A global Internet. Russo-American relations in cyberspace. Responsibilities of "super large platforms." Critical Infrastructure Security and Resilience Month.

Summary

By the CyberWire staff

At a glance.

International versus national Internets.
Russo-American relations in cyberspace.
Responsibilities of "super large platforms as seen from Beijing.
Critical Infrastructure Security and Resilience Month.

Have world leaders forgotten about techno-globalism?

On the heels of the inaugural meeting of the Quadrilateral Security Dialogue, or the Quad, where representatives from Australia, India, Japan, and the US discussed the merits of an “open, accessible, and secure technology ecosystem,” Foreign Affairs wonders whether world leaders have lost sight of the pursuit of true techno-globalism. In the early days of the internet, many diplomats and technology experts saw the web as a means for spreading digital connectivity across the world. However, as governments became more aware of the web’s potential for malicious activity, lines have been drawn in the sand in order to defend their systems and assets against attack. Foreign Affairs argues that dividing the internet is costly, impractical, and can never truly eliminate the risks inherent in a digital world, and that world leaders must return to a global mindset to maximize the potential of digital community.

The US focuses on resilience while engaging with the Kremlin.

On Thursday the White House released a statement from the Office of the National Cyber Director outlining the office’s strategies for defending the nation against cyberthreats. As The Hill explains, top priorities include prioritizing federal cybersecurity efforts, improving coordination between the public and private sectors, and maximizing resources and resilience efforts. “It’s really a statement of what we intend to be held accountable for, contributions we intend to make that complement what the National Security Council does, what the Office of Management and Budget does, the sector risk management agencies, and so on and so forth,” explained National Cyber Director Chris Inglis, who was confirmed to the role in June. Inglis also announced that Chris DeRusha, Federal Chief Information Security Officer (CISO) would simultaneously fill the role of deputy national cyber director for federal cybersecurity.

CSO Online offers an update on what the Biden administration has accomplished so far since his May cybersecurity executive order, or EO 14028. Of the forty-six directives given to several federal agencies, at least nineteen have been completed, though some agencies, like the National Security Agency, have not commented on their progress.

Meanwhile, the New York Times reports that a June meeting between President Biden and Russian President Vladimir Putin set off a series of conversations between the two leaders as they seek to find a path toward cooperation. Officials say that the meetings have not yet led to much action, but the communication is intended to curb tensions between the two countries, recently punctuated by several cyberattacks originating from Russia and retaliation in the form of sanctions from the White House. Anne Neuberger, the US’s top adviser for cyber and emerging technologies, conducted several virtual meetings with the Kremlin, and the US has given Russia the names of several threat actors targeting the US in the hopes that Putin will take action.

With great power…

In its new draft guidelines, China’s State Administration for Market Regulations (SAMR) has established a fresh designation for bigger internet companies: the “super large platforms.” The Record by Recorded Future reports the term will refer to any business with more than 500 million annual users, 1 trillion RMB ($16 billion) market capitalization, and provides two or more services. The SAMR says these super-sized platforms have super-sized responsibility in the digital work, and as such will be subjected to regular monitoring to ensure they compete fairly and maximize their data security.

President Biden dedicates November to critical infrastructure security.

The White House announced that November 2021 will be Critical Infrastructure Security and Resilience Month, a time to focus on safeguarding the country’s infrastructure threats, including those of the digital variety. Recent cyberattacks impacting critical services like the US's natural gas pipelines and transportation systems have made it clear that strengthening the country’s cybersecurity is essential. “The threats against our critical infrastructure are increasingly complex and nuanced, and we all must be prepared to better protect ourselves from malicious actors threatening our cyber and physical security,” the proclamation states.

Selected Reading

The Fall and Rise of Techno-Globalism (Foreign Affairs) Democracies should not let the dream of the open Internet die.

WSJ News Exclusive | Left Behind After U.S. Withdrawal, Some Former Afghan Spies and Soldiers Turn to Islamic State (Wall Street Journal) Hunted by the Taliban and lacking income, some members of Afghanistan’s disbanded security forces are enlisting in the only force currently challenging the country’s new rules.

China's personal data protection law kicks in today (ZDNet) Passed in August, the Personal Information Protection Law takes effect on November 1, spelling out rules around data collection, use, and storage, as well as what international companies must do when they transfer data out of the country.

China proposes special rules for “super large” internet platforms (The Record by Recorded Future) China’s State Administration for Market Regulations (SAMR) has created a new category for Chinese internet companies: the “super large platform” and, the agency made clear in new guidelines, such designations come with great responsibility.

Rivals on World Stage, Russia and U.S. Quietly Seek Areas of Accord (New York Times) There have been a series of beneath-the-surface meetings between the two countries as the Biden administration applies a more sober approach to relations with the Kremlin.

Biden administration officials outline steps to tackle urgent cyber threats (TheHill) Top Biden administration officials on Thursday outlined steps taken to confront the increase in cyber threats against the nation, including through strengthening key critical infrastructure groups.

A Proclamation on Critical Infrastructure Security and Resilience Month, 2021 | The White House (The White House) For generations, American infrastructure -- from the Erie Canal and the Transcontinental Railroad to the Hoover Dam -- has been a cornerstone of our

Biden’s cybersecurity executive order, a progress report (CSO Online) Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

Infrastructure Bill’s Broadband Plan Shrouded From Scrutiny (Wall Street Journal) A provision of Congress’s $42 billion plan to expand broadband into underserved areas could exempt it from Freedom of Information and Privacy Acts.

Bacon bill seeks to sharpen federal response to cyberattacks (Ripon Advance) U.S. Rep. Don Bacon (R-NE) introduced a bill last week that would require a review of the U.S. Department of Homeland Security’s (DHS) cyberattack response plans, following high-profile ransomware attacks earlier this year on major energy and food companies.

Australia should invest in a home-grown quantum industry (The Strategist) The recently announced AUKUS technology-sharing pact is about much more than the United Kingdom and United States helping Australia get nuclear-powered submarines; it is an agreement to share platforms and innovation costs for advanced technologies ...

Britain Leads the Way for Reining In Facebook, Twitter, YouTube (Bloomberg) The U.K. is wrapping up one of the world’s most promising new laws for curbing social media harms.