Strategy reflects heightened cyberthreat

It has been nearly five years since the White House last sent a National Security Strategy to Congress. Like the 2010 document, the strategy released late last week identifies cybersecurity as a pressing national security concern. It also reflects a cyberthreat landscape that has intensified in the past half-decade.

"The danger of disruptive and even destructive cyberattack is growing," the strategy warns in an overview of acute security threats to the United States. An increase in digital interconnectedness has brought with it vulnerabilities in cyberspace, the document states.

The strategy articulates the close relationship between American prosperity and a secure digital economy and vows to continue to defend critical infrastructure "against all hazards, especially cyber espionage and attack." Unlike its 2010 antecedent, the 2015 strategy accuses the Chinese government of conducting cyber espionage for trade secrets.

The new document expands on the 2010 strategy's discussion of the U.S. role in developing international norms in cyberspace, arguing that as the "birthplace of the Internet," the United States has a "special responsibility to lead a networked world." The document pledges to help other countries craft laws to defend against cyberthreats coming from their infrastructure.

In 2011, the Obama administration created a new position at the State Department for promoting international dialogue on cybersecurity issues. As State's coordinator for cyber issues, Christopher Painter has been charged with, among other things, convincing Chinese diplomats of the virtues of developing norms in cyberspace.

Another way U.S. cybersecurity policy is being exported is through the promotion of the cyber risk framework developed by the National Institute of Standards and Technology in places as far-flung as Tel Aviv and Tokyo.

Signals of intent

The new National Security Strategy is one of several recent indicators of the White House's intent to strengthen cybersecurity policies.

"No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets or invade the privacy of American families, especially our kids," President Barack Obama declared in his State of the Union address last month.

Obama wants Congress to back up those words with money. The president's fiscal 2016 budget request includes $14 billion for cybersecurity, about a 10 percent increase from 2015 funding.

Obama's recent speech also included a call for Congress to pass cybersecurity legislation. Last week, the president's principal cybersecurity adviser, Michael Daniel, expressed optimism that Congress and the White House could find common ground on an information-sharing bill.

Furthermore, on Feb. 13 Obama will reportedly announce fresh executive action to encourage information sharing between the Department of Homeland Security and the private sector.