U.S. and Germany expand cyber cooperation

The United States and Germany are taking a "whole-of-government" approach to their collaboration in cybersecurity, according to a joint statement released by the State Department after two days of talks. 

The fourth round of the U.S.-Germany Cyber Bilateral Meeting took place March 22-23, in Washington, D.C., emphasizing how the inter-agency approach allows "for more in-depth cooperation on a wide range of cyber issues and our increased collaboration on both strategic and operational objectives," according to the statement.

The talks also examined how international law applies to cyberspace, how countries should act according to that framework, and how Germany specifically, will continue to set the standards as chair of the Organization of Security and Cooperation in Europe.

"It's absolutely critical that we actually do a whole of government, a unity of effort across the board when it comes to cyberattacks," Tony Cole, vice president of Global Government at FireEye told FCW. He works with governments across the globe on cyber issues, and was part of a State Department study in 2013 on building a cybersecurity framework between U.S., Russia and China. Cold added, "I do think sometimes there are challenges to where it's done too much with a specific agency and not a whole of government effort."

The U.S. and Germany also promised to collaborate on the protection of critical infrastructure, and to "continue to work closely to enhance cybersecurity of critical infrastructure, improve incident management and coordination, and build cyber capacity of other countries." The vulnerability of critical infrastructure to electronic and computer based attack is becoming a more important international issue as such attacks become part of warfare in Ukraine and Syria.  Just this year, a cyberattack wiped out electricity for over a quarter million people after hitting a regional electrical grid in Ukraine.

"It's going to be a big massive effort. Maybe even you need the National Security Agency to actually take some of their red team expertise and actually do analysis of critical infrastructure," Cold said on March 28. He stressed the importance of getting all government agencies involved when it comes to these issues such as protecting critical infrastructure from cyberattacks. He said they have repeatedly recommended the U.S. federal government to put a Chief Information Security Officer in charge to unify those efforts.

Given the current threat situation in Europe posed by groups such as the Islamic State who aim for destructive attacks online and physically, Cole said the urgency of worldwide situation will make allies such as the United States and Germany "to share a lot more data than they used to in the past."

"We're going to continue to see allies like U.S. and Germany work together even more closely to solve these problems," he said, regardless of the fallout from the Edward Snowden leaks, which strained relations with Germany in particular in part because of that country's strong emphasis on personal privacy rights, and because of revelations that the National Security Agency had tapped German Chancellor Angela Merkel's phone.