State Department to Open New Cybersecurity-centric Bureau

WASHINGTON, DC – JUNE 09:  A view of the State Department seal on the podium before Romanian President Klaus Iohannis and U.S. Secretary of State Rex Tillerson appear for a photo opportunity at the State Department, June 9, 2017 in Washington, DC. Iohannis is also scheduled to meet with President Donald Trump on Friday afternoon. (Photo by Dr...

The State Department plans to open a new bureau focused squarely on cybersecurity policy, in a clear nod to the danger of cyber threats worldwide, officials said.

The Bureau of Cyberspace and Digital Policy will be headed by a Senate-confirmed ambassador-at-large and a special envoy will be appointed for critical and emerging technology, officials said. The envoy will focus on international cyberspace security, international digital policy and digital freedom, a State Department official said. Deputy Secretary of State Wendy Sherman will oversee both positions in the cyber bureau’s first year. At this point, neither role has been filled.

Secretary of State Antony Blinken in a memo said that an agency audit prompted the organizational changes to “adapt to 21st-century challenges.” A revamped structure will “provide us with greater leadership and accountability to drive the diplomatic agenda within the inter-agency and abroad," Blinken wrote in the memo.

Blinkin is expected to offer additional details in a speech Wednesday at the Foreign Service Institute, the State Department's training center in Washington, D.C.

The State Department’s cyber bureau arrives as the federal government is taking a greater role to combat destructive and costly cybersecurity attacks mostly launched by nation-state sponsored operatives linked to Russia and China. Ransomware victims shoveled nearly $600 million to cyber hijackers in the first six months of 2021, further stamping cyber extortionists as a serious threat to the U.S. financial, business and public sectors, according to a newly released Treasury Department report.

Last May, the Justice Department launched a review of its strategy for defending the nation against increasingly sophisticated and deceptive cybersecurity attacks. And the agency has just launched a new action to slap hefty fines on government contractors, including MSSPs and MSPs, that fail to report a cybersecurity incident.

Of late, Congress has shown more willingness to introduce cybersecurity-centric bills, most recently a trifecta of measures intended to safeguard telecommunications and the Department of Homeland Security’s supply chain.

Earlier this week, Microsoft said the Nobelium hackers, the same Russian syndicate that pulled off the devastating SolarWinds attack that hit nine federal agencies and dozens of businesses, has launched a new offensive targeting at least 140 resellers and technology service providers since May 2021.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.