The text of the following statement was released by the Government of the United States of America and the European Union on the occasion of the 9th U.S.-EU Cyber Dialogue.
Begin Text
The United States and the European Union held the 9th U.S.-EU Cyber Dialogue in Brussels, Belgium, December 6-7, 2023. The United States and European Union reaffirmed their continued commitment to an open, free, interoperable, secure, and reliable Internet, respecting human rights and fundamental freedoms. We are committed to advancing international security and stability in cyberspace and enhancing the ability of all states to reap the benefits that modern technologies provide.Underlining the strong transatlantic partnership on cyber issues, the United States and European Union exchanged views on the global cyber threat environment, marked by Russia's aggression against Ukraine, and expressed concern about the increase of malicious cyber activities targeting supply chains, critical infrastructure, and intellectual property, as well as a rise in ransomware attacks against businesses and citizens. We strongly condemn these malicious activities and remain determined to strengthen cybersecurity, address cybercrime and ransomware attacks, enhance global cyber resilience, and promote responsible state behavior in cyberspace.
Advancing International Security and Stability in Cyberspace
Fortifying our strong partnership, the Cyber Dialogue also included exchanges on international cyber policy discussions, including in the United Nations, regional organizations such as the Organization on Security and Co-operation in Europe and the ASEAN Regional Forum, and the G7 and G20.
Strengthening our ability to address malign behavior in cyberspace, the Cyber Dialogue included exchanges on cyber defense, and identified further action to strengthen our cooperation to hold states accountable for and to prevent, deter, and respond to malicious cyber activities. In this context, the United States and European Union seek broader cross-regional cooperation, including with states in Latin America, the Indo-Pacific, and Africa, to raise awareness and promote responsible state behavior through diplomatic action and engagement.
We continue to be strongly committed to the UN framework of responsible state behavior in cyberspace, grounded in the application of international law and norms of responsible state behavior. We also continue to promote the establishment of the UN Cyber Programme of Action to advance and support states in its implementation.Enhancing Cybersecurity and Resilience
To enhance cyber security and resilience to address these challenges, the United States and the European Union exchanged updates on several key priorities set out in the January 2023 Joint Statement by Department of Homeland Security Secretary Alejandro Mayorkas and EU Commissioner for Internal Market Thierry Breton. These priorities included the security of digital products and related cybersecurity standards, cyber resilience of critical infrastructure, impact and opportunities of emerging technologies, and cooperation between the respective cybersecurity agencies. The Cyber Dialogue also included sector-specific discussions on space cybersecurity and the cybersecurity of energy infrastructures.
During the Cyber Dialogue, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the European Union Agency for Cybersecurity (ENISA) formalized a Working Arrangement covering themes such as cyber awareness and training, best practice exchange, and knowledge sharing for common situational awareness.
The United States and European Union took stock of joint efforts to improve the resilience of critical infrastructure as well as the security of hardware and software products, acknowledging the leading roles of the United States and European Union in this field. Following the October 2023 U.S.-EU Summit, the United States and European Union advanced discussions on a Joint CyberSafe Products Action Plan to work together on achieving mutual recognition of their respective government-backed cybersecurity labelling programs and regulations for Internet of Things (IoT) devices, namely the EU Cyber Resilience Act and the U.S. Cyber Trust Mark.
Furthermore, building on a firm commitment to reduce administrative burden for companies and organizations on both sides of the Atlantic, the United States and European Union explored possibilities to approximate, where possible, the cybersecurity incident reporting mechanisms.
The United States and European Union also took stock of best practices in software security, with a focus on security-by-design, open-source security, and Software Bills of Materials, and outlined priorities to deepen cooperation in the coming year.
International Cyber Capacity Building as Priority
As a priority, the United States and European Union reaffirmed their strong commitment to further enhance global cyber resilience and to implement cyber capacity building and solidarity activities supporting partners including Ukraine and Moldova, as well as in the Western Balkans, Africa, the Indo-Pacific, and Latin America. We are dedicated to further increase coherence between our global actions, and to work through platforms such as the U.S.-EU High Level Consultations on the Indo-Pacific, to further strengthen our cooperation with and within regions.
Cooperation on Emerging Technologies
The United States and European Union also decided to further deepen their cooperation to address cybersecurity challenges related to emerging technologies, with specific focus on artificial intelligence (AI) and post-quantum cryptography. The cooperation between the United States and European Union will seek to foster secure use of AI in critical infrastructure. Cyber Dialogue participants also discussed potential joint activities in the transition towards post-quantum cryptography, including standardization.
Pilot U.S.-EU Cyber Fellowship
As a deliverable from the January 2023 Joint Statement by Department of Homeland Security Secretary Alejandro Mayorkas and EU Commissioner for Internal Market Thierry Breton, the Pilot U.S.-EU Cyber Fellowship was launched with representatives from the U.S. Department of Homeland Security and agencies meeting European and EU Member State officials working in cybersecurity.
The 9th Cyber Dialogue was co-chaired by Joanneke BALFOORT, Director for Security and Defense Policy, European External Action Service (EEAS); Lorena BOIX ALONSO, Director for Digital Society, Trust and Cybersecurity, Directorate General for Communications Networks, Content and Technology (DG CONNECT), European Commission; and Liesyl FRANZ, Deputy Assistant Secretary for International Cyberspace Security in the U.S. Department of State's Bureau of Cyberspace and Digital Policy.
Industry representatives from the United States and European Union joined a dedicated session, discussing the key role of public private partnerships in keeping cyberspace secure.
The United States will host the next U.S.-EU Cyber Dialogue in Washington in 2024.
End text