Blinken unveils State Dept. strategy for ‘vibrant, open and secure technological future’

SAN FRANCISCO — U.S. Secretary of State Antony Blinken announced an international cyber strategy on Monday outlining how the federal government plans to engage the rest of the world on a range of technological security issues.

The plan is designed to guide how the Biden administration will “work with allies, partners, and stakeholders across the globe to shape the design, development, governance, and use of cyberspace and digital technologies.”

Blinken said the four goals are to advance economic prosperity, enhance security and combat cybercrime; promote human rights, democracy and the rule of law; and address other transnational challenges.

The secretary of State unveiled the plan during a speech at the RSA cybersecurity conference in San Francisco, telling the crowd that U.S. strength “comes from our solidarity with the majority of the world that shares our vision for a vibrant, open and secure technological future.”

What Blinked called “digital solidarity” is at the core of the plan, including “mutual assistance to the victims of malicious cyber activity and other digital harms.” The announcement comes as U.S. allies continue to face cyberattacks from foreign sources such as Russia and China.

The U.S. wants to assist partners, especially emerging economies, “in deploying safe, secure, resilient, and sustainable technologies to advance their development goals,” Blinken said. Another goal is to “build strong and inclusive innovation economies that can shape our economic and technological future.”

“We are rallying coalitions of governments, businesses, and civil society to shape the digital revolution at every level of the technology ‘stack’ – from building subsea cables and telecommunication networks, to deploying cloud services and trustworthy artificial intelligence, to promoting rights-respecting data governance and norms of responsible state behavior,” Blinken said.

Building off the National Cybersecurity Strategy and the National Security Strategythe 54-page plan lays out four planned “areas of action” that include:

• Efforts to “promote, build and maintain an open, inclusive, secure, and resilient digital ecosystem.”
• More coordination among allied countries around “rights-respecting” approaches to digital and data governance.
• The development of tactics that would advance “responsible” state behavior in cyberspace, and counter threats to cyberspace and critical infrastructure by building coalitions and engaging partners.
• Initiatives to build the capacity of more countries to combat cybercrime.

The State Department said its work will be guided by international human rights law and a commitment to diplomacy, as well as efforts to integrate cybersecurity into any technological effort.

A State Department official said a secure digital future is “foundational to U.S. strategic, security, economic, and foreign policy interests.”

“​​This strategy sets out a path for the United States to mobilize all resources at its disposal to implement this affirmative and proactive vision to connect people and information like never before, fostering a more inclusive, secure, prosperous, rights-respecting, safe, and equitable world,” the official said.

China and Russia

The document levels heavy criticism on Russia, China, Iran and North Korea for not only abusing technology through unrelenting hacking and spying campaigns but for also diluting international regulatory bodies and undercutting U.S. technology manufacturers through state subsidies.

The State Department even criticized allies for localized regulations around technology procurement and data sharing, arguing that such measures stifled innovation and limited the ability of their citizens to access critical digital tools.

The strategy covers future international coordination about hardware, software, protocols, technical standards, telecommunication networks, undersea cables, cloud computing, satellite network infrastructure, artificial intelligence and more.

The department warned that inaction in any of these areas will allow countries like China and Russia to “fill the void and shape the future of technology to the detriment of U.S. interests and values.”

“Russia, the PRC, and other authoritarian states have promoted a vision of global Internet governance that centers on domestic control and top-down, state-centric mechanisms over the existing bottom-up multi stakeholder processes,” the State Department said.

“Russia and the PRC attempt to use multilateral fora like the UN to exert their influence on and appeal to developing countries, with the aim of reshaping the global cyber and technology policy landscape to advance an authoritarian agenda while hampering the United States and its allies.”

The countries, according to the US, are seeking to “reshape norms governing cyberspace, undermine the technical underpinnings of the Internet, and dilute accountability for authoritarian countries’ malicious use of cyberspace capabilities.”

The department claimed authoritarian states are “often more responsive to short-term local economic development goals, providing packages that include financial subsidies, local cloud infrastructure, and workforce training.”

Economic angles

Some countries are allegedly excluding U.S. cloud providers from their markets “in part because of concerns about access to and control of data,” the State Department said. To address this, it said it wants to reach a “common understanding with our international partners on the fair and safe use of cloud computing resources.”

The strategy also slams countries for digital taxation, network usage fees and a “growing digital sovereignty narrative” that the U.S. believes “undermine key digital economy and cybersecurity objectives.”

“The Department of State, working with other agencies, will continue to argue against data localization, network usage fees, digital services taxes as well as other market access barriers that contribute to the perception of increased control, but in reality often can undermine growth and security objectives,” the document said.

The strategy also outlined efforts the State Department will make to expand the assistance it has provided to countries like Ukraine, Costa Rica and Albania following devastating cyberattacks.

By providing assistance to victim nations, the U.S. is hoping to send the message that adversarial countries “cannot isolate a target country through malicious operations.”

Several initiatives — like the hunt forward missions of U.S. Cyber Command, the U.S. Joint Ransomware Task Force and more — will be expanded to cover more countries. The document explains other moves designed to address the spread of spyware, the proliferation of AI and to build the capacity of allied nations.

The failed effort to create a U.N. Cybercrime Treaty is also mentioned in the strategy — with U.S. officials saying they will continue to “oppose overly broad definitions of cybercrime that could be used to stifle freedom of expression, infringe on privacy, and or endanger individuals and communities.”

They pledged to “pursue more action-oriented discussions at the UN focused on how member states and institutions can work together to implement the framework’s essential elements and build all states’ capacity to manage cyber-related threats.”

The U.S. said it has proposed a “Program of Action (POA)” forum as a mechanism that can be used for dialogue on cyber issues related to international security at the UN. The POA will “also incorporate the views of civil society, the private sector, and other non-state stakeholders,” according to the document.