The US–Australia Cyber Dialogue: Cooperation in the Asia–Pacific

November 1, 2016

Zoe Hawkins | Analyst - International Cyber Policy Centre | ASPI

This post originally appeared on The Stratigist, a blog by the Australian Strategic Policy Institute.

The Asia–Pacific’s digital potential offers enormous development and trade opportunities that, if effectively harnessed, will benefit the economies of Australia and the United States. Indeed, the region’s increasing importance to the economic and strategic interests of both countries meant that examining the region’s cybersecurity was an obvious choice for the opening session of the inaugural Australia–US Cyber Security Dialogue in Washington DC last month.

Connectivity rates in the Asia–Pacific are soaring, growing at 12% last year. But about half the region still isn’t connected to the internet, providing a huge reservoir of people who are yet to take advantage of the benefits of digital commerce and development. The region’s economies continue to grow, with an average GDP growth rate of 5.4% in 2016, which is driving the region’s connectivity to broader international economic security. However, in some cases, the rapid proliferation of networks isn’t being matched by the necessary regulatory frameworks, governance structures and individual and corporate savviness to adequately meet cybersecurity challenges.

As a result, there are regional disparities between digital tigers such as South Korea, Japan and Singapore, and less developed states such as Laos and Bangladesh. That unevenness has created cybercrime hotspots in permissible regulatory environments, such as the Philippines, and protectionist barriers to trade in over-regulated economies, such as China. So while regional connectivity promises prosperity, it can also complicate security and trade flows.

That unevenness also reflects the geopolitical realities of the Asia–Pacific. The region’s power struggles are evident in cyberspace, as major powers compete to exploit the domain’s benefits, and jostle to influence emerging countries as they come online. China is making waves in cyberspace. Its government is investing heavily in baseline ICT infrastructure across the region, condoning or overlooking cybercrime operations from within its borders, and leveraging cyberspace as a tool for information operations, such as those conducted in July at Vietnamese airports in relation to the South China Sea disputes.

As China pursues its strategic interests through cyberspace, so too does the US. At the recent ASEAN Summit in Laos, President Obama and Secretary of Defense Ash Carter reinforced the US commitment to the rebalance towards Asia and its central security role in the Asia–Pacific. The US views cyberspace as an important mechanism by which to maintain its regional influence, and it’s investing in both the defensive and offensive capabilities of US Cyber Command, accordingly. The ratification of the Trans-Pacific Partnership by the US will also serve to strengthen trade and supporting regional economic growth in this area. The US and China have demonstrated some promising moves towards compromise with the September agreement on state-sponsored intellectual property theft. However, their visions for the future of cyberspace remain incompatible.

With the US as its central security partner and China as its top two-way trading partner, Australia has an interest in stabilising the region’s digital landscape. The historic alliance relationship, underpinned by shared values and a mutual interest in Asia–Pacific stability, make Canberra and Washington natural partners in ensuring that the online world is governed my appropriate rules and norms.

In this complex strategic environment, Australia and the US must develop a nuanced and coordinated approach to regional cybersecurity.  There’s value in standing shoulder-to-shoulder to defend the future of a free, secure and reliable cyberspace. However, the inherently unstable nature of contemporary cybersecurity means that unnecessary confrontation is best avoided in favour of strategic nudges and moderate moves to influence the online behaviour of revisionist states such as China and Russia.

While military cooperation between Australia and the US is an important element of the bilateral relationship, cybersecurity is a whole-of-government issue and must be addressed holistically. To avoid a narrow and reactive military approach to cybersecurity issues and to facilitate more preventative and proactive cyber diplomacy, Australia and the US should move beyond focusing on incident response measures. We need to work together to build capacity, develop international norms of online behaviour and establish confidence building methods in the Asia–Pacific. Australia and the US should also strive to be role models for the region, exemplifying best practice in cybersecurity policy and awareness at home.

Australia–US cyber cooperation in the region must also include partnerships with the private sector. In many cases, private sector companies have established links to government-owned enterprises in the region that can serve to increase cyber maturity. There’s also scope to improve and further capitalise on the intelligence sharing capacity of companies, modernising international and cross-sectoral threat sharing mechanisms to foster a detailed conversation.

The first session of the US–Australia Cyber Dialogue cemented the importance of bilateral cyber cooperation in the Asia–Pacific, highlighted the significant benefits and risks on the table as we pursue regional cyber stability, and underscored the key role of public-private partnership in this effort. The fast-changing and dynamic nature of cybersecurity in the Asia–Pacific will ensure that these issues remain a focus of the Australia-US Cyber Security Dialogue for years to come.