The U.S. State Department Taps International Expert for Cyber Diplomacy Office

Ian Wallace was recently appointed as senior advisor to the State Department’s Office of the Coordinator for Cyber Issues, under Secretary of State, Antony J. Blinken. State’s Cyber Issues Office, (S/CCI) has the mission of leading U.S. efforts “to promote an open, interoperable, secure, and reliable information and communications infrastructure that supports international trade and commerce, strengthens international security, and fosters free expression and innovation.” Wallace will work on contract under Akima’s Tuvli subsidiary, which offers information technology and cybersecurity support to the federal government, as reported by ExecutiveGov.

Wallace’s appointment comes less than a month after then Secretary of State, Mike Pompeo announced the creation of the Cyberspace Security and Emerging Technologies Bureau (CSET) at the department, charging the Bureau with leading U.S. government diplomatic efforts in “international cyberspace security and emerging technology policy issues that affect U.S. foreign policy and national security, including securing cyberspace and critical technologies, reducing the likelihood of cyber conflict, and prevailing in strategic cyber competition,” namely by China, Russia, Iran, North Korea, and other cyber and emerging technology competitors and adversaries.

In the Cyber Diplomacy Act of 2019 twenty-nine co-sponsoring members of Congress had proposed establishing a new office within State with the consolidated responsibility for digital economy and internet freedom issues, together with international cybersecurity issues. When it became clear that the bill would die in the 116th Congress the State Department notified them in June 2019 that it would move forward with CSET, albeit with a narrower focus on cyberspace security and emerging technologies. State’s CSET plan would keep the economic and human rights aspects of cyber diplomacy issues with existing bureaus that have handled those areas in the past and create CSET under the Under Secretary for Arms Control and International Security.

From its inception, State’s CSET plan has received a fair amount of criticism from various quarters. The move has been criticized by members of Congress as “a misguided cyberspace reorganization … [that] will reinforce existing silos and hinder the development of a holistic strategy to promote cyberspace stability on the international stage.” In September 2020, the Government Accountability Office (GAO) was critical of the State Department for not consulting with other agencies that have a stake or role in U.S. international cyberspace interests before moving forward with its plans for CSET. From its perspective, State viewed the reformation of its cyber organizations as an internal matter. State also said that they did not know of any agencies that had consulted with them before reorganizing their own cyberspace security organizations.

Then at the end of January GAO issued another report calling on State to demonstrate the use of “data and evidence to justify its current proposal, or any new proposal, to establish the Bureau,” concluding that the information State had provided did not measure up to GAO’s key practice for agency reorganization.

State Morphing Cyber Landscape

Wallace’s appointment within the S/CCI – as well as the appointment of long-time State Department cyberspace foreign policy subject matter expert Michele Markoff as the Deputy Coordinator for Cyber Issues in the office – suggests the existing CSET plan may be up for revision. That would not be unheard of with the change of administrations, especially this early in an administration that is still in the process of getting its key leadership into place, both in the areas of diplomacy and policy and in operational areas like IT and cybersecurity. If Secretary Blinken decides to broaden and revamp the mission of the CSET to include cyber diplomacy areas that overlap with S/CCI, then it’s conceivable, if not likely, that Markoff, Wallace and others will have a hand in reforming the CSET plan.

Also, Wallace’s appointment comes not too long after the department announced Keith A. Jones as their choice for Chief Information Officer (CIO), which is one of seven federal agency CIOs that are politically appointed by the White House and confirmed by the U.S. Senate. But who will fill the job of Enterprise-Chief Information Security Officer (E-CISO) is still to be announced. (The E-CISO job listing on USAJOBS closed in early November and the status is currently “reviewing applications.”) One would assume that Jones will have the final say in who gets the E-CISO job.