==========================================
Proposed
Cybersecurity Norms to Reduce Conflict in an Internet-dependent World
==============================================
December 3, 2014 December 19, 2014 - Paul Nicholas
- Senior Director, Trustworthy Computing
The Internet has by and large been a cause for good, driving
economic growth across developed and emerging economies, connecting individuals
and communities to previously unattainable services, and propelling innovation
online, as well as offline. Today, all over the world public utilities, banks,
and governments use the Internet, cloud services, and mobile technology to
enhance their productivity. Unfortunately, the benefits of greater connectivity
have also brought about increased information security threats, some stemming
from nation state activities in cyberspace.
Microsoft believes that there are certain acts in cyberspace
that, whatever the national or strategic aim, nation states should not pursue.
Because of that we are today publishing a new white paper “International Cybersecurity Norms, Reducing
Conflict in an Internet-dependent World”, as part of the
EastWest Institute’s 2014 Global
Cyberspace Cooperation Summit in Berlin, Germany. In the paper we
recommend six cybersecurity norms with the intention of reducing the
possibility that Information Communication Technology (ICT) products and
services are used, abused, or exploited by nation states as part of military
operations. We believe such actions could bring about potentially unintended
and likely unacceptable consequences.
Our team developed a unique framework that evaluates various
actors in cyberspace, the objectives they are seeking to advance, the
corresponding actions that could to be taken, and finally the potential impacts
of such action. Using this risk based approach, we believe that the norms we
are putting forward today will be just as relevant tomorrow and for the years
to come. This is not a new position for Microsoft, as we’ve been advocating for
an international effort to develop cybersecurity norms for several years.
Underscoring the difficulty, as well as the importance of establishing
cybersecurity norms, Microsoft Corporate Vice President Scott Charney noted in
a blog post
last year, “Creating these norms will be as difficult as it sounds, but it is
still both necessary and, ultimately, unavoidable. Absent such an agreement,
unilateral and potentially unprincipled actions will lead to consequences that
will be unacceptable and regrettable.”
Our goal – albeit ambitious – is to prevent the emergence of
a world where cyber conflict undermines trust. The alternative is to realize
too late, among the wreckage, that something should have been done long ago.
Cybersecurity norms that limit potential conflict in cyberspace are likely to
bring greater predictability, stability and security to the international
community. The cybersecurity norms we propose can also serve as a compass for
governments, as they seek to codify their own laws and regulations for
government action in cyberspace. Although making meaningful progress will be a
challenge, especially as demographic, political, and economic shifts test
traditional models for collaboration, we are nevertheless optimistic that,
through dialogue, development, and general practice, certain cybersecurity
norms can evolve into customary international law over time. We believe that
the consequences of inaction are unacceptable.
=========================================
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
If you have not already done so, please view the trailer for my book below.
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
If you have not already done so, please view the trailer for my book below.
===============================================