Midco supports cspan as a public service, along with these other television providers, giving you a front row seat to democracy. Next, a look at u. S. Cyber strategy and policy with the director of the cypress of dirty and the cybersecurity and infrastructure administration, jen easterly, and ambassadoratlarge for cyberspace and digital policy Nathaniel Fick with other federal officials. They discuss artificial and Artificial Intelligence and threats from adversaries. From the Atlantic Council, this runs about an hour. Stand by for music to begin the event. Good afternoon. Good afternoon, everybody. My name is graham brookie, and im Vice President of Technology Programs at the Atlantic Council. Im pleased to welcome you to todays discussion and the d. C. Launch of the department of states firstever cyberspace and digital policy strategy. This is an exciting conversation because last week the strategy was released. Americas top table met traveled to a conference of computer top diplomat traveled to a conference of computer programmers and techie in San Francisco as opposed to some farflung capital to discuss strategy and highlight the centrality of the tech communitys role in the United States role in the world. In my opinion, more portly, a plan in jew Political Commission and dizzying catalog geopolitical conversation and dizzying technological change, includes Guiding Principles with the combined 23 lines of effort around this idea of digital solidarity, we will get into. This is a concept that is near and dear to the Atlantic Councils mission of shaping the Global Future together. I have to say that. I wake up in the morning and say that every single day. The work of Technology Programs including the democracy and tech initiative, Digital Forensic research lab, tech center, and capacitybuilding initiative, is deeply aligned with every element of the strategy. We have been looking forward to this document for a long time. Importantly, an essential part of this is the workforce that is behind it, as well as how the department of state and the rest of the agency organizes around the strategy. I way of background, in 2021, secretary blinken announced the creation of a new bureau of cyberspace and digital policy led by the firstever u. S. Ambassador at large for a number of different things, but specifically technology, who you will hear from shortly. It brought together parts of americas Foreign Policy working on cyber, digital economy, Digital Freedom policy, all in one entity capable of drawing on all elements of u. S. Power, and working across the u. S. Government and capable of implement such a nowambitious strategy. Today we are joined by ambassador nathan sick, ambassador at large for the department of state, jen easterly, director of cybersecurity and Infrastructure Security Agency department of homeland security, and alan davidson, assistant secretary of commerce for communications and information and administrator for the National Telecommunications and information administration, which i live in washington, d. C. Commencing the full title is hard for us and assaying the full title is hard for us, so i will say ntia from here on out. Thank you all who have joined in person and online. If you have any questions, feel free to ask them, askac. Org. Excited to get into this. Firstever strategy what is the point what is the main organizing function, what has been the main entry main Energy Behind drafting and doing the organizing that goes into drafting a comprehensive document accurate ambassador fick. Nathaniel i will jump right in, and thank you for having us, and thanks to the Atlantic Council. Thanks also to jen and alan, who in addition to being copanelists today are great colleagues on these issues, and i appreciate your partnership. The fact that the three of us are here in part should that this is the United States cyberspace and digital policy strategy. The task for drafting the strategy came last year in the ndaa, and it had been over a decade since the u. S. Produced an International Strategy in this domain. Obviously things have changed tech landscape and the geopolitical and skip in the intervening geopolitical landscape in the intervening 10 years, 12 years. We have worked very hard to keep it from being an accretion, the typical Christmas Tree of little programs and initiatives and buzzwords. Instead, to make it an intellectual architecture and something that could help guide decisionmaking, policymaking, program formulation, implementation. It has got its guiding principle is the notion of digital solidarity, the idea that in the tech domain we are better off if we stick together with others who believe in it rightsrespecting future for technology, and that ecosystem, that operating system become one in the world that others can opt into. Within that kind of overall framework, there are Guiding Principles. One, again, recognizing the rationale for having this group here, its the full ecosystem. Previous strategies like this one talked about cybersecurity pretty narrowly defined. This strategy tries to make clear that you cannot talk about cybersecurity without talking bout the policy related to undersea cables and satellites and wireless networks, the influence of critical and emerging technologies like quantum computing and Artificial