SlideShare una empresa de Scribd logo

An Internet of Governments

Robbie Mitchell
Robbie Mitchell

Presented by Klee Aiken and Maarten Van Horenbeeck at the 30th Annual FIRST Conference, in Kuala Lumpur, Malaysia. https://www.first.org/conference/2018/program#pan-internet-of-governments-how-policymakers-became-interested-in-cyber

Internet
1 de 41
Descargar para leer sin conexión
An Internet of Governments: How Policymakers Became Interested in “Cyber” Maarten Van Horenbeeck, FIRST Klée Aiken, APNIC
© 2018 FIRST.Org Inc. Crypto wars slide By Travis Goodspeed - MYK-78 Clipper Chip Lowres, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=26694407
© 2018 FIRST.Org Inc. Export controls Clipper chip Dual_EC_DRBG Apple iPhone encryption • Should the government be able to read private communications? • Do corporations have a duty to collect information? Crypto wars
© 2018 FIRST.Org Inc. FIRST: The Forum of Incident Response and Security Teams
© 2018 FIRST.Org Inc. • Global Coordination: In an emergency you can always find the teams you need to support you in our global community. • Global Language: Incident responders around the world speak the same language and understand eachother’s intents and methods. • Automation: Let machines do the boring stuff, so humans can focus on the hard stuff • Policy and Governance: Make sure others understand what we do, and enable us rather than limit us. Our vision
© 2018 FIRST.Org Inc. Capacity building
© 2018 FIRST.Org Inc. Providing external expertise
© 2018 FIRST.Org Inc. Training and education
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc. Source: Joseph S. Nye, Jr. – The Regime Complex for Managing Global Cyber Activities
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc. Incidents • Fastly sees a variety of events that could classify as an incident – Distributed Denial of Service attacks – Critical security vulnerabilities – Software bugs – Upstream network outages – Datacenter failures – Third Party service provider events – “Operator Error”
© 2018 FIRST.Org Inc. • Borders • Law • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc. Dyn DDoS Source: Level3 Dyn DDoS outage map
© 2018 FIRST.Org Inc. • Borders ? • Law • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
© 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
© 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
© 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” ? • States typically provide at least some services to their population States, revisited
© 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” ? • States typically provide at least some services to their population ? States, revisited
© 2018 FIRST.Org Inc. Source: Phrack – The Mentor, “Hacker’s Manifesto” In comes the internet
© 2018 FIRST.Org Inc. In comes the internet Source: Google Data – World Bank – Internet adoption rates
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc. • Different perspectives – National security – Social concerns – Economic impact • No universal legal framework • Lack of clear attribution • Lack of clear intent • Lack of trust between governments A history of issues
© 2018 FIRST.Org Inc. • Council of Europe • International treaty to harmonize national laws • Adopted in November of 2001, with 52 states ratified so far • Supports international law enforcement cooperation https://www.coe.int/en/web/cybercrime/-/andorra-ratified-the-budapest-co Budapest Convention
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc.
© 2018 FIRST.Org Inc. “Talinn Manual” • Born out of 2007 Estonia cyber attacks • Analysis of how existing law applies to cyberspace • Cyber events incur rights and obligations on behalf of countries • First edition covered important operations that involved states defending themselves, or stepping beyond regular international relations • Second edition adds legal analysis of more common incidents NATO
© 2018 FIRST.Org Inc. • “London Process” or Global Conference on Cyberspace • London: Set of principles for “governing behavior in cyberspace” • Budapest: emerging issues, internet rights and security • Seoul: increased representation from countries, “open and secure cyberspace” • The Hague: greater representation from non-state actors • New Delhi • Outcomes include “Chair’s statement” and year specific goals GCCS
© 2018 FIRST.Org Inc. • Export control for dual use goods • Includes intrusion and surveillance technologies • Consensus • Voluntary compliance Wassenaar
© 2018 FIRST.Org Inc. Intrusion Software Software specially designed or modified to avoid detection by ‘monitoring tools’, or to defeat ‘protective countermeasures’ of a computer or network capable device, and performing any of the following: a. The extraction of data or information, from a computer or network capable device, or the modification of data of a system or user; or b. The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions; or Wassenaar
© 2018 FIRST.Org Inc. • ASEAN: ASEAN Way, develop more predictable relationships • SCO: proposed international code of conduct under the UN – Focus on multilateral approach vs. multi-stakeholder – Highlights ”sovereignty” • Implications on technology provenance Regional processes
© 2018 FIRST.Org Inc. • Call for input from 2010 through 2016 – Countries can share their own projects and progress – Flag issues they have that require international collaboration • Government Group of Experts (UNGGE) • International Telecommunications Union – Build “confidence and security” – Global Cybersecurity Agenda • Internet Governance Forum • ITU United Nations
© 2018 FIRST.Org Inc. • Laws and treaties • Signers accept roles and responsibilities, ability to hold someone liable • Confidence Building Measures • Opportunities for states to interact, often on a voluntary basis • Enables growth of interaction and cooperation • Capacity Building • Norms of behavior • Developed in “norms melting pots” • Confirmed and enforced through behaviors between groups of actors • You distinguish norms through other’s reaction when they are violated What is being done?
© 2018 FIRST.Org Inc. ‘collective expectations about proper behavior for a given identity’ – Jepperson, Wendt, Katzenstein (1996) Image Source: (top) https://www.flickr.com/photos/jmsmith000/, https://www.flickr.com/photos/hardaker/, (bottom) http://apectel56.com/, https://www.flickr.com/photos/apnic, https://oasis-open.github.io/cti-documentation/ TLP:WHITE TLP:GREEN TLP:AMBER TLP:RED So what are norms anyways?
© 2018 FIRST.Org Inc. Who defines normal? ‘States should not conduct or knowingly support activity to harm the information systems of the authorized emergency response teams of another State' UNGGE ‘States and non-state actors should not conduct or knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.' Global Commission on the Stability of CyberSpace (GCSC) • Cyber Strategy • Indictments • Sanctions Unilateral, Bilateral, & Multilateral • US – China Cyber Agreement (2015) • US – South Korea Joint Statement (2015) • UK – China Cyber Agreement (2015) • G20 Leaders Communique (2015) • SCO Draft International Code of Conduct (2011)
© 2018 FIRST.Org Inc. ‘A global, open, stable, and secure Internet that serves the entire Asia-Pacific community’ – APNIC Vision Getting Engaged
© 2018 FIRST.Org Inc. Norms & the Tech Community
© 2018 FIRST.Org Inc. Policymaker education • Release of our ”Incident Response for Policymakers” course Contributions as technical experts • Participation in the IGF, GFCE, ICT4Peace community and GCCS • Outreach and awareness building • Work on topic-specific issues, such as GDPR and Whois • Assembling a group of policy-aware technical experts within the FIRST community. Join us! • Contributing expertise to IGF Best Practices Forum on Cybersecurity. Join us! What is FIRST doing?
© 2018 FIRST.Org Inc. Questions? maarten@first.org klee@apnic.net https://www.first.org

