Sen. Angus King (I-Maine), co-chair of the Cyberspace Solarium Commission, is urging the Senate to pass the Cyber Diplomacy Act, one of the key recommendations his commission has been pushing for as part of its strategic approach to defend the U.S. against cyberattacks.
King said although key components of the act have been implemented, including establishing a cyber bureau within the State Department and confirming an ambassador-at-large to lead it, the bill itself has yet to pass the Senate.
“I think the biggest missing piece right now is almost done, and that is the Cyber Diplomacy Act,” King said.
King made his remarks on Wednesday during an event hosted by the Foundation for Defense of Democracies where they discussed the state of U.S. cyber policy. King was joined by Rep. Mike Gallagher (R-Wis.), who also co-chairs the commission, and the panel’s moderator Tim Starks, author of The Washington Post’s Cybersecurity 202 newsletter.
The Cyber Diplomacy Act passed the House last year and is now sitting in the Senate Foreign Relations Committee awaiting a vote.
The legislation would help the new cyber bureau get its footing in the State Department and establish how it will be funded as the office expands over time.
The bureau, which was launched in April, was established to deal with international issues related to cyber and emerging technologies. It has three policy units: international cyberspace security, digital freedom, and international information and communications policy.
Last week, the Senate unanimously confirmed Nathaniel Fick to head the bureau, making him the first-ever cyber ambassador-at-large to lead it.
Fick, a former Marine, said during his confirmation hearing last month that he would establish a culture within the bureau and the entire agency in which expertise in cyber and digital technologies is a must. He also promised to focus on foreign threats, including Russian cyberattacks and the U.S.’s digital competition with China.
The event also coincided with the commission’s release of its second annual report on cyber implementation.
The report outlined some of the progress the federal government has made over the past two years based on the commission’s recommendations.
It noted a few accomplishments, including the increase in funding for the Cybersecurity and Infrastructure Security Agency; the passage of the Cyber Incident Reporting Act, which requires companies in critical sectors to report cyberattacks and ransomware incidents to the government; and the establishment of the Office of the National Cyber Director at the White House, which helps lead and coordinate cybersecurity strategy and policy implementation across the government.
The report also mentioned that of the 82 original recommendations the commission developed in 2020, nearly 60 percent of them are “fully implemented or nearing implementation, and more than 25 percent are on track to implementation.”
“Even as we issue this progress report, we know that assessing implementation is not enough,” King and Gallagher wrote in the report.
“We urge readers to consider this report as a mid-course check, laying a path for the many stakeholders in government and industry charged with a task that we cannot afford to fail — protecting our national cybersecurity,” they added.