The National Cybersecurity Strategy of the United States and Its Global Impact

Huangfu Zhenhui PhD in Politics Postgraduate student; Department of International Security; Lomonosov Moscow State University 119234, Russia, Moscow, Leninskie gory str., 1 hfstudy@yandex.ru

The U.S. cybersecurity strategy has gone through many stages of development since the birth of the Internet, each of which significantly reflects the impact of technological progress, the global political environment and internal political debates. During the Clinton administration (1993-2001), cybersecurity policy was largely unregulated and market-oriented. In 1997, the Clinton administration adopted the "Fundamentals of Global E-Commerce"^[1], emphasizing support for freedom of technology and innovation, which contributed to the commercialization of the Internet and the rapid development of technology, but also exposed shortcomings in the field of cybersecurity.

Since the beginning of the 21st century, the importance of cybersecurity has gradually increased. After the terrorist attacks of September 11, 2001, the Bush administration immediately responded by developing in 2003 the "National Cyberspace Security Strategy"^[2], which for the first time incorporated cybersecurity into the national security architecture of the United States, symbolizing the transition from market management to state intervention. In fact, this is the first strategic initiative that defines the need to coordinate and centralize the efforts of all federal agencies to protect the national information space ^[3]. This document, as well as other goals, indicate the need to strengthen coordination between the US Department of Defense and national intelligence services in the field of countering cyber threats. Despite the beginning of the creation of more structured defense measures, the focus was still on the role of the market.

During the presidency of Barack Obama (2009-2017), no new cybersecurity strategy was developed in the form of a formalized document, but the administration actively sought to strengthen cooperation with the private sector, especially paying attention to the exchange of information about cyber threats. This was part of efforts to create a flexible and effective system of protection against cyber attacks that could cause significant damage to the economy and social structure of the country ^[4]. The significance of these efforts was particularly highlighted by the cyberattack on Sony Pictures in 2013, carried out by North Korea in response to the planned release of a film mocking its leader. The attack led to a large-scale leak of confidential information, including personal data of employees, internal correspondence and unpublished films, which seriously affected the reputation and finances of the company. The cyberattack on Sony Pictures revealed significant vulnerabilities in the information infrastructure protection system of large corporations and confirmed the need to strengthen national and corporate cybersecurity ^[5]. The Obama administration's attempts to tighten protections, including by legislating mandatory standards for critical infrastructure, were resisted in Congress due to pressure from the private sector and concerns about possible financial costs and limited corporate autonomy ^[6]. In response, the Obama administration has focused its efforts on developing voluntary partnerships between the state and the private sector, continuing to support innovations in cybersecurity technologies and strengthening coordination of cyber threat responses at the national level, in particular through structures such as the National Center for Cybersecurity and Communications Integration (NCCIC) and other government agencies.

During the Trump administration (2017-2021), its 2018 "National Cybersecurity Strategy" emphasized active defense and offensive actions in cyberspace, emphasizing a strategic shift from a predominantly defensive position to a more aggressive and proactive role in cybersecurity ^[7]. This approach made it possible not only to respond to threats, but also to prevent them, strengthening national and international security through strategically organized cyber operations. There have been significant changes in cybersecurity policy within the Trump administration, including the suspension of the cybersecurity dialogue between China and the United States, which was related to accusations of cyber espionage and unfair competition against China. Additionally, pressure has been increased on Chinese Internet companies, including large firms such as Huawei and ZTE, which have faced sanctions and restrictions based on accusations of a threat to national security. These actions led to a certain retreat of the United States from its previously held leading positions in the global cyberspace management system. This approach contributed to the emergence of new challenges in cyberspace for the subsequent Biden administration, which had to solve problems related to restoring international cooperation and trust, as well as reforming cybersecurity policies to adapt to new global challenges and threats. The Trump administration also actively used cyberspace to advance national interests, which meant using cyber capabilities not only to protect, but also to achieve US strategic goals in the international arena. This included the use of cyber operations as a tool of political pressure and protection of economic interests, emphasizing the role of cybersecurity as an important element of the national security strategy.

The Biden administration (2021-present) has made a notable overhaul of cybersecurity policy. In May 2021, in response to the incident with the SolarWinds attack, Microsoft Exchange and the Colonial Pipeline fuel pipeline, an "Administrative Order on Cybersecurity" was issued, requiring increased protection of critical infrastructure and the creation of a Cybersecurity Review Commission. In March 2023, the published National Cybersecurity Strategy included regulation in key national security positions for the first time, marking a significant turnaround in American cybersecurity strategy. These strategic adjustments and policy evolution not only reflect the maturity of U.S. views on cybersecurity, but also demonstrate the profound impact of technological progress and the international political and economic environment on the national cybersecurity strategy.