Recomendados

Internet Freedom and its Discontents
Internet Freedom and its DiscontentsInternet Freedom and its Discontents
Internet Freedom and its DiscontentsMsifry
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...blogzilla
 
Artificial intelligence governance in the Obama & Trump years
Artificial intelligence governance in the Obama & Trump yearsArtificial intelligence governance in the Obama & Trump years
Artificial intelligence governance in the Obama & Trump yearsAdam Thierer
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoTLAURA VIVET
 
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...APNIC
 
BGF-G7-Summit-Initiative-Official-1 Ise-Shima Norms
BGF-G7-Summit-Initiative-Official-1 Ise-Shima NormsBGF-G7-Summit-Initiative-Official-1 Ise-Shima Norms
BGF-G7-Summit-Initiative-Official-1 Ise-Shima NormsAllan Cytryn
 
Internetregulationjapan
InternetregulationjapanInternetregulationjapan
Internetregulationjapanrmackinnon
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 

Recomendados

Internet Freedom and its Discontents
Internet Freedom and its DiscontentsInternet Freedom and its Discontents
Internet Freedom and its DiscontentsMsifry
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...blogzilla
 
Artificial intelligence governance in the Obama & Trump years
Artificial intelligence governance in the Obama & Trump yearsArtificial intelligence governance in the Obama & Trump years
Artificial intelligence governance in the Obama & Trump yearsAdam Thierer
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoTLAURA VIVET
 
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...
2nd ICANN APAC-TWNIC Engagement Forum: Internet Governance: Trends and Opport...APNIC
 
BGF-G7-Summit-Initiative-Official-1 Ise-Shima Norms
BGF-G7-Summit-Initiative-Official-1 Ise-Shima NormsBGF-G7-Summit-Initiative-Official-1 Ise-Shima Norms
BGF-G7-Summit-Initiative-Official-1 Ise-Shima NormsAllan Cytryn
 
Internetregulationjapan
InternetregulationjapanInternetregulationjapan
Internetregulationjapanrmackinnon
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
Internet Freedom 2.1
Internet Freedom 2.1Internet Freedom 2.1
Internet Freedom 2.1Dhruva Jaishankar
 
COMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKCOMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKBoston Global Forum
 
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionOpen Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionAlvaro Lopez Ortega
 
e-G8 Summary
e-G8 Summarye-G8 Summary
e-G8 SummarySimeon Oriko
 
Internet Safety
Internet SafetyInternet Safety
Internet SafetyCharles Mok
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?Brian K. Dickard
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet CensorshipSean Mulholland
 
Internet Governance
Internet GovernanceInternet Governance
Internet GovernanceRIPE NCC
 
Cybersecurity and Internet Governance
Cybersecurity and Internet GovernanceCybersecurity and Internet Governance
Cybersecurity and Internet GovernanceKenny Huang Ph.D.
 
