Scott Charney, Microsoft’s corporate vice president of Trustworthy Computing, delivered the keynote address at the EastWest Institute’s sixth Global Cyberspace Cooperation Summit on its second and final day.
Approximately 230 participants from over 44 countries gathered at the Westin New York City Hotel at Times Square to take concrete steps to make cyberspace more secure, where both the public and private sectors can thrive in a global digital environment.
“Supply-chain taints put entire ecosystems at risk,” Charney explained succinctly to a packed conference room. “The global supply chain is under pressure because of assurance issues centering on distrusted countries, distrusted companies, untrusted products and unknown processes and safeguards.”
Despite these daunting obstacles, Charney observed that norms have developed with many significant commonalities across sectors. These areas of agreement include not attacking critical infrastructures and facilitating cross-border law enforcement.
Following the morning’s keynote address, EWI’s Senior Vice President Bruce W. McConnell chaired the plenary penal—“Global Encryption – Will It Make Us Safer?” where Robert Anderson Jr., executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, said that “Nothing is spoken about more at the FBI than cyber. This obviously has been a radical change over the years.”
Anderson also stressed that the FBI talks to its counterparts around the world daily and emphasized that these globalized conversations are critical. Yet, he admitted, “The bad guys are way ahead of us.”
This panel examined the tradeoffs between information security and legitimate government access. Many cloud service providers and device manufacturers are enabling the encryption of user data to protect themselves and their users. This development raises significant concerns among law enforcement and intelligence officials that the spread of strong encryption will reduce their ability to anticipate, prevent or investigate serious crimes, terrorist activities and military threats.
Other panelists included: Allan S. Cabanlong, chief, Web Services and Cyber Security Division, Philippine National Police; Susan Landau, professor, Cybersecurity Policy, Worcester Polytechnic Institute and visiting professor, Computer Science, University College London; and Paul Nicholas, senior director of Global Security Strategy and Diplomacy, Microsoft.
“Putting authentication and encryption together is very useful,” Landau said. “We all know that every system has its vulnerabilities.”
President and CEO Cameron Munter chaired the next panel, “The Internet and the State,” where panelists discussed the interplay between state sovereignty, national and international law, and the boundary-crossing nature of the Internet that challenges the state’s autonomy within national borders.
“The frontier era of cyberspace is over,” said Panelist Chris C. Demchak, RADM Grace M. Hopper Professor of Cyber Security at the U.S. Naval War College. She added that cyber power is now defined by how systematically resilient a state or entity can be.
Other panelists included: Sorin Ducaru, Assistant Secretary General, Emerging Security Challenges, NATO; Preetam Maloor, Strategy and Policy Advisor, Corporate Strategy Division, International Telecommunication Union (ITU); Veni Markovski, Vice-President, UN Engagement, Internet Corporation for Assigned Names and Numbers (ICANN) and Frédérick Douzet, Professor, French Institute of Geopolitics, University of Paris 8; Chairwoman, Castex Chair of Cyberstrategy.
The afternoon “Young Cyber Leaders Looks Ahead” panel featured young professionals working on critical cyberspace issues.
Panelist Astrid Stuth Cevallos, research assistant at the Rand Corporation, said “We have to have modest expectations in cyber developments, and we must not let our differences end important dialogues around the globe.” She stressed that small steps can make significant progress, an important theme echoed throughout the summit.