Neither US, Russia Or China Will Sign Macron's Cyber Pact

The US, Russia and China, three of today's major cyber-powers, have not signed an agreement on rules and principles released today at the Paris Peace Forum by President Emmanuel Macron of France.
 
The pact was signed by 51 countries, the 72 companies part of The Cybersecurity Tech, the 16 companies part of The Charter of Tech,  plus 136 other private companies, and 92 non-profit organisation, universities, and advocacy groups.
 
Major American technology corporations including Microsoft, Facebook, Google, IBM, and HP all endorsed the agreement. 
The Paris Call for Trust and Security in Cyberspace, as the agreement has been named, is the most coordinated effort to date to get countries to agree on a set of international rules for cyberspace, a so-called Digital Geneva Convention.
 
Microsoft's Chief Legal Officer Brad Smith has been advocating for such a pact since 2017 after the executive had seen the damage done to the private sector by the NotPetya outbreak, which was later proved to the work of Russian state cyber-operatives attempting to wreak havoc Ukraine.
 
Besides the US, China, and Russia, other countries with important and cyber units that didn't sign the pact include Iran, Israel, and North Korea.
 
Without the signatures of these "heavy hitters," the pact is useless, albeit many suspect it was only a PR stunt. The pact was signed a day after world leaders celebrated 100 years since the end of World War I.
 
The pact doesn't include any penalties for those who signed, yet have broken the agreement's clauses. The document is more of a charter and declaration of intent to sign a future, more comprehensive agreement.
 
The Paris Call for Trust and Security in Cyberspace proposes the following measures and steps:
 
• Prevent and recover from malicious cyber activities that threaten or cause significant, indiscriminate or systemic harm to individuals and critical infrastructure;
• Prevent activity that intentionally and substantially damages the general availability or of the public core of the Internet;
• Strengthen our capacity to prevent malign interference by foreign actors aimed at undermining electoral processes through malicious cyber activities;
• Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential information, with the intent of providing competitive advantages to companies or sector;
• Develop ways to prevent the proliferation of malicious ICT and practices intended to cause harm;
• Strengthen the security of digital processes, products and, throughout their lifecycle and supply chain;
• Support efforts to strengthen an advanced cyber hygiene for all actors;
• Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors;
• Promote the widespread acceptance and implementation of international of responsible behavior as well as confidence-building measures in cyberspace.
 
ZDNet:       Wired:    
 
You Might Also Read: 
 
UN Chief Urges Global Rules For Cyber Warfare:
 
Russia And US Offer Competing Visions Of Cyber Normality:
 
« Schoolboy Hacked Mock Florida Election Site In 10 Minutes
Dozens of Spies Killed Thanks To Flawed CIA Comms System »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

Seric Systems

Seric Systems

Seric is a technology business specialising in security, infrastructure and data management.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Safe Security

Safe Security

Safe Security (formerly Lucideus) provides Cyber risk assessment services and platforms to multiple Fortune 500 companies and governments across the globe.

Polish Centre for Accreditation (PCA)

Polish Centre for Accreditation (PCA)

PCA is the national accreditation body for Poland. The directory of members provides details of organisations offering certification services for ISO 27001.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

Auvik Networks

Auvik Networks

Auvik is easy-to-use cloud-based networking management and monitoring software - true network visibility and control without the hassle.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Metmox

Metmox

Metmox mission is to be trusted advisor and partner to protect our customer’s evolving Cloud, Network, Application, IT infrastructure and cybersecurity needs.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

Reality Defender

Reality Defender

Reality Defender stops deepfakes before they become a problem. Our proprietary deepfake and generative content fingerprinting technology detects video, audio, and image deepfakes.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

AppSentinels

AppSentinels

Appsentinels are a group of security and technology experts with a mission to fix gaps in application security.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.