Intelligence. Another guiding principle here is it is anchored in affirmative revision. This strategy does not want a future that is characterized or defined by a balkanized internet. If that is the future we are moving towards, it is incumbent on us to offer a positive, affirmative, inclusive vision that as many people in the world can opt into. Graham one could be forgiven for calling this a cyber strategy, which a lot of the headlines around the rollout last week, we have a new cyber strategy, but incorporates all of these goes so far beyond that, to your point. I will turn to jen for a question on the actual cyber element of it, which is an International Strategy, and you work at the department of homeland security. How do you see the role in International Strategy, specifically on Critical Infrastructure and cybersecurity, kind of beyond that . How are you playing into the strategy . Jen well, thanks for having me here, and congratulations to nate for the rollout of the strategy and in particular for getting your secretary and Matthew Broderick at the rollout, stars of two of my favorite hacker movies, not just wargames, but Ferris Buellers day off. Cyber knows no boundaries, and everything we do as an agency is by and with partners, whether industry, state and local partners, academia, the research community, but importantly through International Partners. That is why having us here on this stage because we all have a role in defending and protecting cyberspace, which is inherently global and international, and that is why i was glad to be here even more to the point about Critical Infrastructure, before i was assistant director, i was at morgan stanley. You think about the interconnectivity, interdependence, and the vulnerabilities to our Critical Infrastructure, which also is very global. Morgan stanley, a u. S. Financial institution in 41 countries, i was the head of our resilience center, which had a locations around the world. Had 8 locations around the world. As a private Sector Company we had to be able to work with regulators around the world, and at the end of the day for Critical Infrastructure, the International Component is absolutely foundational, even at rsa, while nate was rolling out the cyber and digital strategy, i was meeting with our israeli counterpart, australian, part, south korean, canadians tonight, ukrainians tomorrow. Because we have to operate together with the divisibility of each of the different partners around the world who see cyberspace from their own perspective, we have to come together to connect the dots across the world so that we can understand that risk broadly and then drive down that risk to likeminded nations. International partnerships are foundational to everything we do as americas Cyber Defense agency. Graham i will turn to alan. How does ntia plate specifically on the industrial policy side . How does ntia play International Strategy . Alan thank you for having me as well, and congratulations to nate and the whole team at state for quarterbacking as strong articulation of strategy for us as a federal government approaching cyberspace and the digital will generally. Digital world generally. At ntia we are guided by the idea that we are Going TechnologyBuilding Technology in a way that makes peoples lives better, promotes human progress. So much of what we do almost everything we do in the policy space, we touched on in this strategy. Especially thinking about that. Approach to especially thinking about that fullstack approach to the issues in front of us, how do we build broadband infrastructure at home and around the world, how do we make sure we are doing good internet governance, how do we think about issues like privacy or ai policy, how do we think about Governance Principles generally for these technologies. All of that is work we are doing at ntia and is informed by and needs to inform our International Global strategy as well. Ill say also i think an Effective International policy can start with needs to start with a solid approach to domestic issues, and we have really worked in this administrate and this administration is really working to make sure we have a Solid Foundation at home on these issues. Ntia is in the process of administering 50 billion worth of funding to make sure we bridge the Digital Divide in this country and make sure everybody who doesnt have an Internet Connection can get one by the end of this decade. The work we are doing will make our country more resilient, but it also informs how we think about internet deployment around the world, how we can help other countries as they are going about the internet as a tool for development and deployment. Issues like that can issues like how do we make sure we are investing in the multistakeholder model, investing in good models of internet governance globally, are all part of how the approach domestically has to fit in with our approach globally. We are working in both spaces and it is great to have a strategy that articulates a good vision Going Forward. Graham two of the Common Threads i picked up throughout the strategy are this concept of making sure we have an affirmative revision and the strategy isnt just an articulation of a longest of things we stand against as a country, especially when it comes to tech policy, and are not tech policy