November 4, 2019
Remarks by AIT Acting Director Raymond Greene at
The Opening Session of the 2019 Cyber Offensive and Defensive Exercises
November 4, 2019
(As Prepared for Delivery)
Senior Advisor Lee, Senior Advisor Kuo, Commissioner Sun, Director General Jyan, Director General Lin, Director General Chang, Assistant General Counsel Shih, distinguished guests, ladies and gentlemen, zao an!
I first want to thank Microsoft Taiwan for hosting all of us here today. Microsoft continues to provide a shining example of what can be accomplished through sincere public-private sector cooperation, and they remain one of AIT’s best partners on all things related to the development of the digital economy. I would also like to thank the Taiwan Authorities for all of their hard work in organizing this year’s Cyber Offensive and Defensive Exercises. My thanks also go to the U.S. Department of Homeland Security who has been working closely with the Taiwan counterparts over the last year to help shape the content and nature of this year’s CODE. And I would also like to extend my thanks to the Department of State’s Bureau of International Security and Non-Proliferation and the Department of Energy’s Sandia Laboratories for helping organize these training exercises.
The U.S. government is proud, for the first time ever, to co-host international cyber exercises with Taiwan focused on combatting cyber threats from North Korea and other actors. This year’s Cyber Offensive and Defensive Exercises mark a new frontier in the ever-deepening cyber cooperation between the United States and Taiwan. In this sense today’s gathering is truly historic, and I hope it marks the beginning of not only closer cooperation between the United States and Taiwan on cyber issues, but closer collaboration among all economies in the region. Cyber threats know no borders, which is why all those who want to preserve a free, safe, and open internet must come together to deepen their cooperation on cybersecurity.
The biggest threats today are not troops landing on the beach, but efforts by malign actors to use the openness of our societies and networks against us. In many ways, cyber threats are the most significant risk affecting all of us. Malign actors are threatening our industry, our democratic institutions, and the integrity of our critical infrastructure, including our financial systems and telecommunications networks.
As we speak, pernicious actors are engaged in relentless attempts to steal trade secrets, intellectual property, and our most valuable data. The pace of these attacks is increasing exponentially, and represent an existential threat to the international rules-based economic order. The development of innovative technologies requires massive research and development spending. If others can come in and simply steal the hard-won breakthroughs, it not only gives those who steal the information an unfair advantage, it discourages engaging in research at all, thus depriving the world of new innovations.
The second major cyber challenge is protecting the integrity of our democratic institutions. Authoritarian leaders around the world feel fundamentally threatened by the mere prospect of success of democratic societies, and they will stop at nothing to discredit governments of the people, by the people, and for the people. Malign actors aim to hack into our election systems to undermine the results of elections. They spread disinformation to advance their political agenda. And they sow division in society in an attempt to make democracies ungovernable. If democracy fails, their claim to power is secure; if democracy succeeds, their reason for power crumbles. Protecting our democratic institutions from those who would subvert them is the collective responsibility of all stakeholders, including everyone in this room.
Hostile cyber actors also seek to compromise our critical infrastructure, in particular our financial system and telecommunications networks. Even the mere capability to cripple critical financial and communications infrastructure gives a foreign adversary tremendous leverage over a free society. As Sun Tzu put it, such capability enables 不戰而屈人之兵, or “winning without fighting.” As the 2008 financial crisis so vividly illustrated, our financial systems are like the circulatory system of an economy – if the banking system can be compromised, it is like a heart attack for the entire economy. Our telecommunications networks are more than just the means through which we communicate. In the 5G era, they are the very foundation of every modern technology, from autonomous vehicles, advanced manufacturing, and artificial intelligence to the baby monitors next to our children. Securing our financial and telecommunications networks is, therefore, a matter of vital national, economic, and personal security.
