4 ways US can boost cybersecurity

[Commentary] The Obama administration has repeatedly and publicly named China as America’s principal cyber-espionage enemy, highlighting China’s aggressive economic cyberspying against American businesses and critical infrastructure. President Obama himself mentioned cybersecurity concerns during his congratulatory phone call with new Chinese President Xi Jinping. Deciding to name and shame China openly is a significant step in US cybersecurity policy and has international repercussions: It forces the two countries to address the issue publicly, and shines a spotlight on the cyberactivity of other countries, including the United States.

This may increase pressure on governments and companies to act more forcefully against cyber-espionage attacks. Of course, China is not the only country that has committed, or will commit, cyber-espionage. Indeed, China has accused the US of cyberattacks and recently described itself as a leading victim of hacking attacks. The full scope of international cyberattacks is hard to define because of the challenge of identifying who launched an attack, and the absence of a coordinated, global effort to find out who the hostile cyberactors are. To navigate this new diplomatic landscape and successfully protect its own cybersecurity interests, the US needs a proactive cyber foreign policy that goes beyond naming and shaming.

Here are four steps the US can take to bolster its diplomatic efforts to address cybersecurity threats: 1) Start where countries agree, 2) Enlist the support of allies, 3) Be more proactive, and 4) Communicate clearly.

[Emilian Papadopoulos is chief of staff at Good Harbor, a cyberrisk consulting firm. He previously worked at Canada’s Department of Foreign Affairs. Eli Sugarman is a Truman fellow and senior director of Gryphon Partners. He previously worked at the State Department.]