By creating the Bureau of Cyberspace and Digital Policy (CDP), the State Department is better positioned to achieve its cyber diplomacy goals, a new report from the Government Accountability Office (GAO) says.
CDP was established in 2022 to consolidate the State Department’s efforts and leadership of cyber-related activities into a single unit. According to GAO, this has raised the profile of cyberspace as a diplomatic platform and increased awareness of cyber issues within the department.
“This better positions State to advance U.S. goals, such as maintaining a free, reliable, and secure internet via international partnerships,” GAO’s Jan. 11 report says.
The State Department consolidated its efforts and leadership of cyberspace-related activities into CDP in April 2022 – a single unit led by an Ambassador-at-Large. Previously, several entities within the agency shared responsibility for cyber diplomacy.
“GAO found that this change has helped to better position State to achieve its cyber diplomacy goals,” the watchdog says. “For example, CDP’s ambassador level leadership has enabled engagement with higher levels of foreign government officials and raised the U.S. profile on cyber globally.”
The report highlights that CDP’s partnership-building activities align with the goals of the 2023 National Cybersecurity Strategy, which outlined the need to develop a global coalition of nations to enforce cyber norms that are in line with U.S. values.
Although the 38-page GAO report largely praised CDP’s cyber diplomacy efforts, it noted that the State Department still needs to address some bureau-specific challenges, including when it comes to “clarifying roles and hiring staff.”
“State officials said that although responsibilities for cyber issues are defined under the new structure, roles remain deliberately shared and complementary department-wide, so clarification is an ongoing challenge,” GAO said.
However, CDP officials identified steps that they are taking to address them, the GAO report notes. To address current skill gaps, CDP implemented a knowledge sharing program on areas of expertise including international cybersecurity partnership initiatives, information and communications policy work, digital freedom policy work, interagency coordination, foreign assistance work, and multilateral engagements.
CDP also established a cyber and digital policy officer course at the State Department’s Foreign Service Institute and is working to provide the content on-demand virtually to make it easily accessible and available to staff worldwide. The CDP head – Ambassador Nathaniel Fick – has said that his goal is to ensure there is a trained Cyber and Digital Policy Officer at every embassy by the end of 2024.
To address hiring needs, CDP also is working to develop partnerships with industry, academia, and other agencies to create a talent pipeline, GAO said.