Cybersecurity Central to a Strong Defense

The crisis in Ukraine has sparked discussions among policymakers in Taiwan on how to enhance the island’s defense capabilities, including through a recently intensified reservist training program and proposals to lengthen the conscription period. A key takeaway for many is that training, motivation, leadership, mobility, and flexibility are just as much key factors in defending Taiwan from military attack as are troop numbers and firepower.

No one will discount the importance of maintaining a credible defense posture in the physical realm, but there are other dimensions of warfare that require a more comprehensive approach and multiple stakeholders. AmCham was thus pleased to learn that the recently established Technology Trade and Investment Collaboration (TTIC) framework will focus on bolstering critical supply chains in the areas of 5G, semiconductors, sustainable energy, and cybersecurity.

Taiwan and its industries are frequent targets of cyberattacks, and some have speculated that a potential military strike against Taiwan could be precipitated by a large-scale cyber offensive. It is thus imperative that the island’s cyber defenses continue to be reinforced, and that potential vulnerabilities be swiftly identified and risks mitigated.

The Tsai Ing-wen administration has identified cybersecurity as a priority area and since 2016 has worked to tackle the myriad cyber challenges Taiwan faces. Last May, President Tsai announced the “Cybersecurity is National Security 2.0” plan, which in addition to establishing a dedicated cybersecurity department under the planned Ministry of Digital Development, also aims to increase the resilience of critical infrastructure and core databases.

And while government leadership is crucial to the enhancement of Taiwan’s cyber defense, U.S. technology firms – including many of AmCham’s members – continue to roll out cutting-edge solutions to defend critical infrastructure, including semiconductors. These firms possess expertise that can be utilized to Taiwan’s advantage through the formation of public-private partnerships and information sharing.

An important measure in defending not only against individual cyberattacks but also what is termed “systemic cyber risk” – the potential for a single vulnerability to impact entire business systems, economies, or nations – is the development of common standards on cybersecurity with the U.S. and other partners, including Taiwan. Two important efforts currently underway are the U.S. government-initiated NIST Cybersecurity Framework and the National Cybersecurity Center of Excellence. Such collaborative endeavors help Taiwan work around the limitations imposed by its exclusion from international security and law enforcement organizations and adopt best practices.

Beyond buttressing its own cyber-fortress, Taiwan can leverage the trust it has built over the years to become a key supplier of tech products critical to the cybersecurity of other countries. For example, a November 2021 report from the Carnegie Endowment for International Peace noted that Taiwan now has an opportunity to become a provider of safe software for global markets. “Elements of Taiwan’s ecosystem could potentially be positioned to use software engineering to ensure that business software and services produced by local companies and their international partners are more tested and more trusted than competing products on the market,” the report’s authors wrote.

Overall, Taiwan’s defense strategy should not focus solely on military readiness, but should also involve cybersecurity and supply chain elements that incorporate public and private sector actors both in Taiwan and in the U.S. and other like-minded partners. To this end, initiatives like the TTIC are essential.