Washington needs to be transparent about its policy decisions so that it can communicate clearly to allies and adversaries alike.
Specifically, the US must consider these questions: What constitutes an attack? What kinds of economic espionage or attacks against the private sector will trigger government intervention? Will the US pursue a policy of deterrence, which requires specifying credible countermeasures – or leave itself more room to maneuver as conflicts in cyberspace evolve?
The administration took a significant step last September, when the State Department described central tenets of US policy on cyberconflict. The Department of Defense recently announced it is creating offensive and defensive cyberteams to protect the US. But officials from both departments acknowledge unresolved questions.
The US should advocate for global rules for cyberconduct, convince friends to embrace them, and push these rules as part of a more proactive cyber-agenda. This approach will solidify American leadership in cyberspace, foster international cooperation, and discourage cyberattacks.
Emilian Papadopoulos is chief of staff at Good Harbor, a cyberrisk consulting firm. He previously worked at Canada’s Department of Foreign Affairs. Eli Sugarman is a Truman fellow and senior director of Gryphon Partners. He previously worked at the State Department.