Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)

Promoting Cyber Norms of Behavior

Senate Panel Hears Experts Address Nation-State Cyberthreats
Promoting Cyber Norms of Behavior
State Department's Christopher Painter testifies before a Senate panel.

To battle nation-state cyberthreats, the United States must work closely with its allies to develop norms of behavior in cyberspace that could then be adopted by other nations.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

That was the gist of testimony delivered by a panel of experts, including the State Department's top cyber diplomat, at a May 14 hearing of the Senate Foreign Relations Subcommittee on East Asia, the Pacific and International Cybersecurity Policy.

Christopher Painter, State Department coordinator for cyber policy, told lawmakers that the United States is aggressively working with various international organizations to promote norms of cyber behavior to combat international cyberthreats.

"There are many other countries [besides U.S. allies] that are struggling ... and we need to work with those countries ... to make sure they understand the vision we're putting forth is good for them - it's good for them economically, it's good for them socially," Painter said.

Painter identified four critical norms of cyber behavior, including:

  1. Not damaging critical infrastructure,
  2. Not preventing national computer security incident response teams from responding to cyber incidents,
  3. Not conducting or enabling intellectual property theft, and
  4. Cooperating with requests from other nations to investigate cybercrimes and malicious activities that emanate from their respective territories.

Using Measures to Build Consensus

Another way to address cyberthreats, according to testimony at the hearing, is to implement "confidence-building measures," tools and initiatives aimed at reducing and eliminating the causes of mistrust, fear, misunderstanding and miscalculations that nations have about the activities of other countries. The measures could include, for example, cyber hotlines to alert various parties during cyber-attacks and multinational investigations into major cybersecurity incidents.

Michael Greenberger, director of the University of Maryland Center for Health and Homeland Security, testified that adversaries have successfully implemented confidence-building measures with each other to ease tensions, such as the hotline between the White House and Kremlin during the Cold War. But in the realm of cyberspace, such collaborative efforts should begin with nations that share common goals, he said.

Greenberger said cooperation among federal, state and local law enforcement agencies in response to the Boston Marathon bombings last year could serve as a model for such international collaboration. As a result of the Sept. 11 terrorist attacks, Congress and the White House pushed law enforcement agencies at all levels to better collaborate on responses and the cooperation of police agencies in Boston was a result of that effort. "The process of just bonding, in and of itself, is therapeutic because you start discussing things that you can do together," Greenberger said.

Pressuring Cyber-Adversaries

Greenberger and James Lewis, a cybersecurity expert at the think tank Center for Strategic and International Studies, suggested that creating a consensus on norms of behavior could potentially pressure America's cyber-adversaries such as China, Russia, North Korea and Iran, to change their conduct.

"We've been trying to get everyone to agree, and having sat in a room for many days with Russian and Chinese diplomats and military officials, we're not going to get them to agree anytime soon," Lewis said. "So, it is time to take a step back and say, 'Maybe we need to agree on rules among those countries who are like-minded, among those countries who are democracies, who share values.' I just don't think the Russians and the Chinese are that eager to agree with us on anything at the moment."

Taking a consensus approach could help win support from emerging powers, such as Brazil and India. However, Lewis said getting such buy-in from emerging powers could prove challenging because of the damage caused by leaks about the National Security Agency's cyber-surveillance.

"These new powers form a middle ground between Western democracies and authoritarian regimes, and the policies these countries choose to pursue will determine the future of the Internet and cybersecurity," Lewis said. "Most of the new powers support fundamental human rights, and in particular freedom of speech and free access to information. This puts them at odds with the authoritarian view of cyberspace, but they also believe that national sovereignty and government must play a larger role in Internet matters, and they were troubled by the NSA revelations - factors that work against U.S. influence."

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.