The Biden administration's New Cybersecurity Strategy

Due to the rapid development of digital technologies and the increase in cybersecurity threats, the US government has taken a number of innovative measures to counter these challenges. On May 12, 2021, US President Biden signed an executive order on cybersecurity and protection of the federal government's networks from cyber attacks ^[8], which marks a significant turn in the US cybersecurity strategy. This order requires all IT service providers to notify the government of any potential cyberattacks, which ensures a timely response and appropriate action by the state. In addition, the order provides for the creation of a Cybersecurity Review Committee, consisting of experts from the public and private sectors, whose task is to analyze incidents of network attacks and propose measures to protect against future attacks, which is aimed at strengthening cyber defense through collective efforts and resource sharing.

Following this order, on March 2, 2023, the Biden administration released the "National Cybersecurity Strategy" ^[9], which further strengthens the cybersecurity management framework, moving away from the traditional model based on voluntary self-regulation of market actors and emphasis on cooperation between the public and private sectors and information exchange. The new strategy clearly integrates "regulation" into important aspects of national security, emphasizing the government's leading role in cybersecurity, especially in protecting critical infrastructure and key areas of national importance. In addition, the strategy redistributes cybersecurity responsibilities, clarifying the roles and responsibilities of all participants in maintaining cybersecurity, thereby strengthening the systemic foundation of cybersecurity. These policies have not only changed the way cybersecurity is managed within the United States, but have also had a profound impact on the rules governing cyberspace at the global level. By introducing stricter regulatory measures and reallocating responsibilities, the United States seeks to promote a more secure and defensive global network environment. This turn in strategy is an important addition to the previous approach based on solving cybersecurity problems by market forces, and demonstrates the need for government intervention and international cooperation in the face of increasingly complex cybersecurity challenges.

The Biden administration's "National Cybersecurity Strategy" is aimed at creating a more secure and sustainable digital ecosystem. The strategy strengthens investments in cyber infrastructure, strengthens partnerships with the private sector and increases oversight of key sectors, especially emphasizing accountability mechanisms for companies that fail to meet security obligations. The central goal of the strategy is to create a "digital ecosystem with a higher level of internal protection, sustainability and consistent with American values." In the strategy, the emphasis on "protection" implies strengthening cybersecurity measures at all stages of design and operation, which makes the cost of an attack significantly higher than the cost of protection, effectively transferring control from attackers to defenders. "Resilience" refers to the ability of network systems to recover quickly from failures and prevent catastrophic consequences, ensuring that cyber incidents do not have a systemic impact on the real world. In addition, the "values" in the strategy mean that the digital ecosystem must reflect the values of its creators and users, with clear observance of the basic democratic principles of the United States in the process of its creation.

To achieve these goals, the Biden administration's strategy focuses not only on domestic policy reform, but also actively seeks international cooperation, especially in the fight against transnational cybercrime and strengthening global cyberspace governance. The United States, together with allies such as the European Union and NATO, is committed to creating international standards and sharing best practices. This is aimed at increasing the level of cybersecurity at the global level, strengthening cooperation with allies, promoting the unification of global cybersecurity standards, which will allow us to jointly confront digital challenges and threats. Through this comprehensive strategy, the Biden administration demonstrates awareness of new cybersecurity challenges and readiness to overcome them, seeking to increase protection and resilience to ensure the ability of the United States and its global partners to cope with the increasing complexity of cyber attacks, while maintaining the stability of national and global cybersecurity.

Rethinking responsibilities and incentives within the framework of the “National Cybersecurity Strategy”

The United States has long relied on a cybersecurity management model based on market principles and industry autonomy, which often placed the burden of responsibility on end users, small businesses and local authorities, who usually do not have the necessary professional skills and resources, making them powerless in the face of increasingly complex cyber threats. In this regard, a systemic restructuring of roles, responsibilities and resources in cyberspace is urgently required.

The Biden government, recognizing this problem, has released a "National Cybersecurity Strategy" that proposes two fundamental changes. The strategy advocates the reallocation of cybersecurity responsibilities from individual users, small businesses, and local authorities to the best-positioned digital ecosystem managers, such as the federal government and Internet service providers. The Federal Government is particularly tasked with protecting its own network systems and critical infrastructure, as well as using its key functions, including diplomacy, intelligence, economic sanctions, law enforcement, and operations to effectively counter cyber threats ^[10]. Critical infrastructure owners and operators, hardware manufacturers, software developers, service providers and other key stakeholders will also have greater responsibility for cybersecurity.

