Cyber War and Peace

Uploaded on 2015-05-12 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

images?q=tbn:ANd9GcTVEudITWmGhvPaCUgXbB0vExPhR7_XPmgko-KFAktaclDuCPRz

Information and communication technologies have become a central part of everyday life for most of the world’s population. They affect even the most underdeveloped and remote areas of the planet and have become a key factor driving development, innovation and economic growth.

But this is just the beginning of a fundamental transformation. In the coming years, new technologies, such as the “Internet of things,” 3-D printing, and autonomous vehicles will revolutionise businesses operations, regulatory regimes, and even social conventions.

These technologies generate enormous benefits, but they are also risky, owing to the ease of accessing data and using it for criminal purposes. Cyber-attacks are already vastly increasing in number, sophistication, magnitude, and impact. As the world becomes more interdependent and hyper-connected, there is growing concern about the vulnerability of the Internet, an infrastructure on which nearly all economic activities – including trade, energy provision, and the entire financial system – have come to depend.

Cyber-attacks take place in a medium, cyberspace, where offensive actions have an advantage over defensive ones. Indeed, most of cyberspace’s infrastructure was designed to ensure its interoperability and openness, often at the expense of security, which tends to limit usability.

Attacks are usually asymmetric; the barriers to cyberspace are inconsequential and governments have struggled to enforce the rule of law online. Attackers with limited resources are able to cause disruptions that have far greater impact than similar actions in the physical world. Indeed, the damage from a cyber-attack is by nature transnational, capable of rapidly cascading to a global level.

In a medium that does not map onto political borders, it is impossible to manage risks successfully from just one jurisdiction. In economic terms, cybercrime is already comparable in size to drug trafficking, and it is highly internationalized. But we have yet to develop fully a global governance regime. Various initiatives have attempted to facilitate the international management of cyberspace, but none has had more than limited success.

The Global Conference on Cyberspace (GCCS), recently hosted by the Netherlands, is an example of this. Representatives from governments, the private sector, civil society, and the technical community met in The Hague to foster a multi-stakeholder approach to cyberspace governance and public-private cooperation.

The approach embodied by the GCCS combines a traditional regime – in which sovereign states are the main players – with another, more modern approach, in which all of the agents concerned participate. This more open, multi-stakeholder model mirrors the traditional technical management of the Internet, which has proven to be very effective in maintaining the resilience of cyberspace. It is based on bottom-up consensus, fosters a collective sense of management, and stresses the promotion of trust and international cooperation.

The effectiveness of approaches like this one is limited by the fact that the three largest cyberspace powers – the United States, China, and Russia – have not agreed on a common treaty to harmonize national laws or facilitate cooperation. Nor do they cooperate on the issue through other institutions, with the exception of the G-20 and the United Nations. Recent cases of cyber espionage have generated growing mistrust even among traditional allies like Germany and the US. In the interest of defending their sovereignty, states could begin to interfere in the technical governance that has proved so efficient.

Indeed, the danger of international conflict has worsened in the past few months, eroding whatever trust existed between the powers. Cyberspace risks becoming a battleground, on which governments, non-state actors, and the private sector all clash. The recent attack by jihadis on France’s channel TV5 and the alleged hack of Sony by North Korea may be forerunners of what is to come.

Companies and civil society alike have roles to play in ensuring that the governance of cyberspace remains open, inclusive, and sufficiently flexible to adapt itself to changing risks and challenges. The existing approach to technical management must be preserved, even as other innovative proposals are explored. Ideas that could contribute to better governance include a G-20 (states) + 20 (relevant non-governmental players) Cyber Council for Stability and an early warning and coordination system based on the World Health Organization’s approach to epidemics.

Responding to twenty-first-century threats with twentieth-century tools is a bad idea. By 2020, two-thirds of the global population will be online. The world needs a fluid and frank dialogue among states, the private sector, and civil society in order to guarantee the security of cyberspace.
The international community has put in place minimal codes that regulate areas like health and nuclear weapons proliferation. There is no reason why we cannot do the same in cyberspace. We all have a common interest in preserving its openness and global character; doing so will require that we set aside narrow national interests in the interest of guaranteeing collective progress.

Newvision

« Hacking Aviation Technology
There is No Secure Inside – So Get the Most from your Firewall »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

Polish Centre for Accreditation (PCA)

Polish Centre for Accreditation (PCA)

PCA is the national accreditation body for Poland. The directory of members provides details of organisations offering certification services for ISO 27001.

UNIDIR Cyber Policy Portal

UNIDIR Cyber Policy Portal

The UNIDIR Cyber Policy Portal is an online reference tool that maps the cybersecurity and cybersecurity-related policy landscape.

Industrial Cybersecurity Center (CCI)

Industrial Cybersecurity Center (CCI)

CCI is the first center of its kind that comes from industry without subsidies, independent and non-profit, to promote and contribute to the improvement of Industrial Cybersecurity.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

ContraForce

ContraForce

ContraForce is a threat detection and response software providing complete visibility across cloud, network, endpoints, user, and email with the ability to target and block threats in real-time.

QuoLab

QuoLab

QuoLab empowers security professionals to analyze, investigate and respond to threats within an integrated ecosystem.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

Zanutix Consulting

Zanutix Consulting

Zanutix specialize in a wide range of services including Network Design and Implementation, Data Management, Cloud Solutions, Software Development and Cybersecurity.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.