On March 14-16, the EastWest Institute (EWI), in partnership with the University of California, Berkeley Center for Long-Term Cybersecurity, hosted a summit featuring over 200 government officials, industry experts, academics, and activists from 30 countries. They met to identify areas of closer collaboration on attacks and sharing of threat information between corporations, governments, and other stakeholders that play a critical role in defending cyberspace.
Peter Altabef, president and CEO of Unisys, delivered a keynote focusing on Smart Cities, and the steps required to keep digital assets and communities safe, securing a balance between four factors: cybersecurity, personal safety, health, and infrastructure. Francis Fukuyama of Stanford University was featured in a discussion on trust in cybersecurity and explored the phenomenon of fake news, what he described as “today’s wild west of information sharing.”
Since 2009, EWI has brought together international actors through its Global Cyberspace Cooperation Summits, aiming to coordinate and consolidate progress, showcase results, and promote collective action. The summits provide a crucial forum for building international, private-public actions to foster international cooperation in cyberspace and norms of responsible behavior.
What makes the EWI summits unique is their emphasis on two areas: fostering robust debate that underscores the aspect of cooperation and finds common ground, and the impactful and results driven role of breakthrough groups, each of which focuses on a key aspect of the cybersecurity dialogue.
Moving the Needle: Breakthrough Groups
This year’s groups are designed to advance solutions in five key specific areas: ubiquitous encryption and lawful government access; resilient cities and the internet of things; increasing the global availability and secure use of ICT products and services; systemic risk and cyber insurance; and promoting norms of responsible behavior in cyberspace. Importantly, each has a mandate to ensure progress is measurable, both quantitative and qualitative. One example is the introduction of the ICT Buyers Guide.
Each breakthrough group affords debate, the exchange of salient information and advocates for recommendations that are practicable. Each includes the participation of senior level actors representing the private and public sectors so that perspectives and challenges are heard and acknowledged. The discussion was colored by the widely acknowledged sense that firms are increasingly on the front lines of cyberspace security, including defending against state-sponsored cyberattacks.
On the final day, Latha Reddy, former deputy national security advisor of India, chaired a panel on breakthrough group findings. Each group presented conclusions and next programmatic steps and received comments from a distinguished expert panel.
Valuing Contrasting Voices
Over the three days, the aspect of varied opinions and experiences cannot be overstated. In fact, it defines the spirit and purpose of the event—defining and appreciating the obstacles and unique challenges that must be overcome to foster cooperation in cyberspace. Case in point: the keynote speech delivered by Katherine Getao, ICT Secretary at the Ministry of Information Communications and Technology of Kenya, provided a unique viewpoint from the Global South where there remains a distinct divide as to how developing nations fit in the context of the cybersecurity dialogue, and their continued relevance. To this end, Getao recommended that “all nations, regardless of geographic position or economic status, reduce adversarial positions and drive trust to help solve one another’s problems.”
Further cementing the multivariate aspect of cybersecurity, the summit introduced audiences to the Global Commission on the Stability of Cyberspace (GCSC). An initiative of the government of the Netherlands, the EastWest Institute, and The Hague Centre for Strategic Studies, the GCSC is the first body of its kind—formed to develop proposals for norms and policies to enhance international cybersecurity and stability. Twenty-eight commissioners representing twelve countries will, over the next three years, work on developing proposals and advocating for their adoption globally.
Marina Kaljurand, former minister of foreign affairs of Estonia and GCSC chair, along with five commissioners, took the stage to convey to audiences the mission and vision of this body. The panel was met with numerous, thoughtful questions regarding its anticipated impact, its role with respect to existing multilateral discussions such as the United Nations group of governmental experts, and policy roadblocks such as the lack of an agreed definition of critical internet infrastructure. As a multistakeholder body, the Commission is uniquely positioned to develop consensus around the rules of the road in cyberspace.
The summit laid the foundation for ongoing cooperation in several areas. For example, we expect, in conjunction with the GCSC, to substantially increase international understanding and buy-in to specific norms of state and corporate behavior, to protect the safety and security of cyberspace as a global platform for governance, commerce, and public and private life in general. On the other hand, the encryption debate has proven to be difficult. EWI maintains the goal to develop recommendations for approaches that balance law enforcement's needs with requirements for business confidentiality and individual data privacy by year's end.