The strategy also focuses on reviewing incentive mechanisms to encourage long-term investments. The government encourages network defenders to make long-term decisions rather than depend on temporary fixes by offering financial support, tax breaks and other forms of incentives to fundamentally strengthen cyber defenses. These measures reform the distribution of cybersecurity responsibilities and introduce new incentive mechanisms aimed at ensuring the stability and security of cyberspace. This strategy represents a modern application of the Western "social contract" theory, defining the responsibilities and rights of all parties, thereby creating a more equitable and effective cybersecurity management model. This approach is expected to have a significant impact on cybersecurity in the United States and around the world.

The U.S. Cybersecurity and Infrastructure Protection Agency (CISA) is a key element of the national cybersecurity architecture responsible for coordinating and strengthening cybersecurity and infrastructure protection across the country. In further implementation of the "National Cybersecurity Strategy" ^[11], published in March 2023, CISA announced a three-year "Strategic Plan for Cybersecurity for Fiscal Years 2024-2026", published on August 4, 2023. This plan defines three long-term goals aimed at improving U.S. cyber defense and advancing the entire national network environment towards greater security and resilience.

As part of the goal of "Eliminating immediate threats," CISA plans to work with internal and external partners to jointly counter network intrusions and destructive actions directed against the United States. The strategy includes active surveillance and protective measures, as well as harassment and interference in the activities of potential dangerous actors. This goal will be achieved through enhanced intelligence sharing, faster and more effective incident response, and joint operations to suppress or eliminate threats to American network infrastructure.

The Strengthening Landscape goal aims to reduce the possibility of disruptive network intrusions by promoting, supporting, and evaluating effective security and sustainability practices. CISA will develop and promote rigorous security standards and best practices, helping public and private organizations improve their cyber defense capabilities. This includes strengthening the security of critical infrastructure, strengthening data protection measures, and improving the ability of network systems to respond and recover.

The goal of "Promoting Security Scaling" considers cybersecurity as a major security issue, prioritizing the implementation of security measures at the product design stage. CISA will work with technology companies, manufacturers and designers to integrate protective features and measures into new products and services from the very beginning. This is aimed at moving the entire industry towards safer and more reliable development, minimizing vulnerabilities and risks at the initial level.

The implementation of these strategic goals will allow CISA to actively and keyly participate in ensuring national cybersecurity and improving the sustainability of infrastructure. These measures will help the United States create a safer, more resilient and adaptive digital environment, providing solid protection for national security.

Implementation of the zero trust model and its impact on international security

Against the background of the rapid development of digital technologies, the implementation of the zero trust model in the field of cybersecurity has a profound impact on the international situation. This strategy plays a key role in increasing the complexity and cost of strategic military and network security interactions. The zero-trust model, by strengthening authentication and access control, effectively protects key military communications and data, ensuring that transmitted information is protected from theft or distortion, thereby maintaining the global technological superiority of the United States and its allies.

The Memorandum for the Heads of Executive Departments and Agencies of the United States ^[12] dated January 28, 2022 describes in detail the decision of the US government to switch to a zero-trust architecture (ZTA) to enhance cybersecurity. As President Biden emphasized in Executive Order 14028, "incremental improvement cannot provide the necessary security; on the contrary, the federal government needs bold changes and significant investments to protect critical institutions that support the American way of life." The federal government's policy of moving to a zero-trust architecture and taking advantage of cloud infrastructure ensures that all federal agencies achieve the minimum security standards set by the government. The zero trust model follows the principle of "never trust, always verify", applying strict authentication and authorization measures for both internal and external users, ensuring a high level of security. This approach revolutionizes the level of cybersecurity, especially in protecting sensitive military communications and data. The March 2024 report on the state of cybersecurity in the United States ^[13] once again highlights the need for the United States to implement a zero-trust model to respond to increasing cyber threats. This strategic change stimulates the development of the international network management system towards a more rigorous and systematic organization. The establishment of new cybersecurity standards provides the international community with a role model that can guide the efforts of the international community towards more coherent and unified network management, especially in areas such as authentication, data protection and cross-border data flow.

