A recent study found that there is likely to be $1 trillion dollars of additional gross domestic product growth in the ASEAN region attributable just to digital economy, spurred by the accelerated adoption of digital technologies. However, according to Robert Strayer, U.S. Deputy Assistant Secretary for Cyber and International Communications and Information Policy, 75% of those trillion dollars of gains could be put in jeopardy if cyber security threats and malicious cyber activities are not addressed.
Strayer was in Singapore last week to participate in the 3rd ASEAN Ministerial Conference on Cybersecurity as well as other events associated with Singapore International Cyber Week. He addressed the media in a teleconference to talk about U.S. perspectives on cyber security in regional and global policy.
The teleconference came shortly after the release of the U.S. National Cyber Strategy which emphasized on the United States’ commitment to collaborate with foreign partners and allies to preserve cyberspace as an engine of a vibrant digital economy and promote best practices and policies that enhance innovation, openness, and efficiency.
“One of the reasons that we place such a high importance in participating in conferences like this is that we want to share the U.S. vision for cyberspace and talk about how we can better coordinate on international cyber security issues as well as work with countries directly on cyber capacity building, and on confidence building measures in cyberspace so that we can avoid the risk of escalation of a conflict that might have occur if there are misunderstandings,” said Strayer.
He also touched on the growing concern of malicious state-sponsored cyber activity that has escalated over the past couple of years, citing that the U.S. is seeking to work with other nations to coordinate on a framework that will establish what are norms of responsible state behaviour. In other words, to establish the “the rules of the road”, as he put it, so it is understood what is responsible and what is irresponsible behaviour in cyberspace.
“But we know that those rules themselves are not self-enforcing. And that some nation states may still seek to act outside of those norms to pursue interests in cyberspace that run counter to the rest of like-minded nations' interests. Therefore, we understand that we need to deter such malicious behaviour and we will seek to do so by joining with other countries in the attribution and imposition of consequences,” he added.
When asked how ASEAN nations can bolster their capacity to cope with increasingly persistent and disruptive cyber security threats, Strayer said that the first important step is for governments to establish a Computer Emergency Response Team (CERT) – entities that can take threat information or see an incident that is happening and then take responsive measures.
In addition, ASEAN nations must have a national cyber strategy, a strategy that can guide governments to prioritize efforts and then to set forth legal and technical policies that can nest under a cyber strategy, and to empower and make transformational changes to the cyber security posture within a country.
He also mentioned that the enforcement of criminal laws can also be a significant deterrent for bad actors. But seeing that malicious actors can cause tremendous harm from anywhere in the world, cyber crime really is a shared risk that can only be overcome is ASEAN member nations are prepared to work together.
Strayer ended the briefing on a positive note, saying, “One takeaway I have from having met with so many governments here is the incredible importance they are placing on the digital economy, on facilitating Internet connectivity and preserving that Internet connectivity, the value and the viability of the Internet for current generations and future generations as a top national priority.”
“In the United States, we similarly have that view that we need to make it a top national priority to preserve the value of the Internet, not let it be degraded by nefarious actors. So we want to keep working with other governments in recognition, especially of the fact that cyber threats can emanate anywhere in the world and instantly be within our own borders. So we need to have collaborative processes and engagement in order to counter those cyber-attacks.”