302 patriot
302 patriot302 patriot
302 patriotPaul Cesarini
 
"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionals"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionalsVadim Dryganov
 
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 SeptThe Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 SeptChris Marsden
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_ProvidersJon-Michael C. Brook, CISSP
 
Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020Chris Marsden
 
Internet Governance Backround
Internet Governance BackroundInternet Governance Backround
Internet Governance BackroundBrian Munyao Longwe
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Carolina Rossini
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCommonwealth Telecommunications Organisation
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?blogzilla
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Brian Rowe
 
Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyKenny Huang Ph.D.
 
Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityMaarten Van Horenbeeck
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingDavid Opderbeck
 

Más contenido relacionado

La actualidad más candente

Open Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionOpen Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionAlvaro Lopez Ortega
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?Brian K. Dickard
 
Internet Governance
Internet GovernanceInternet Governance
Internet GovernanceRIPE NCC
 
Cybersecurity and Internet Governance
Cybersecurity and Internet GovernanceCybersecurity and Internet Governance
Cybersecurity and Internet GovernanceKenny Huang Ph.D.
 
"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionals"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionalsVadim Dryganov
 
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 SeptThe Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 SeptChris Marsden
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_ProvidersJon-Michael C. Brook, CISSP
 
Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020Chris Marsden
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Carolina Rossini
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?blogzilla
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Brian Rowe
 
Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyKenny Huang Ph.D.
 

La actualidad más candente (20)

Internet Freedom 2.1
Internet Freedom 2.1Internet Freedom 2.1
Internet Freedom 2.1
 
COMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKCOMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORK
 
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionOpen Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective Encryption
 
e-G8 Summary
e-G8 Summarye-G8 Summary
e-G8 Summary
 
Internet Safety
Internet SafetyInternet Safety
Internet Safety
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet Censorship
 
Internet Governance
Internet GovernanceInternet Governance
Internet Governance
 
Cybersecurity and Internet Governance
Cybersecurity and Internet GovernanceCybersecurity and Internet Governance
Cybersecurity and Internet Governance
 
302 patriot
302 patriot302 patriot
302 patriot
 
"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionals"Digital.Report+" - expert magazine for ICT policy professionals
"Digital.Report+" - expert magazine for ICT policy professionals
 
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 SeptThe Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
The Valetta Effect: GDPR enforcement for Gikii Vienna 14 Sept
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
 
Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020Marsden regulating disinformation Brazil 2020
Marsden regulating disinformation Brazil 2020
 
Internet Governance Backround
Internet Governance BackroundInternet Governance Backround
Internet Governance Backround
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario Maniewicz
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550
 
Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital Diplomacy
 

Similar a An Internet of Governments

Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityMaarten Van Horenbeeck
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingDavid Opderbeck
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismCharles Mok
 
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdf
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdfWeek34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdf
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdfPhngLinhTrn33
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentationChande Kasita
 
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationDigital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationCharles Mok
 
International internet governance
International internet governanceInternational internet governance
International internet governanceJillian York
 
Dealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response PlanDealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response Planbenefitexpress
 
Cyber Insurance as Digital Strategy
Cyber Insurance as Digital StrategyCyber Insurance as Digital Strategy
Cyber Insurance as Digital StrategyRandeep Sudan
 
Marsden #Regulatingcode MIT
Marsden #Regulatingcode MITMarsden #Regulatingcode MIT
Marsden #Regulatingcode MITChris Marsden
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Benjamin Ang
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsResilient Systems
 
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...APNIC
 
The Internet and Global Governance Principles and Norms
The Internet and Global Governance Principles and Norms The Internet and Global Governance Principles and Norms
The Internet and Global Governance Principles and Norms MoseStaton39
 
AI and Robotics policy overview - Adam Thierer (Aug 2022)
AI and Robotics policy overview - Adam Thierer (Aug 2022)AI and Robotics policy overview - Adam Thierer (Aug 2022)
AI and Robotics policy overview - Adam Thierer (Aug 2022)Adam Thierer
 

Similar a An Internet of Governments (20)

Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurity
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit Meeting
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdf
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdfWeek34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdf
Week34_The Internet, Digital Media, and Media Convergence (Chapter2) (1).pdf
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
Sovereignty in Cyberspace
Sovereignty in CyberspaceSovereignty in Cyberspace
Sovereignty in Cyberspace
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentation
 
