Secretary Generals, Presidential Counselor, Director, ladies and gentlemen, distinguished guests, friends,
Thank you for inviting me to this indeed very important conference in a beautiful location, on a beautiful autum day. This event comes at a critical moment as together we face inumerable threats against our networks and interests in cyberspace. I want to congratulate the National Cyberinteligence Center for organizing this conference which demonstrates Romania’s leadership in cybersecurity.
In my remarks today I will share an overview of our new American national cyberstrategy and highlight some of our important cyber-collaboration that has taken place under the U.S.-RomanianStrategic Partnership. October is National Cybersercurity Awareness Month in the United States as well as the European Cybersecurity Month in the European Union. These anual initiatives serve to raise awareness about the importance of cybersecurity so it is very, very timely that we are meeting here in this month to also discuss cybersecurity.
U.S.-EU and NATO cooperation on cybersecurity is robust. On September 13, we held the 5th U.S.-EU Cyber Dialogue in Brussels between the U.S. Department of State and the European External Action Service to reaffirm our strong transatlantic partnership on cyber issues and our commitment to address malicious cyber activity. On October 16-18, just in a couple of weeks, NATO will hold its largest cyber security conference ever.
Poor cybersecurity practices present a primary threat, both domestically and internationally. Increasingly, critical infrastructure, in particular, is interconnected and dependent on global infrastructure and systems that are vulnerable to physical as well as cyber threats. Cybersecurity is a cross-cutting, cross-sector challenge, so we must tackle it together.
On September 20, the White House released its 2018 National Cyber Strategy, outlining the steps the United States will take to advance an open, secure, interoperable, and reliable cyberspace. The Strategy focuses on four key areas:
- First, strengthening American cybersecurity;
- Second, protecting cyberspace as an engine of economic growth and innovation;
- Third, strengthening efforts to deter destabilizing activity in cyberspace; and finally
- Fourth, preserving the long-term openness of the Internet, which supports and reinforces American interests.
The United States is also committed to building the cyber capacity of our international partners, including here, in Romania. Through direct capacity building efforts, we try to assist partners in establishing and executing national cybersecurity strategies, addressing cybercrime, instituting cybersecurity standards, and protecting critical infrastructure from cyber threats.
Our cybersecurity engagement under the U.S.-Romania Strategic Partnership Cyber and Digital Affairs Working Group, is active throughout the year and includes regular bilateral cooperation, information exchange, and incident management and recovery efforts with Romanian cyber authorities.
This year, we sponsored Romanians cyber officials’ attendance at two important regional cyber training opportunities:
- First at a cyber-strategy implementation workshop in Hungary, Romanian government representatives learned advanced cyber strategic planning, cyber legislation and regulation development, cross-ministerial and cross-sector collaboration techniques, and best practices for governmental oversight of critical infrastructure cyber protection.
- Second, a cybersecurity and international law education seminar in Germany expanded on existing international cyber capacity-building and partner engagement activities. The participating Romanian officials we sponsored enhanced their knowledge of international law and its application to states’ cyber activities.
Through the Cyber and Digital Affairs Working Group we are also working with the Permanent Electoral Authority and Special Telecommunications Service to help protect Romania’s electoral mechanisms. As part of this ongoing collaboration, we share information and exchange best practices to protect electoral processes from cyber interference and malign influence. These are risks, of course, that are very well known, unfortunately to the United States, both the federal government and the state governments.
Additionally, we are working with the Ministry of National Defense to help stand up a Romanian Military Cyber Command. Our support includes assessment visits, mobile training teams, and cyber training in the United States for Defense Ministry officials. When fully operational, the cyber command will have the capability to detect, defeat, and respond to attacks on defense-related critical infrastructure, and provide enhanced interface with NATO.
Because of the interconnected nature of cyberspace, when our partners improve their cybersecurity practices, it ultimately makes other countries, including the United States, safer and more resilient against cyber threats. In economic terms, cybersecurity is a public good and when any country improves cybersecurity it has a positive ripple effect on all members of the international community in cyberspace.
Internet freedom is a core principle of the National Cyber Strategy, which the United States promotes through a variety of bilateral and multilateral engagements, as well as through foreign assistance programming.
We support the multi-stakeholder model of Internet governance against attempts to develop state-centric governance models and we reject the use of spurious cybersecurity concerns as a pretext for digital protectionism. We also raise concerns bilaterally about actions that governments may take to restrict access to the Internet or suppress free speech online, and urge U.S.-based Internet companies to respect human rights and implement the UN Guiding Principles on Business and Human Rights as they design and carry out their commercial activities.
To preserve cyberspace as an engine of a vibrant digital economy, we work with foreign partners and other stakeholder groups, including civil society and the private sector, to promote best practices and policies that enhance innovation, openness, and efficiency. We provide support for technology development, digital safety, policy advocacy, and research. In the past decade, the United States has provided over $165 million in foreign assistance to support Internet freedom programs.
Finally, we are addressing malicious state-sponsored cyber activity that is inherently destabilizing and contrary to the national interests of the United States and its partners and allies. In cooperation with foreign partners, Allies, and stakeholders, we advocate for a framework of responsible state behavior in cyberspace built on international law, adherence to voluntary non-binding norms of responsible state behavior that apply during peacetime, and the implementation of practical confidence building measures to reduce the risk of conflict stemming from malicious cyber activity. And we work to ensure that there are consequences for disruptive cyber behavior that harms the United States and our partners, with recognition that all instruments of national and international policy are available to prevent, respond to, and deter malicious cyber activity against the United States and its allies.
Cybersecurity is unlike any challenge we’ve ever faced. Technologies are shifting by the minute, from the Internet of Things to 5G to artificial intelligence to machine learning, to quantum computing, and each advance is accompanied not only by new opportunities, but new challenges. And just as the threats are evolving, our efforts, too, must evolve. I applaud you gathering here today and your focus today on improving public-private cooperation, understanding future threats, and raising cyber awareness. Today’s conference highlights an important aspect of our strategic partnership, and I look forward to our continued cyber collaboration.
Just one follow-on note before I finish to Director Ionescu’s comments on the potential role of universities in this important field of work and important bilateral cooperation. I am inspired by the Romanian investment in scholarships at the graduate level of universities. I know similar programs are in place in the United States. One thing that is perhaps not lacking but we could focus our work on expanding is encouraging partnerships between Romanian universities and American universities in the area of cybersecurity. This is not only potentially an area focus for our cybersecurity workshop under the U.S.-Romania Strategic Partnership but we also have another working group that focuses on exchanges in the areas of science, engineering, education and culture. This working group was put into place in 2015-2016 at the initiative of the Romanian Government – the Ministry of External Affairs. I thought the initiative was a very good one but quite frankly I think work or results in this area have not been as many as promised. So perhaps there is a possibility for collaboration between these two working groups – the cyber working group and the research in technology, education, culture working group to encourage collaboration between American and Romanian universities.
Just two years ago I was in Montgomery Alabama. General Ciuca and I were just discussing this earlier this morning and I went to Auburn University; they have a school of advanced engineering in cybersecurity. I think it would be great if we could find a way to have them partner with a Romanian university just as the Alabama State National Guard has become such a very, very strong partner of the Romanian defense forces.
Thank you for your patience and good luck!