So U.S. negotiators are not starting from scratch, and Schmidt suggested that questions of sovereignty, location and ownership in the context of cyberattacks can generally be addressed under existing codes of conduct. However, that doesn't make it easy.
"A lot of these things already exist, but yet we find ourselves on this squirrel wheel of trying to reinvent things," he said. "By the same token, we have to recognize that none of us will ever be 100 percent secure."
Schmidt also pointed out that U.S. government entities and businesses are facing an increasingly sophisticated and diverse set of adversaries, and the origins of today's cyberattacks are often difficult to discern.
"When you start looking at 'where's the threat coming from', that's another challenge. Attribution is extremely difficult. We know that some of it involves nation states," he said. "Some of them involve individuals and organizations that are supported by a nation state."
Still other attacks emanate from so-called "hacktivists," like the collective Anonymous, who are protesting a social or political issue, and then there is a whole range of identity thieves, fraudsters and other bad actors who give the cybercrime spectrum near infinite nuance.
Domestic Cybersecurity Strategy
On the domestic front, Schmidt put in an appeal for Congress to pass cybersecurity legislation that would strengthen penalties for cybercrimes and beef up cybersecurity education programs. Additionally, he threw his support behind one of the more controversial aspects of the various proposals that have been floated, which would empower an entity in the executive branch with some level of regulatory authority over private-sector providers of critical digital infrastructure.
One such bill is awaiting consideration before the Senate. Recently, Majority Leader Harry Reid (D-Nev.) praised the legislation and appealed to GOP members to engage in good-faith talks either to improve the measure or advance alternative proposals.
Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com.
Sign up for CIO Asia eNewsletters.