is one thing, but something that increasingly touches on everything, as well as this need to bridge how we design, fund, and govern technology at home with how we show up in areas around the world, not just with partners, but in places around the world that might not be predisposed to agree with us on every single element of policy. This seems like a space where there is a lot of room for collaboration and communication. How does i want to come back to the thing that guides both of those things, this concept of digital solidarity. It seems like it is a conceptual retort, a statement of something we are for, to things like the systemic approaches from ccv or china as well as russia, authoritarian systems, their approach to the Way Technology is designed and governed and communicated with or engaged on around the world. You mind unpacking digital solidarity a little bit . Nathaniel so i think what is essential to recognize here is that one phrase you look at what is in and you can also like at its negative image, whats out. Something that is not in the strategy is the descriptor likeminded in these classifications of groups, because this is deliberately not an attempt to bifurcate, balkanize, or fragment the world. It is an attempt to provide, again, an affirmative vision, unifying set of principles around the rights respecting development, deployment, and use of technology that can bring others, the vast middle, the billions and billions of people in the world who do not live in states that always align with United States and do not live in states that necessarily have a strongly different conception of the future in every dimension. Digital solidarity is an alternative to the notion of digital sovereignty, which is something we are hearing more and more, including from some of our most likeminded i use that term deliberately there allies and partners. Digital sovereignty can be politically attractive. Many of us who work on these issues globally have concluded that it is often little more than a seductive mirage. Without ever undermining a states obligations to its citizens or totally appropriate notions of sovereignty, it tries to make sense of the reality that these issues are intrinsically crossborder, and that we do in the world today face a very different set of actors who have a very different view of what the role of technology in the world ought to be. As jen said, so much of what we are doing here in the United States actually is of great interest and value to partners. Offering up some of what csa has developed and what they do is on the top five list of things that we at the state department get requests for all the time. Alan meet the alland made the point that Foreign Policy can only be as strong as domestic policy. The approaches the United States it takes to things like broadband here at home directly underpin whatever moral authority or legitimacy we have out in the world to advocate for these principles. Graham so, there is one component cisa leads on, this pledge unsecured by design, which we are big nerds pledge on secure by design, which we are big nerds on at the Atlantic Council. Can you share about that effort and how it plays into your International Engagement . Jen i appreciate you self identifying as a nerd. I dont think you need to selfidentify. [laughter] i have known graham for many years. Let me make one point to what nate said. Nate and i recently traveled to ukraine together. One of the great things about taking that trip together going to ukraine and meetings afterward in poland was the optic of the top severed Technology Diplomat top severed Technology Diplomat top cyber Technology Diplomat leveraging instruments of power that showed our support for informationsharing, capacity building. It is a powerful symbol which, frankly, you wind the clock back to five years ago, there was no bureau of cyberspace and digital policy, there was no cisa. Some of the advancements that have been made i think are fundamentally helping to bring greater security and resilience to cyberspace. One of the big things we have been focused on at cisa over the past year is the idea of secure by design, which is a very International Concept going to the first principle of a resilient ecosystem. It really is a tremendous effort that is a tough one, frankly. I like to call it the secure by design revolution, because what we are trained to do, as folks what we are trying to do, as folks here know, is make up for decades and decades of technology being built with prioritization of speed to market and features, but not security prioritized. You go back to the days when the internet was first invented, and some of the folks involved, the pioneers, said themselves that security was never in our minds at that time. What we are trying to do is security by design, to put security at the very top of priorities among Technology Manufacturers and Software Producers to ensure that the products that we use every single day that underpin the Critical Infrastructure we rely upon every day are foremost safe and secure. At rsa we are really excited to have 68 of the worlds leading Software Producers and Technology Manufacturers sign on to this pledge that says they commit to the seven key areas of Building Security into their products. One might skeptically say, well, tha