The Public Eye with Eric Chabrow

Governance & Risk Management , Privacy

State Department Official Who Backs Russian Cyber Engagement Leaving

Christopher Painter Departs at Month's End as First U.S. Cyber Diplomat
State Department Official Who Backs Russian Cyber Engagement Leaving
Christopher Painter testifying before a Senate panel in 2015.

America's first cyber diplomat, who has advocated for diplomatic engagement with U.S. adversaries in cyberspace, is leaving his post as coordinator of cyber issues at the State Department. Christopher Painter, who's held that job since early 2011, has worked with scores of nations in the pursuit of a safer cyberspace.

See Also: From Cost Center to Strategic Asset: Automating Cyber Risk and Compliance

"I think it's important for us to engage with all countries around the world, and I think it's important for us to engage with Russia and China," Painter once told me.

Painter hasn't publicly commented about the kerfuffle over the Russian hacking of the U.S. electoral systems, including Democratic Party computers, and the possible involvement by the Donald Trump campaign with Russia on campaign meddling. He hasn't responded to my request for an interview.

But Painter has been a consistent voice promoting U.S. interaction with nearly all nations to protect critical infrastructure and develop cyber norms. Engaging the Russians in a joint cybersecurity task force - which Republican Sen. Lindsey Graham of South Carolina characterized as a "dumb idea" - isn't necessarily the kind of engagement Painter has advocated.

Trump had proposed in a Twitter post - but later abandoned after criticism from Graham and other lawmakers - that the U.S. and Russia form "an impenetrable cybersecurity unit so that election hacking and many other negative things will be guarded."

Defining Engagement

To get an idea what Painter means when he talks about engaging our cyber adversaries, take a look at an excerpt from an interview I conducted with him a few years back:

"With Russia, it was very important for us to establish these cyber confidence-building measures. ... One of them is more exchange of certain technical information about threats. One of them was an exchange of military doctrine in cyberspace. We had our defense strategy for operating in cyberspace and the Russian Federation had a white paper that their [Ministry of Defense] created. That builds better understanding between the countries of what we're doing."

Later in the interview, Painter added:

"We're not going to agree with China or Russia on every issue in cyberspace, to be sure, but we need to make practical progress that makes sure that we're answering the threats that are out there."

Impressive Cyber Bona Fides

I got to know Painter in 2010, when he was a top cyber policymaker in the National Security Council during the Obama administration, working closely with then-White House Cybersecurity Coordinator Howard Schmidt. (Painter served as acting cybersecurity coordinator in the months leading up to Schmidt's appointment.)

The man has impressive cyber bona fides, as his official State Department biography states: "Painter has been on the vanguard of cyber issues for over 26 years." As an assistant U.S. attorney in Los Angeles in the 1990s, Painter prosecuted hacker Kevin Mitnick and those behind the first internet stock manipulation scheme. While at the Justice Department, he helped write the National Strategy to Secure Cyberspace in 2003, and he served as a key player in the group that produced the Comprehensive National Cyber Initiative in 2007 under President George W. Bush.

Now, it seems that the State Department isn't only losing a highly qualified cyber policymaker, but it might be shuttering the office he leads.

The news site Politico reports that Secretary of State Rex Tillerson is considering closing the cyber office or merging it with another office and downgrading the cyber coordinator's rank.

But White House Cybersecurity Coordinator Rob Joyce told reporters at a cybersecurity policy forum on Wednesday that no final decision about the fate of the office has been made. "I'm certainly counting on the State Department to carry out a lot of the mission [going] forward in doing those norms and doing those international agreements," Joyce said, according to Nextgov. "I am confident that Secretary Tillerson is not going to impair cybersecurity."

Alarming Internet of the Future

Let's hope so. Downgrading the State Department's role in defining cybersecurity would be foolish and irresponsible as the internet increasingly becomes more vital to the functioning of government, business and society.

"America is particularly vulnerable right now to losing this momentum and surrendering global leadership to China and Russia," Jason Healey, senior research scholar at Columbia University, cautions in a blog. "It is entirely possible in 10 years, the internet will no longer look and feel American - lightly monitored, with no central control, and few borders. It is far more likely to have an autocratic feel."

That's a frightening thought.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.