphasis have included advanced manufacturing, space, and health. Similar to cybersecurity, the U.S. is making long-term investments in these areas, developing programs to train a workforce with the requisite, and improving collaboration between government and business entities to innovate and strengthen the U.S. capabilities across these priorities. 

What would you change about domestic and international cybersecurity priorities? Would you like to participate in the conversation and connect with the faculty and students shaping the international landscape? Prospective students of the Elliott School of International Affairs are welcome to join our regular Information Session webinars.

The Elliott School offers 12 interdisciplinary master’s degrees with many specializations, as well as dual-degree and joint-degree options. Explore these options and our Master of International Policy and Practice accelerated degree programs designed specifically for mid-career professionals.