Cyberspace Cooperation

The EastWest Institute’s sixth Global Cyberspace Cooperation Summit opened today, September 9, with approximately 230 registered participants from over 44 countries at the Westin New York City Hotel at Times Square. Over the next two days, cyber experts from around the world including, China, Russia, India, Azerbaijan, Kenya, Cambodia and the Philippines, have come together to take concrete steps to make cyberspace more secure, where both the public and private sectors can thrive in a global digital environment.

CEO and President Cameron Munter welcomed the participants and stressed EWI’s unique role as a convener and facilitator of new solutions to these ever increasing problems. He asked participants to take advantage of “what we do that others do not.”

Under Secretary Suzanne E. Spaulding of the National Protection and Programs Directorate, U.S. Department of Homeland Security, delivered the keynote address where she spoke of a three-pronged approach to malicious cyber attacks. “We must prevent, detect and respond to cyber threats and these efforts must go on simultaneously.” She added that the U.S. government has recently initiated an automated information sharing system between government agencies as well as with private sector partners.

Bruce McConnell, EWI’s senior vice president and leader of the Cooperation in Cyberspace Program, which includes its Worldwide Cybersecurity Initiative, gave an update on the progress made in the seven Breakthrough Groups, that involve the most pressing issues in cyberspace today, such as “How can law enforcement and Internet companies work together to break up international cybercrime syndicates?” and “What can companies that deliver critical services like electricity and finance do to manage cyber risks to their operations?”

In the opening plenary panel, “Is Cooperation Possible in Cyberspace?” chaired by Joseph S. Nye, Distinguished Service Professor at Harvard University’s Kennedy School of Government and EWI Advisory Group member, a heated debate ensued between Ilya Rogachev, director, Department for New Challenges and Threats, Ministry of Foreign Affairs of the Russian Federation, and other members of the panel on whether cyberspace cooperation is possible. Calling it “kid’s stuff,” Rogachev questioned the legitimacy of the pursuit. Adding to the debate, Rogachev also stated that North Korea had not been involved in the Sony attack.

Christopher Painter, coordinator for Cyber Issues, U.S. Department of State, contradicted Rogachev’s statement and said that there was adequate evidence implicating North Korea’s involvement in the Sony attack. “There is ample evidence,” Painter said.

Painter also pointed out that despite the difficulty of cyberspace cooperation there has been significant progress. “Four or five years ago, there were no bilateral agreements. Now we have eight, most recently with India and Japan.”

Additional panelists included Thomas Fitschen, director for the United Nations, International Cyber Policy and Counter-Terrorism, Federal Foreign Office of Germany; Udo Helmbrecht, executive director, European Agency for Network and Information Security (ENISA); Ryuichi Hirano, counsellor, International Strategy Group, National Center of Incident Readiness and Strategy for Cybersecurity, Cabinet Secretary of Japan; and Leonard Rolland, political officer, International Cybersecurity Policy, Ministry of Foreign Affairs and International Development of France.

Hirano highlighted the recent security breach where 1.25 million personal records were stolen from the Japanese pension system, stressing in his remarks that cyber attacks cannot be solved by one government or company alone. “We are working on this now. Just very recently, on September 4, Japan has adopted a cybersecurity strategy, which focuses on free, fair and secure principles.”

Following the initial panel, Matt Bross, Chairman and CEO of Compass Networks and EWI Board member, chaired a keynote conversation, which included panelists Katherine Getao, ICT Secretary, Ministry of Information, Communications and Technology of Kenya. Getao emphasized the importance of cooperation and said, “Trust is the currency of the future.”

_

Follow us on Twitter with the hashtag #EWIcyber for live conference updates! 

Cyberspace has become a critical component of business and government everywhere. Both the public and private sectors now need a reliable and predictable digital environment to thrive. While it is clear that the Internet creates enormous economic and social benefits, this global marketplace can at times be perilous. Organizations are increasingly aware of cyber risks, driven by widely reported attacks on corporations and government agencies. As a result, most actors today take cybersecurity seriously and work hard to reduce those risks.

However, the Internet has little respect for boundaries. Enhancing cybersecurity and combating cybercrime require engagement and cooperation by a variety of participants: among nations, across companies, and between government and the private sector. Indeed, many challenges in cyberspace can only be addressed through such a multi-stakeholder framework.

The global nature of the information and communications technology (ICT) marketplace lies at the heart of this conundrum. The ICT industry leverages resources—cyber, physical, and human—from around the world, creating better products and driving down costs.

Unfortunately, a growing number of countries are starting to favor domestic sources of ICT supply under the banner of cyber or national security. Ironically, such moves can actually increase security risks, as the most innovative and secure products will make full use of the best talents, ideas, and resources available, irrespective of the jurisdiction they are in. 

A better approach would involve technology purchases based on fact-driven, risk-informed, and transparent requirements that assure the security of a product or service throughout its lifecycle. Such requirements would enable buyers to make informed decisions about cyber risk irrespective of where the ICT was produced. To be effective, however, there needs to be some level of international standardization on those requirements, which requires public-private cooperation on a global basis.

The undersigned companies hope that the forthcoming EastWest Institute’s sixth annual Global Cooperation in Cyberspace Summit will allow us to begin to take concrete steps towards that goal. Taking place in New York, with multi-stakeholder participation from over 40 countries, the summit aims to drive agreement on the most pressing issues we face in this space today, including:

• How can law enforcement and Internet companies work together to break up international cybercrime syndicates?
• What can companies that deliver critical services like electricity and finance do to manage cyber risks to their operations?
• How can confidentiality of business and personal information be balanced with law enforcement’s need for access to unencrypted data under widely varying legal regimes?
• What limits should be placed on governments’ creation and use of cyber weapons?
• Who should be responsible for the long-term governance of the Internet, a global resource?             

_

Click here to read the op-ed on The HIll's Congress Blog.