Cyber issues are global issues

President-elect Donald Trump has promised a thorough review of existing defenses and has publicly stated that improving cybersecurity would be an immediate and top priority for his administration. 

I commend the President-elect’s vow to address one of the biggest threats to our nation, but what he didn’t say out loud is that this issue needs to be discussed with the international community. Cyber threats don’t flinch at geopolitical borders; the U.S. can’t go it alone. Cyber issues are global issues, and therefore they need to be addressed among the broader international community.

{mosads}Having dialogues about cyber issues domestically is certainly nothing new. Events being held around our nation aim to convene policymakers and technologists to start the dialogue and build trust. But the discussion needs to ascend to the international level. Here are three areas where the U.S. should engage with the international community.

Artificial Intelligence

While many have discussed the benefits of artificial intelligence (AI) at length, in practice AI leads us to some very difficult societal challenges. For instance, using AI to personalize the consumer experience (think personalized deals based on how you shop) also raises valid privacy concerns.

Last October, international policy experts at the Carnegie Endowment for International Peace teamed up with technologists at Carnegie Mellon University to host the first session of the Carnegie Colloquium, a discussion of hard questions about the role of artificial intelligence in the consumer world and, to a more serious extent, the role of AI in military weaponry. Is there ever an instance where a human role isn’t necessary as autonomous weapons choose targets? While this event cultivated some necessary conversations around these topics, the event alone isn’t enough; there need to be more.

Internet Governance

This year marks a milestone in the Internet’s history with the transition of the Internet Assigned Numbers Authority function from the U.S. Department of Commerce to an international stakeholder body.

Meanwhile, a trend toward more data localization and other efforts to impose technological sovereignty continues worldwide, reshaping the Internet’s architecture at various layers.

This raises a big question: What does the future of Internet governance look like in a post IANA transition world? Policymakers, domestic and international, need to be ahead of this discussion.

Cyber Deterrence

During the Cold War, the increasing stockpile of nuclear weapons by the US and Russia led to the adoption of nuclear deterrence, policies that forestalled any enemy attack. Today, the increasing threat of cyber attacks necessitates a policy on cyber deterrence. The broader framework of deterrence includes deterrence by denial — making it physically and/or digitally difficult for an enemy to achieve their objective by securing the target. In the case of cyber threats, this involves making systems as secure as possible.

A unique aspect of this debate is determining and addressing the density of vulnerabilities in systems, and whether adversaries can exploit them. How can nations spot and fix vulnerabilities faster than an adversary? And how can nations build up and maintain enough cyber talent to monitor and secure these systems?

Today, the second session of the Carnegie Colloquium — held at Carnegie Mellon University in Pittsburgh — will foster discussions around these latter two areas. Experts from around the world will be debating questions about the future of the Internet, focusing on both the future of Internet governance and cyber deterrence. In the spirit of openness and inclusion, anyone with Internet access may watch this colloquium this Friday and participate in the discussion online. 

Finally, these kinds of discussions are immensely important, not just for the purposes of sharing international perspective, but also the melding of policy with technology. Oftentimes, technology is created without any input from policymakers. Policies are then enacted after the fact. On cyber issues, we need to be building policy into the technology, getting in on the ground floor instead of trying to retrofit. We need to be entangling policy and technology from the start.

As President-elect Trump sets his new administration and other nations look to increase their focus on cybersecurity and other technological issues, we hope that these discussions will better inform the ongoing thinking about how technology affects global society and diplomacy.

David Brumley is the director of CyLab, Carnegie Mellon University’s security and privacy institute.