President Biden’s pick to head the State Department’s recently launched Bureau of Cyberspace and Digital Policy pledged Wednesday to “elevate and integrate cyber and digital policy in U.S. diplomacy” and build productive cybersecurity relationships with the nation’s allies.
Nathaniel Fick’s comments came during his confirmation hearing before the Senate Foreign Relations Committee, where he was joined by four other nominees to various diplomatic posts. The State Department created the new bureau in April; currently it is headed by Jennifer Bachus, a career foreign service official. If confirmed, Fick would also become the first Ambassador at Large for Cyberspace and Digital Policy.
Introducing Fick at Wednesday’s hearing was Sen. Angus King (I-Maine). King noted that Fick — who is also from Maine — has extensive cybersecurity experience, having served as a Marine in Iraq and Afghanistan, later as CEO for the nonprofit Center for a New American Security working on “issues of … international ramifications of cyber,” and then as CEO of cybersecurity software developer Endgame. He is currently general manager of information security for Elastic, an online search company that acquired Endgame in 2019.
“If you took a blank sheet of paper and tried to design a person to fit this new position, you would have come up with someone of Nate Fick’s extraordinary qualifications and background,” King said.
King also reminded his fellow senators that the creation of the cyber ambassador post was a recommendation of the Cyberspace Solarium Commission, of which King was the co-chair. He urged the committee not only to confirm Fick to the new post, but to approve the Cyber Diplomacy Act, which passed the House of Representatives last year and would formally establish the new bureau as a permanent addition to the State Department.
“The idea here is, we want someone who gets up every morning thinking about the international ramifications of [cybersecurity], and that’s what this office will do,” King said. “I commend the administration for taking the initiative to create this [bureau] within the State Department, but I believe we also need legislation to codify the existence of the office so it’s not something that may come and go with the whim of a particular administration.”
Fick Pledges Leadership, Positive Vision
Fick told the committee that he saw three key focus areas in his new role. First, he said the U.S. must work to strengthen adherence to the international framework surrounding cybersecurity laid out by the United Nations, which “affirms that international law applies to state conduct in cyberspace and lays out norms” that guide members’ behavior in cyberspace. He also agreed it was essential for the U.S. and its allies to ensure there are consequences for their peers who engage in egregious misconduct online, echoing a stance that King has taken in the past. (See King, Mandia Warn of ‘Unlimited’ Cyber Dangers.)
“Norms are more effective in binding together our allies than they are in dissuading our adversaries,” Fick said. “To reduce the frequency and severity of damaging cyber incidents, we must collaborate across the U.S. government and with partners around the world to deter malicious cyber activity and impose meaningful consequences on states that engage in it and those that willfully harbor cybercriminal organizations.”
Fick’s second key priority is to promote fairness in the global digital economy by preserving “the free flow of data across international borders” while also ensuring that data privacy and confidentiality are respected. Promoting fairness also means supporting open and transparent standards, as well as ensuring that new innovations are available for all to access. Third, Fick said the U.S. must partner with the private sector, civil society, and other governments to “champion a positive vision for digital freedom and digital inclusion while working to combat digital authoritarianism.”
Portman Warns Against Overlap
Committee members expressed no serious reservations about either the nominee or the new bureau. However, Sen Rob. Portman (R-Ohio) voiced concerns about how Fick’s role would fit in with other recent appointments to leading cybersecurity posts in the administration. In particular, Portman said Fick’s position “overlaps with the office of the National Cyber Director,” currently held by Chris Inglis, the first cyber director who was confirmed last year. (See Inglis, Easterly Define Roles in Confirmation Hearing.)
“We seem to keep adding more and more top cybersecurity positions to our government, and the org chart troubles me,” Portman said. “More importantly, what troubles me is that without accountability, I’m worried that things will happen and it’s too easy to point fingers, as we saw in the Colonial Pipeline incident; you probably recall [that] everyone was pointing fingers.”
Fick responded that the rationale for the new office is to give the State Department a voice in the administration’s discussions about cybersecurity that it has not previously had. Especially in light of the cyberthreats posed by Russia, China and other rivals of the U.S., Fick said that “diplomacy should be our tool of first resort.” However, he also said he shared Portman’s concerns about mission overlaps and would work to avoid them.
“I think in addition to my military experience, my experience building and leading a business instilled in me an appreciation for a clear chain of command and … kind of a wry sense that it is always easy to add, but it’s hard to subtract,” Fick said. “I have full confidence that we can carve out the right swim lanes, and I hope that, if confirmed as the inaugural ambassador leading this office, we could create clear lines of responsibility that outlive any individual.”