By Julia Voo*
Under Donald Trump, US global leadership on cyber issues came to a screeching halt. But ‘America is back’ under President Joe Biden. Observers can expect sensible, expert-crafted policy that unpicks the policy discord while maintaining the previous administration’s focus on technology competition and trusted networks.
Biden placed seasoned cyber and technology experts at the heart of the National Security Council (NSC) and charged them with coordinating an interagency approach. High-profile appointees included Anne Neuberger, former cybersecurity director at the National Security Agency (NSA); Michael Sulmeyer, senior adviser to the NSA; and General Paul Nakasone, US Cyber Command leader. The Director of the Office of Science and Technology Policy has also been elevated to Biden’s cabinet, placing science at the centre of policymaking. These changes are a shift from the past four years, which saw the NSC’s cybersecurity coordinator role terminated and the State Department’s cyber office closed.
Reflecting the need for a more strategic approach towards cyber-attacks, the 2021 National Defense Authorization Act included the creation of a new Office of the National Cyber Director (NCD) within the Executive Office of the President. The NCD is tasked with coordinating cyber defence and deterrence strategies, industry engagement and cybersecurity-related diplomatic initiatives.
Now that the United States has an experienced, empowered team of Asia Pacific and cyber experts who recognise the value of diplomacy, there will be a stronger focus on Obama-era norms. These include refraining from conducting cyber activity that could damage critical infrastructure or interfere with cyber emergency response teams; not conducting cyber-theft of intellectual property; mitigating domestic malicious activities; and helping allies to defend against cyber-attacks.
But efforts at multilateral engagement will be complicated by a fragmented and anarchic system of global cyber governance. Cyber-diplomacy occurs at multiple levels with an assortment of state and non-state actors, acting with various geopolitical interests and overlapping remits. The current state of global cyber governance is messy and ineffective, particularly in relation to highly contested issues such as the application of the Law of Armed Conflict in cyberspace.
Under Trump, the United States failed to demonstrate much-needed global leadership, sitting out on multilateral initiatives such as the Paris Call for Trust and Security in Cyberspace. With a new president who believes in global leadership and alliances, there are high hopes for the United States to step up again. As the looming threat of future cyber-attacks encourages robust information exchange between countries, the United States should also look to broadening the alliance of trusted democracies and the issues on which they cooperate.
The Biden administration will seek to fortify democracy against authoritarian forces by building trusted proprietary technology alliances. Cyber priorities will likely include strengthening trusted techno-democracy alliances, shaping data flows and mounting a stronger response against cyber-attacks.
Techno-democratic alliances that include governments and companies, such as the proposed T-12 alliance, will likely appear in a rewired and more comprehensive version of Trump’s Clean Network Initiative — which focussed on keeping Huawei out of US and allied 5G networks — to ultimately build a cohort of trusted vendors. The reaffirmation of quadrilateral cooperation between the United States, Australia, India and Japan included the announcement of a critical and emerging technology working group to facilitate cooperation on international standards and innovative technologies of the future. It also demonstrated the importance of the ASEAN region to this alliance-building.
While public attribution of cyber-attacks will likely continue, the appointment of Anne Neuberger and Michael Sulmeyer suggests that a strong response to cyberattacks will become the norm, starting with the SolarWinds breach — the biggest cyberattack on the US government in recent years. Biden’s Chief of Staff Ron Klain suggested that the administration’s response may include not only public attribution but also financial penalties and retaliatory hacks on Russian infrastructure.
In the first weeks of his Presidency, Biden reached out to Australian Prime Minister Scott Morrison and South Korean President Moon Jae-in. Biden’s National Security Advisor, Jake Sullivan, has called ASEAN ambassadors to discuss opportunities to enhance cooperation on global issues and ‘the importance of ASEAN centrality’. Sullivan also contacted his counterparts in South Korea and India.
It is clear that building a coalition of allies will be the tool of choice for key US priorities, such as China. We can expect to see further cooperation with Asia Pacific economies, particularly Australia, India, Japan and South Korea. But plans to utilise global governance systems to address cyber issues, or efforts to reach out to countries outside of the United States’ immediate circle of allies, are notably absent.
In an age where both authoritarian and democratic countries lead the development and application of digital technologies, what seems to be Biden’s plan so far is too skewed towards democracies with high-tech capabilities. This risks creating a democratic technology bloc with seemingly little aspiration of finding middle ground with less-democratic high-tech countries and other countries with limited technological capability.
The Biden administration’s appointment of cyber experts and strengthening of old democratic alliances are welcome improvements to the US cyber strategy. But those efforts alone are not sustainable. Parallel efforts need to be made to grow the United States’ sphere of influence with non-democratic and developing countries. A US-led techno-democratic alliance could drive a collective effort to improve global cyber governance and increase security and stability for many countries, not just a few.
*About the author: Julia Voo is a Cyber Fellow at the Belfer Center for Science and International Affairs, John F Kennedy School of Government, Harvard University.
Source: This article was published by East Asia Forum. An extended version of this article appears in the most recent edition of East Asia Forum Quarterly, ‘Asia after Biden’s election’, Vol. 13, No 1.