Estonia’s former foreign secretary, Marina Kaljurand, has urged governments around the world to take action and collaborate with the private sector to bolster international cyber-security.
Ministries must “turn from public private partnership slogans to real partnerships” on the issue, Kaljurand told an audience during her keynote at the Black Hat Europe conference in London recently.
In a broad-reach talk, the chair of the Global Commission on the Stability of Cyberspace, touched upon international relationships, diplomacy, governmental legislation, and the obligation on the shoulders of the global business community to add its weight to online cyber-security policy.
Kaljurand highlighted the need of nations to become team players when it comes to combatting malicious web-based activity, stating:
“Cyber is so wide that states alone cannot be sufficient in providing security. It is a space where the private sector owns nearly all digital and physical assets and has the best experts.”
“It’s the sphere where civil society can produce norms, recommendations for responsible state behaviour, it is a space where civil society is also the watchdog of civil rights.”
A former member of Estonia’s social democrat party, Kaljurand described how Estonia was a pioneer in the implementation of e-government, e-police and e-taxation; while Russia’s attacks on her home country in 2007 had been “humiliating and disturbing”, the audience heard, they had allowed the Baltic nation’s cyber resilience to be put to the test.
“More than 10 years have passed and many things have changed and improved, but some things are as important today as in 2007. What did we learn? The importance of decision making, and having cybersecurity high on the political agenda,” she continued.
“I would argue that states and governments have a unique role in ensuring cybersecurity. But for the first time in the history of my planet, states alone cannot be sufficient. It is very different from what we’re used to seeing today with weapons of mass destruction, nuclear weapons and so on.”
Kaljurand held up two changes of note in 2018: continued state attribution and the rise of offensive potential. Firstly, “too little” had been done “too late” by nation states, she stated. Secondly, “the attribution of the NotPetya cyber-attack to Russia by the UK was “a breakthrough,” thanks to other nations, but not western Europe, lending support.
Regarding offensive capabilities, Kaljurand acknowledged that Australia was the first to confirm capacity in 2016, before NATO began using cyber-weaponry with the same approach a year later.
“It is a good thing that conversations take place, as whatever countermeasures taken, they have to be in correspondence with international law. It raises many questions including private hack backs, but better to have it than have it behind closed doors,” she said.
Kaljurand finished her keynote by re-emphasising the need for nations to develop productive, collaborative partnerships, and for “cyber-giants to take responsibility and operate.”
“We have the ability to contribute to the discussion more than ever before, so the initiative starts at the bottom. Take it seriously and support each other and governments will listen to us more,” she said.
The inaugural Data Protection World Forum (DPWF) was held on November 20th & 21st 2018 at the ExCeL London and welcomed over 3,000 delegates seeking the very latest insight on data protection and privacy.
Pre-registration for DPWF 2019 will be opening in the coming weeks.