With nearly 4 billion people around the world online, the internet is central to everything from social interactions to business to critical infrastructure, such as power plants. And it all has to be protected. That’s why the United States is leading a global effort to counter bad actors in cyberspace.

“America created the internet and shared it with the world,” President Trump writes in the National Cyber Strategy, released in September 2018. “Now, we must make sure to secure and preserve cyberspace for future generations.”

“Our goal is to deter malicious activity in cyberspace,” U.S. Deputy Secretary of State John Sullivan said at a session on cybersecurity at the United Nations in 2018. But it is a balancing act; the goal is to “confront cyber threats while maintaining the many benefits that free people and free nations have come to enjoy from the internet,” he said.

Protecting an ‘open, resilient’ cyberspace

While international discussions are ongoing, Sullivan called “on like-minded partners to join the United States to work together to hold states accountable for their malicious cyber activity.”

People seated around large conference table (State Dept.)
Deputy Secretary of State John Sullivan hosts the meeting on cybersecurity held during the U.N. General Assembly on September 28, 2018. (State Dept.)

Countries working together are going to be “imposing consequences for those who violate the norms that like-minded countries have adopted,” Sullivan said.

One norm for responsible state behavior, for example, is that nations don’t attack critical infrastructure serving the public, Robert Strayer, deputy assistant secretary of state for cyber and international communications and information policy, told reporters. He explained why the United States is working to build a global consensus on cyber strategy.

“We think it’s very important that nation states recognize these rules,” Strayer said. He noted that digital technologies are expected to add more than $1 trillion to global economic output, but that 75 percent of those gains could be put in jeopardy if cybersecurity threats are not addressed.

“We need to deter malicious behavior, and we will seek to do so by joining with other countries in attribution and the imposition of consequences,” he said.

A version of this article was previously published on October 16, 2018.