The goals of the 2019 CODE exercises are simple: First, we hope everyone gathered here will be able to significantly enhance their skills, knowledge, and abilities so you can bring these back to your home countries and strengthen your domestic cyber defenses. Second, we hope these exercises provide a platform for closer international cooperation on cybersecurity among all of the economies gathered. Ultimately, the success of this week will be measured by whether all of you remain in close contact with each other after the exercises are over.
Taiwan has a tremendous amount of valuable experience to share, and nowhere is this more true than when it comes network sececurity. In the last few years, under the leadership of Senior Advisor D.T. Lee, Taiwan has developed a comprehensive national cybersecurity strategy, established new offices to create a whole of government and indeed whole of society approach to cyber, and built nationwide information sharing systems. These are not easy tasks, and all of us have work to do on this front. A whole of government approach means every government agency has a responsibility to come out of their respective silos and make an active effort to work together to realize the national cybersecurity strategy. This is especially true for civilian-military cooperation. A whole of society approach includes learning how to work closely with the private sector, both domestic and foreign, to share technologies and integrate solutions. In the end, though, we must each prioritize protecting our domestic networks with the best technologies over development of our indigenous industry. Too much is at stake. We appreciate the progress the Taiwan Authorities have made on all of these fronts.
The United States is quickly deepening its cyber cooperation with Taiwan. We have been working closely with the Taiwan authorities, to help bring Taiwan into the Department of Homeland Security’s Automated Indictor Sharing system, which shares cyber threat indicators at machine speed. We are also working with Taiwan to raise public awareness through the global Stop.Think.Connect campaign. We have held trainings on improving public-private sector cooperation, and earlier this year we co-hosted officials from more than twenty countries to discuss network security and emerging technologies, such as 5G.
As many of you know, last May the United States met with our European allies to discuss network security in a 5G age. From that meeting emerged the “Prague Proposals,” which are basic principles like-minded countries agree upon when thinking about the future of network security. In the Indo-Pacific, Japan, Australia, and Taiwan have already endorsed the Prague Proposals. The reality is Taiwan has already been living by these principles for the last six years because it understands first hand the risks of not doing so. It is our sincere hope that these proposals become the bedrock for a democratically consistent digital economy around the world. Every country gathered here today is likewise invited to study these proposals, reflect deeply upon their value, and similarly affirm them as Taiwan has done.
Going forward, I am pleased to announce three areas where we look forward to working closely with Taiwan to strengthen cybersecurity and digital economy cooperation.
First, I’m pleased to announce that this December the we will hold the 3rd Session of the Digital Economy Forum. Four years ago, the United States and Taiwan launched the Digital Economy Forum or DEF, whose purpose is to help bring the U.S.-Taiwan relationship into the digital age. The DEF is our high-level umbrella framework for all of our technology cooperation in Taiwan. At this year’s DEF, we will discuss how to deepen cooperation on 5G, the data economy, cross-border data flows, semiconductors, AI, IoT, and cybersecurity. We will also reaffirm our cooperation on startups and working together to with other countries in the region to promote a free and open Internet.
Second, AIT and the U.S. government will begin early next year a “road show” where we will bring American experts to raise awareness about the latest cybersecurity threats, trends, and best practices. In particular, we intend to hold training seminars at Taiwan’s major science parks and technology industry hubs. Advanced cyber defense technologies are very helpful, but oftentimes raising public awareness and improved cyber hygiene are the best defenses.
Third, we look forward to working closely with Taiwan on its proposed International Cybersecurity Center of Excellence. This Center will provide an outstanding platform for close public and private sector cooperation on cybersecurity, both here in Taiwan and for the whole Indo-Pacific region, especially when it comes to network security, 5G, and emerging technology cybersecurity standards. We also hope to work closely with Taiwan through the Center on capacity building initiatives for the Pacific Islands.
Strengthening our Cyber defenses is no longer optional, it is foundational for the future of free societies. I implore all of you to dedicate yourself to this mission. It is no exaggeration to say the world as we know it depends upon all of us doing so.