With all of the rising concerns about the future of cyber diplomacy at the State Department, there is new hope that the agency is finally getting its internal IT security processes aligned to be more effective.
State quietly launched a new Cyber and Technology Security (CTS) directorate, which falls within the Diplomatic Security Service.
“CTS facilitates the conduct of global diplomacy by protecting life, property, and information with advanced cybersecurity programs and risk-managed technology innovation,” a State Department spokeswoman said. “CTS provides advanced cyber threat analysis, incident detection and response, cyber investigative support and emerging technology solutions.”
The spokeswoman offered a few more insights when asked for specifics. “DS/CTS provides an array of cybersecurity services across the department, and maintains a strong working relationship with other federal agencies on a number of operational security matters,” she said.
Basically, as one government official who is familiar with State told me, there is now one “belly button” to push to ensure embassies, consulates and foreign affairs officers are aware of and mitigating cybersecurity vulnerabilities and attacks.
“The responsibility for cyber always was shared by the State CIO’s office and diplomatic security. It goes back to a memo from former Secretary of State Colin Powell, who split up operational cyber, which falls under the CIO and is responsible for things like patching, firewalls and making sure operational systems are up to speed,” said the official, who requested anonymity in order to speak about the sensitive topic of cyber at State. “Diplomatic security is watching for intrusions, doing white-hat activity on the network. So in some ways, the CTS is part of a natural evolution. Diplomatic Security is a large bureau and this is part of a realignment to put resources under one group. It may be part of a larger internal reorganization in Diplomatic Security. But either way, it’s great because it gives the CIO one point of contact. We will wait to see if another shoe drops about long-term consolidation of cyber efforts across the department.”
The spokeswoman said Lonnie Price is the interim director for the Cyber and Technology Security (CTS) Directorate. Price has been with State since 1987, serving as a security engineer, director of the Countermeasures Division and most recently director of the Office of Security Technology, according to his LinkedIn profile.
By moving someone like Price to lead CTS, at least State’s commitment to getting its own house in better order is clear.
The government source said CTS will improve how efficiently Diplomatic Security addresses the ever-growing cyber challenge.
The next step, the source, said, would be to bring the CIO and Diplomatic Security cyber offices even closer together.
“The ultimate question is, will both organizations fall under same authority and what authority will that be?” the official said. “State is putting so much emphasis on cybersecurity to protect its networks, data and people, and it’s clear they want to improve and make cyber more efficient.”
The official said a similar change around cybersecurity is happening in the CIO’s office in terms of consolidation and coordination.
“There are a lot of pros and cons to move all of cyber under the CIO’s office,” the official said. “One advantage of having cyber or a piece of cyber in Diplomatic Security is you have a different viewpoint because of where they sit in the organization. If all of cyber is under the CIO’s office, then you have one view across the entire department. What’s important is all of cyber should sit together. The bifurcation of cyber is not an efficient way of doing things. This is why CTS is a good step in that direction, whether the end result is in Diplomatic Security or the CIO’s office.”
The creation of CTS, which State opened earlier this year, should be seen as a light at the end of what many are calling a dark tunnel that started about a month ago when the news broke that Secretary of State Rex Tillerson wants to possibly eliminate, at worst, or reorganize, at best, the cyber diplomacy office run by Chris Painter since 2011. Painter retired from State at the end of July.
Painter made an impassioned plea in a blog post on Medium about why the cyber diplomacy office is needed, especially now.
“My office literally created and advanced a whole new area of foreign policy focus that simply didn’t exist before,” Painter wrote. “As both cyber threats and opportunities have continued to grow, so too have the range of cyber issues — including everything from internet freedom and governance to combatting cybercrime, fostering cybersecurity and advancing international security and stability in cyberspace. These important matters have evolved from being seen as largely niche or technical issues, to core issues of national security, economic security, human rights and, ultimately, core issues of foreign policy.”
Painter said despite much progress over the last six years, cyber diplomacy remains at the beginning of the process.
“Achieving the future we want will require continued high-level attention and a significant and sustained effort. Diplomacy has and must continue to play a pivotal role — shaping the environment, building cooperation, and working to build coalitions to respond to shared threats, and we must continue to lead the international community,” he wrote. “This is not some legacy Cold War issue but the quintessential 21st-century issue of our national security — involving aspects of human rights, security and economic policy — requiring high- level leadership and a matrixed 21st-century response that leverages all of our capabilities.”
David Fidler, an adjunct senior fellow for cybersecurity at the Council on Foreign Relations, the James Louis Calamaras professor of law and a senior fellow at the Center for Applied Cybersecurity Research at Indiana University, wholeheartedly agreed with Painter and many others’ opinion that closing the cyber diplomacy office would be a huge mistake.
Fidler, who wrote a blog post on July 26 on CFR’s website, told Federal News Radio that the creation of CTS in light of Tillerson’s possible decision to close the diplomacy office is a “head-scratcher.”
“If they, in fact have a strategy and if the strategy projects seriousness of U.S. interests across cyberspace and the White House is empowering State to implement it, OK, let’s see that strategy,” Fidler said. “The inside-the-Beltway community had a fit when the State office of cyber issues was closed, but to me, the debate about the office missed the larger problem with the Trump administration. It’s not clear they believe these issues are strategic. They don’t have a strategy as far as anyone can tell, and they are not empowering State to do anything including cyber. I don’t care what it’s called, but we need to see the department supporting a strategy.”
Fidler said if CTS is one of the few ways Diplomatic Security is addressing cyber challenges, it’s a very narrow view of cyber diplomacy.
But the government official said during Tillerson’s confirmation hearing, he told Senate lawmakers he would like to create a cyber ambassador to work with allies and other partners to create cyber norms.
It would be good for Tillerson to clarify what’s going on with cyber and the broader much-rumored State Department reorganization.