The State Department is elevating its cybersecurity mission and is focusing on setting international cyber norms through its newest bureau.
The agency announced Monday that its Bureau of Cyberspace and Digital Policy (CDP) officially began operations.
The bureau is made up of three policy units, focused on international cyberspace security, international information and communications policy, and digital freedom.
Secretary of State Antony Blinken announced last October that the agency would stand up this bureau as part of a broader modernization of the agency.
Blinken said the bureau would specifically help realign the department to make cybersecurity a top priority for its diplomats, and emphasize the department’s role in shaping international standards and norms for emerging technology.
The State Department, more broadly, is also developing a cybersecurity strategy that reflects its restructuring.
Enterprise Chief Information Security Officer (E-CISO) Donna Bennett, the leader behind the department’s cybersecurity strategy, told Federal News Network in written responses to questions that the bureau is a “key pillar of Secretary Blinken’s diplomatic modernization efforts.”
“The role of cybersecurity in the State Department’s diplomatic mission cannot be understated,” Bennett wrote. “This office will be critical in helping to establish international cyber norms and standards that build capacity, provide deterrence, and promote American values and interests.”
Bennett said the bureau’s portfolio will include national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy.
The Bureau of Cyberspace and Digital Policy will be led by a Senate-confirmed ambassador-at-large.
Jennifer Bachus, a career member of the Senior Foreign Service currently serving as the principal deputy assistant secretary for the CDP bureau, will also serve as the senior bureau official until a permanent leader is confirmed.
Michele Markoff is serving as the acting deputy assistant secretary for international cyberspace security.
Stephen Anderson is serving as acting deputy assistant secretary for international information and communications policy, and Blake Peterson is serving as acting digital freedom coordinator.
The bureau, under this legislation, would lead diplomatic efforts linked to international cybersecurity, internet access and freedom, as well as international cyber threats.
Department officials have also been brainstorming on ways to elevate its cyber mission. They held a Cybersecurity Symposium late last year focused on elevating its cyber mission and emphasizing the importance of cybersecurity.
This year focused in part on introducing department staff to Bennett, who is leading the department’s cybersecurity strategy.
The symposium included presentations from Federal CISO Chris DeRusha and National Cybersecurity Coordinator Chris Inglis. The event also includes sessions on supply chain risk management and secure cloud capabilities.
Bennett said last year’s cybersecurity symposium was the first of its kind widely attended by the agency’s domestic workforce, as well as personnel overseas.
Bennett said the agency saw increased interest in a panel on cyber careers, which explored the many opportunities available to serve in a cybersecurity role within the department.
“At a strategic level, this year’s symposium helped educate the State Department’s workforce on the president’s cybersecurity strategy and implementation of the [zero trust] executive order requirements,” Bennett wrote.
Bennett said the symposium highlighted three key areas of the agency’s IT modernization efforts — governance, strategy and policy development and cybersecurity hygiene awareness.
To increase visibility in its cyber mission, monthly CISO Council meetings are now attended by representatives from bureaus across the department.
Bennett said the agency is also developing a cybersecurity strategy to outline cyber priorities across the department.
“Secretary Blinken’s leadership to modernize American diplomacy is timely and essential to ensuring the State Department is prepared to meet the global economic, national security, and foreign policy challenges of tomorrow. An important pillar of this strategy focuses on positioning America as a leader in shaping the digital revolution taking place around us to boost our competitiveness,” Bennett said.
The State Department’s cyber priorities include reducing risk to critical infrastructure from cyberattacks, defending a secure, open, and interoperable internet, establishing norms and standards for emerging technologies that promote cooperation, protecting against repression and disinformation, and upholding democratic values in cyber policy.
Bennett said the Bureau of Information Resource Management (IRM), which broadly handles IT matters, has also elevated cybersecurity within the department.
During the symposium, the department showcased agency personnel around the world working in several types of cybersecurity roles through a series of videos.
“These videos emphasized the importance of our collective responsibility for cybersecurity awareness and the pivotal role cybersecurity plays in advancing our diplomatic mission,” Bennett wrote.
Congress, meanwhile, continues its push to modernize the State Department.
The Senate Foreign Relations Committee last month advanced a bill that would set up a commission to modernize the State Department.
The commission would look at ways to restructure the agency, as well as the state of the agency’s workforce. That includes ways to improve recruitment, promotion, training and retention of agency employees. Sen. Bill Hagerty (R-Tenn.) introduced the bill.
The commission would include members appointed by House and Senate leadership, as well as the leadership of the House Foreign Affairs and Senate Foreign Relations Committees.