At the same time, as global dependence on digital technologies, especially artificial intelligence, increases, countries are increasing investments in cybersecurity and gradually forming unique management regimes. The European Union focuses on "digital sovereignty" and "privacy protection" by regulating data processing and privacy protection standards in accordance with the General Data Protection Regulation (GDPR). China and Russia view cybersecurity as an extension of state sovereignty, prioritizing information security and government control over the Internet, implementing strict censorship and data localization policies to protect national security and public stability. The US has traditionally followed a market-oriented cybersecurity management model, focusing on technological innovations and industry-leading solutions, but also gradually increasing government intervention in the field of cybersecurity.

In general, global trends in cybersecurity management are moving from a single model to multi-level cooperation and competition. The implementation of the zero-trust model is expected to trigger a chain reaction at the global level, stimulating the development of technology, politics and international relations, directing the international environment to greater complexity and diversity. The changes in U.S. cybersecurity policy are aimed at working with the international community to create a united front against global cyber threats, improve cybersecurity both at home and abroad, and maintain a leading position in a rapidly changing global environment.

China-Russia cooperation in the field of cybersecurity: strategic complement and international influence

In the context of the modern development of international relations, where cooperation and competition form an inseparable dichotomy, especially against the background of deepening digitalization and globalization, cybersecurity is becoming a key area in the global political arena, affecting the most important aspects of national security and international cooperation. Recently, cooperation between China and Russia in this critical area has deepened, demonstrating the strategic complementarity of the two countries in countering cyber threats. According to Artur Lukmanov, Head of the International Information Security Department of the Russian Foreign Ministry, cooperation is not limited to the bilateral level, but also includes joint positions and actions in multilateral forums.

The cooperation between China and Russia in the field of cybersecurity covers several aspects: first, the two countries strengthen their capabilities to counter cyber threats through the exchange of information and intelligence on cyber threats, including malware, cyberattack models and activity within the framework of advanced persistent threats (APT). Secondly, the parties cooperate in the field of technology and strategic development, jointly developing cybersecurity solutions and security systems, which improves their ability to protect their networks while resisting certain technological sanctions or restrictions from Western countries. In addition, China and Russia are promoting cybersecurity laws and policies in international Internet governance that meet their interests, strengthening State control over national cyberspace, especially advocating for the rights of developing countries to Internet autonomy within international organizations. Joint training and exercises are also being conducted to enhance the ability to respond to cyber incidents and strengthen the professional skills and mutual trust of technical specialists from both countries. Finally, in response to the strategies and actions of the United States and its allies in cyberspace, China and Russia are exploring cooperation in the field of cyber defense and counter-strategies, forming a joint front to counter Western supremacy on the web.

These areas of cooperation not only provide important support to the national security of both countries, but also have a profound impact on the global cybersecurity environment. Through this strategic partnership, China and Russia are strengthening their positions and influence in global cybersecurity governance, emphasizing that cybersecurity will continue to be an important area of cooperation and competition in future international relations. This trend indicates that cybersecurity management in the world is developing towards greater diversity and complexity, and countries need to look for opportunities for cooperation and mutual benefit, while protecting their own interests.

***

In the process of rapid transition from the industrial age to the information age, our society is being transformed from a "society on wheels" to a "society in cyberspace." This transformation fundamentally changes the "rules of the game" in our social life, especially in terms of the balance between security and development. In this context, the change in the cybersecurity management model proposed by the Biden administration is of scientific and practical interest. This is not only a response to the challenges caused by the rapid development of digital technologies, but also a profound revision and innovation based on the experience of Internet governance over the past thirty years.

The U.S. National Cybersecurity Strategy shows that the traditional cybersecurity management model, based on government efforts to prevent and combat cyberattacks, no longer meets current security challenges. Instead, the new strategy advocates cooperation between the public and private sectors to create a reliable cyberspace protection system, emphasizing the key role of market participants in complicating and increasing the cost of cyber attacks. This revision of the strategy not only highlights the supervisory functions of the state, for example, the establishment of minimum security standards for critical infrastructure, but also focuses on the importance of using market incentives to create a sustainable cybersecurity system. The strategy further emphasizes that most cybersecurity incidents can be prevented through effective preventive measures, which is why cybersecurity is considered as an issue of managing internal risks of companies. The role of the State is to explore the possibilities of using market incentives to support these precautions, as well as to develop protective mechanisms to respond to serious cyber risks that cannot be eliminated through the market. As noted by cybersecurity specialist Bruce Schneier: "Security is never hacked, it is always bypassed." This statement not only highlights the length and complexity of cybersecurity work, but also focuses on the need for constant updating of protective measures to adapt to new threats.