Threat Management, Leadership, Security Staff Acquisition & Development

Biden’s nominee to lead State’s cyber office says role fills foreign policy gap

A sign identifies the State Department.
The U.S. Department of State is seen on Jan. 6, 2020, in Washington. Nathaniel Fick, nominated earlier this year to serve as the first ever ambassador at large for the Bureau of Cyberspace and Digital Policy at State, pushed back on questions that his role might conflict or overlap with other top officials. (Photo by Mark Wilson/Getty Images)

The Biden administration’s choice to lead a newly created cyber office at the State Department pushed back on questions from Congress that his role might conflict or overlap with other top officials in government in testimony, while sketching out a more robust leadership role for American cyber diplomacy on the world stage.

Nathaniel Fick, nominated earlier this year to serve as the first ever ambassador at large for the Bureau of Cyberspace and Digital Policy at State, was pressed by Sen. Rob Portman, R-Ohio, in a hearing Wednesday to explain how his role and work would differ substantially from other positions, like the White House deputy national security advisor for cyber (currently fileld by Anne Neuberger), the national cyber director (Chris Inglis), the federal CISO (Chris DeRusha) and others.

“I just want to know from you, are you sensitive to this issue and aware of it and [ask] how you intend to conduct yourself in this role so you can fit in this construct,” Portman asked. “Congress is not very good at [organizational] charts and so it will really be the responsibility of the individuals who have these jobs to work together and to not allow the gaps in accountability.”

In particular, Portman noted that the Office of the National Cyber Director was given statutory authority just last year to serve as the principal advisor to the president of the United States in coordinating international diplomatic efforts and cybersecurity norms.

That description captures the bulk of duties Fick’s office was created to address. Portman expressed concern that too many cyber chiefs with overlapping responsibilities in the federal government will take the country right back to where it was when Congress felt it needed to create the NCD to coordinate across agencies.

In his answer, Fick leaned on his background as a former U.S. Marine who had served in the Iraq and Afghanistan wars, CEO of national security think tank Center for a New American Security and an executive at cybersecurity software firm Endgame and later Elastic NV. Those experiences “instilled in me an appreciation for a clear chain of command, an appreciation for clear and well-defined swim lanes, and appreciation for accountability.”

He noted that when working with the federal government on cyber issues at previous jobs, other agencies have traditionally had much more robust involvement than State, something he hoped to change.

“When I was leading a business and working with the government in this space, CISA has a strong presence here, the White House has a strong presence here, the Defense Department has a strong presence here, and the State Department has not,” he said. “I believe diplomacy should be our tool of first resort, I believe in the intrinsic value of diplomacy, and so I think this role actually does fill an important gap in the cyber and tech responsibilities across the government.”

Fick, a Maine native, was introduced by Sen. Angus King, I-Maine, a former commissioner on the Cyberspace Solarium Commission that has called for Congress to create a new cyber branch at the State Department.

Fick laid out a range of domestic and international cybersecurity priorities he intends to pursue if confirmed. They would include strengthening membership and adherence to international norm-setting agreements like the Joint Statement on Advancing Responsible Behavior in Cyberspace and doing more to engage with multi-stakeholder agreements around technology and cybersecurity issues that intersect with national security. That includes imposing “meaningful consequences” on states that engage in malicious cyber activity outside of those norms and who “willfully harbor cyber criminal organizations” inside their borders.

He expressed a desire to take a leading role confronting countries like China and Russia who are promoting their own, more authoritarian vision for the global internet, assert the department’s “rightful place” in interagency disputes and work internally at State to raise the profile of cybersecurity expertise within international diplomacy and U.S. foreign policy.

In the past lawmakers and former officials have called for a broader rethinking at State around how issues around cybersecurity and technology issues fit into broader foreign policy and national security policies. Fick said that must happen if the U.S. is to take a leading role on things like promoting alternative technologies for 5G, setting international standards and establishing consensus on international rules in cyberspace.

“Because the bureau is new, the first and innermost priority is building the team and establishing a culture both in the bureau and in the department where a fluency and expertise in digital technologies is seen as important to the careers and futures of career foreign service officers and members of the civil service,” said Fick. “I can imagine a future where any candidate to be a chief of mission is expected to have an understanding of these issues.”

While King praised the creation of the bureau and the selection of Fick to lead it, he noted that absent congressional legislation, a future U.S. president could decide to do away with it all, similar to how the Trump administration eliminated the State Department’s cyber coordinator position, which handled many of the same responsibilities. The Cyber Diplomacy Act — a bill modeled after recommendations from the Cyberspace Solarium Commission that would enshrine a dedicated cyber bureau at State into U.S. law — has already passed the House. King said the committee would be considering similar legislation in the coming weeks.

“I commend the administration for taking the initiative to create this office within the State Department, but I believe we need to codify the existence of the office so it doesn’t come and go at the whim of another administration,” he said.

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.