Q3/2018 - US President Trump, National Cyber Strategy
On 21 September 2018, US president Donald Trump presented a new "National Cyber Strategy of the United States of America". Based on the statement of the “US as the world´s lone superpower”, the elements of the US cyber strategy are explained in four chapters, so-called pillars..
- Chapter 1 is about protecting America (Protect the American People, the Homeland and the American Way of Life). It is subdivided into three parts. "Secure Federal Networks and Information", "Secure Critical Infrastructure" and "Combat Cybercrime and Improve Incident Reporting";
- Chapter 2 deals with the protection of the American digital economy (Promote American Prosperity). It is also divided into three subchapters: "Foster a Vibrant and Resilient Digital Economy", "Foster and Protect United States Ingenuity" and "Develop a Superior Cybersecurity Workforce";
- Chapter 3 is dedicated to stability and the preservation of peace in cyberspace (Preserve Peace through Strength). It gives guidelines how to work out behaviour norms for state and non-state players in cyberspace and how to attribute cyber attacks: “Enhance Cyberstability through Norms of Responsible State Behaviour” and "Attribute and Deter Unacceptable Behaviour in Cyberspace";
- The fourth chapter provides arguments for extending the American influence on the global stage (Advance American Influence). The chapter is divided into two parts: "Promote an Open, Interoperable, Reliable and Secure Internet” and “Build International Cyber Capacity".
The fundamental idea on which the new US cyber strategy is based assumes that America is surrounded by enemies in cyberspace (China, Russia, North Korea and Iran are expressly mentioned) and that it must establish an effective defence to fight them. A purely technical approach is considered too narrow in this context. What is needed is a "whole-in-government" approach that is geared both to the expansion of the USA' own protection and defence against attacks and that also contains substantial elements of deterrence. Potential attackers must be aware that they have to pay a high price if they attack the USA in cyberspace. The strategy states that the US will respond to attacks from cyberspace with retaliatory measures applying all means – political, economic, diplomatic and military – that are available to the US government, in other words there will be an "asymmetric reaction".
The US cyber strategy promotes an open, interoperable, reliable and secure Internet and generally supports the multistakeholder principle with regard to Internet governance. It is intended to establish a kind of "coalition of the willing" for a Cyber Deterrence Initiative. The US strategy paper identifies ICANN, the ITU, the UN and the Internet Governance Forum (IGF) as the main international arenas where this debate on the future of the Internet will take place in the coming years.
The implementation of the US cyber strategy shall be overseen by the National Security Council. Consequently, the American President’s National Security Advisor, John Bolton, is directly responsible for cyber security issues and thus also for all Internet-governance matters in the White House. This includes the coordination with other US government agencies such as the Department of State, the Department of Commerce, including the National Telecommunication and Information Administration (NTIA), which is responsible for ICANN, and the Department of Homeland Security.