As U.S. diplomats seek to elevate issues such as Internet freedom and cybersecurity in their talks with foreign counterparts, they have a tough balance to strike.
While State Department officials say that online censorship, surveillance and other Internet-related human rights concerns are a mainstay on their diplomatic agenda when dealing with repressive regimes, there is a fine line to walk between asserting core values such as freedom of speech and religion without sacrificing progress on a number of other cyber issues where common ground is easier to find, according to Howard Schmidt, who recently stepped down as White House cybersecurity coordinator.
Speaking at Gartner's annual security and risk management summit, Schmidt warned against allowing the perfect to be the enemy of the good in cybersecurity talks with foreign nations, "because people just fundamentally don't agree."
"Things that we fundamentally believe in," Schmidt said, "other countries say, 'Well, not so fast. That undermines our society.' And while we disagree, and we disagree vehemently about some of those things, we still don't want to focus our energy and time on the things we don't agree on. Let's look for the things we can agree on internationally."
That becomes especially important in talks with major powers such as Russia and China, which have checkered histories of using the Internet to squelch opposition, but with whom the United States maintains important, if fragile, strategic and economic relationships.
In his time at the White House, Schmidt said that he worked hard to improve relations with Russia, seeking to engender a level of transparency and mutual confidence that could lower the risk of a potentially disastrous cyberattack.
"We don't want to wind up in sort of a cyber Cold War," he said. "If we're not talking, there's always a lot of room for worse things to take place."
At the top of that list of concerns is the prospect of a major attack that could disrupt a large swath of critical infrastructure, such as electricity grids, water systems or telecommunications networks.
While the Cold War watchwords "mutually assured destruction" are an imperfect analogy -- a cyber assault on critical infrastructure hardly carries the same threat to human life as a nuclear attack -- Schmidt is concerned that a similar dynamic of escalating attacks and counterattacks could take hold in the cyber realm.
"Many of us for years have been worried about the mutually assured disruption. Forget about the destruction," he said.
Global Cybersecurity Strategy
Navigating cybersecurity issues on a global scale is a formidable task, and the U.S. government has been incrementally advancing its set of policies since the Clinton administration. For all the novelties of the Internet age, the encouraging news is that many of the issues in play such as human rights and protocols for self-defense are already codified in international laws and conventions. In addition, more than two dozen nations have ratified the Budapest Convention on Cybercrime, which took effect in 2004.
Sign up for CIO Asia eNewsletters.