Digital defense experts understand cooperation is essential in the fight against cybercrime. We are all citizens of the World Wide Web, after all. But what if the United States wanted to partner on cybersecurity with a known state cyber attacker like Russia or China? Would this be in America's best interest, or would it be a grave mistake?
Below CyberPolicy examines the possibility of a U.S.-Russia cybersecurity deal, some of the criticisms of the proposal and what it could mean for the future. Of course, your company also needs to develop a cybersecurity policy to combat online threats - visit CyberPolicy for your free insurance quote.
The idea to work with Russia on cybersecurity came in July after the Group of 20 summit in Germany, where Donald Trump met with Vladimir Putin.
According to the Hill, Secretary of State Rex Tillerson and Russian Foreign Minister Sergey Lavrov both indicated the countries would focus on cybersecurity; although their statements about the meeting described slightly different terms.
"The two leaders also acknowledge the challenges of cyber threats and interference in the democratic processes of the United States and other countries, and agreed to explore creating a framework around which the two countries can work together to better understand how to deal with these cyber threats," Tillerson said.
Unsurprisingly, the idea has been met with resistance from liberals and conservatives leery of cooperating with a foreign adversary who, according to every U.S. intelligence agency, worked to influence the 2016 election through hacking and distribution of fake news.
"If the Russians want to coordinate with us on cybersecurity, it's likely an operation to do intelligence gathering," says Jim Townsend, former Deputy Assistant Secretary of Defense for Europe and NATO, who is currently an adjunct fellow at the Center for a New American Security. "Usually when Russians make an offer to the U.S. these days, it's not because they like us."
Senator Lindsey Graham was a little more blunt, saying, "It's not the dumbest idea I have ever heard but it's pretty close."
Oddly enough, Trump seemed to backtrack on the idea via Twitter only hours after promoting it. "The fact that President Putin and I discussed a Cyber Security unit doesn't mean I think it can happen. It can't," he wrote.
The U.S. has since approved sanctions on Russia with overwhelming bipartisan support in Congress. However, since the current administration has proven itself prone to quick reversals, it is at least prudent to examine the possibility of a U.S.-Russia plan.
"If the administration is set on talking to Russia about cybersecurity, however, we could consider engaging in carefully limited cybersecurity talks , strategically focused on our national interests and with a clear-eyed understanding that Russia is not our ally," says Suzanne Spaulding, a former undersecretary for cybersecurity and critical infrastructure protection in the Department of Homeland Security from 2013 to 2016.
Spaulding goes on to say the Obama administration was successful in its efforts to engage China in cybersecurity talks upon discovering state-sponsored hackers were spying on and interfering with private U.S. businesses. This was achieved through a firm stance against digital incursion and an ongoing dialogue between the nations.
Nevertheless, Spaulding believes the Trump administration won't take a robust stand against Russian interference without "more pressure from all sides."
But while the possibility of a new international cybersecurity deal is still up in the air, private businesses ought to take a strong stance on their own cybersecurity policies. Start by investing in a cyber insurance policy to protect your organization by visiting CyberPolicy today!