Good morning everyone.
Thank you very much for the opportunity to join this spectrum of cybersecurity leaders from across the public and private sectors gathered here today. Thank you also to CYBERINT and Bitdefender for convening this conference.
Forums such as this shine the brightest of lights upon the centrality of cybersecurity in our ever-more digital modern world. We…the United States, Romania, and indeed all democratic nations seeking security and a reliable and trust-able digital infrastructure face constant probes and attacks from cyber opponents. They are malfeasants that seek to hack, create vulnerabilities—and exploit same—and to cripple us. They are adaptive, relentless, and capable of inflicting staggering harm upon our societies. It is imperative that we, allies, work together and that we share and learn from one another if we are to effectively counter their contemptuous efforts.
Robust cybersecurity means countering a broad array of challenges and requires a whole-of-government and all-of-society response. At U.S. Embassy Bucharest, several agencies—comprising American partners from the Departments of State, Defense, Commerce, and Justice, work in close coordination with their Romanian counterparts to address them all.
These agencies work in close cooperation with our Romanian counterparts and civil society partners on numerous cybersecurity initiatives—including professional exchanges and trainings, law enforcement support, cyber education and workforce-development programs…a spectrum focused on increasing and improving our collective cyber hygiene.
As a nation and a government, we are imminently aware of the need to remain at the very forefront of security in this realm. We are actively increasing investment in both the professionals and the infrastructure needed to defend our systems, our infrastructure, our nations, and our people. We are also pleased to continue to renew our commitment to open and robust international engagement on all cyber issues.
As I said, the efforts of malign actors—both national and individual—are relentless, but this does not make their success inevitable. We cannot and must not accept that we will be breached, and that ‘incident response’ is the best we can do. We can never rest upon any laurels in this domain—it is far too critical and far too amorphous—we all must take the steps necessary to increase the security of our software and greatly improve our collective ability to prevent compromises and strictly limit them if they occur.
Globally, we must move from incident response to prevention—and we need to prioritize our policies and our investment accordingly. Working together, the best of our public and private sector experts can provide our end users with the security they need and deserve.
I say “globally” because we all know, cybersecurity cannot be addressed or ensured by any one country or business acting alone. This threat does not recognize borders…neither can our response. Safe and secure networks are essential for all we do. Without them our economies, our health, our morale, and the very freedoms that underpin our democracies are at risk.
The United States appreciates the existential risk cyberthreats pose and we will continue to lean forward in this realm. We have built our responsive and defensive strategies with an emphasis on flexibility and rapid adaptation, they are based six-pillars.
First— we encourage all partner countries to develop coherent cybersecurity strategies to mitigate risks and engage beyond their borders. We must all enhance collaboration on network defense, incident management and recovery, and support the development of these capabilities where needed.
Second—we encourage information and best-practices sharing between the public and private sectors. So much infrastructure is owned or managed by the private sector—and the experts within it are amazing—there is no other way.
Third—we highlight the need for a robust legal paradigm and for law enforcement within the cyber realm. The mechanisms to punish the guilty must exist—yes, we recognize the differences between cybercrime and cybersecurity qua security, and we counter each distinctly; however, we remain cognizant of their frequent inextricability.
Fourth—we tirelessly develop and maintain incident management capabilities to coordinate cybersecurity watch, warning, response, and recovery efforts… another pillar that benefits not just, but all of our partners.
Fifth—we endeavor to foster a culture of cybersecurity and increase citizens’ and industries’ awareness of their critical roles in protecting systems and infrastructure. Threat analysts will tell you that one of the greatest threats to our shared cybersecurity is ourselves—weak passwords, and poor administrative practices make us all vulnerable.
Last—and this brings us all here today—we must continue to collaborate with a likeminded cadre of professionals, in government, civil society, academia, and in business who understand this realm and who are dedicated to protecting it and us.
Our presence here today bears mute testimony to our dedication to this collaboration and exchange. I thank you all for what you do, and I reiterate just how much the United States appreciates its partnership with Romania. Together we will continue to adapt and refine our bilateral efforts to enhance cybersecurity and protect our economies and peoples against this threat.