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationDigital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
 
International internet governance
International internet governanceInternational internet governance
International internet governance
 
Dealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response PlanDealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response Plan
 
Cyber Insurance as Digital Strategy
Cyber Insurance as Digital StrategyCyber Insurance as Digital Strategy
Cyber Insurance as Digital Strategy
 
6.bocconi rights
6.bocconi rights6.bocconi rights
6.bocconi rights
 
Marsden #Regulatingcode MIT
Marsden #Regulatingcode MITMarsden #Regulatingcode MIT
Marsden #Regulatingcode MIT
 
Cyberterrorism: The Security of Critical Infrastructure and Public Places in ...
Cyberterrorism: The Security of Critical Infrastructure and Public Places in ...Cyberterrorism: The Security of Critical Infrastructure and Public Places in ...
Cyberterrorism: The Security of Critical Infrastructure and Public Places in ...
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
 
The Internet and Global Governance Principles and Norms
The Internet and Global Governance Principles and Norms The Internet and Global Governance Principles and Norms
The Internet and Global Governance Principles and Norms
 
AI and Robotics policy overview - Adam Thierer (Aug 2022)
AI and Robotics policy overview - Adam Thierer (Aug 2022)AI and Robotics policy overview - Adam Thierer (Aug 2022)
AI and Robotics policy overview - Adam Thierer (Aug 2022)
 

Último

➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...nilamkumrai
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 

Último (20)

➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 

An Internet of Governments

  • 1. An Internet of Governments: How Policymakers Became Interested in “Cyber” Maarten Van Horenbeeck, FIRST Klée Aiken, APNIC
  • 2. © 2018 FIRST.Org Inc. Crypto wars slide By Travis Goodspeed - MYK-78 Clipper Chip Lowres, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=26694407
  • 3. © 2018 FIRST.Org Inc. Export controls Clipper chip Dual_EC_DRBG Apple iPhone encryption • Should the government be able to read private communications? • Do corporations have a duty to collect information? Crypto wars
  • 4. © 2018 FIRST.Org Inc. FIRST: The Forum of Incident Response and Security Teams
  • 5. © 2018 FIRST.Org Inc. • Global Coordination: In an emergency you can always find the teams you need to support you in our global community. • Global Language: Incident responders around the world speak the same language and understand eachother’s intents and methods. • Automation: Let machines do the boring stuff, so humans can focus on the hard stuff • Policy and Governance: Make sure others understand what we do, and enable us rather than limit us. Our vision
  • 6. © 2018 FIRST.Org Inc. Capacity building
  • 7. © 2018 FIRST.Org Inc. Providing external expertise
  • 8. © 2018 FIRST.Org Inc. Training and education
  • 10. © 2018 FIRST.Org Inc. Source: Joseph S. Nye, Jr. – The Regime Complex for Managing Global Cyber Activities
  • 12. © 2018 FIRST.Org Inc. Incidents • Fastly sees a variety of events that could classify as an incident – Distributed Denial of Service attacks – Critical security vulnerabilities – Software bugs – Upstream network outages – Datacenter failures – Third Party service provider events – “Operator Error”
  • 13. © 2018 FIRST.Org Inc. • Borders • Law • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States
  • 16. © 2018 FIRST.Org Inc. Dyn DDoS Source: Level3 Dyn DDoS outage map
  • 17. © 2018 FIRST.Org Inc. • Borders ? • Law • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
  • 18. © 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
  • 19. © 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” • States typically provide at least some services to their population States, revisited
  • 20. © 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” ? • States typically provide at least some services to their population States, revisited
  • 21. © 2018 FIRST.Org Inc. • Borders ? • Law ? • Ability to engage with other states ? • Max Weber’s “Monopoly on violence” ? • States typically provide at least some services to their population ? States, revisited
  • 22. © 2018 FIRST.Org Inc. Source: Phrack – The Mentor, “Hacker’s Manifesto” In comes the internet
  • 23. © 2018 FIRST.Org Inc. In comes the internet Source: Google Data – World Bank – Internet adoption rates
  • 25. © 2018 FIRST.Org Inc. • Different perspectives – National security – Social concerns – Economic impact • No universal legal framework • Lack of clear attribution • Lack of clear intent • Lack of trust between governments A history of issues
  • 26. © 2018 FIRST.Org Inc. • Council of Europe • International treaty to harmonize national laws • Adopted in November of 2001, with 52 states ratified so far • Supports international law enforcement cooperation https://www.coe.int/en/web/cybercrime/-/andorra-ratified-the-budapest-co Budapest Convention
  • 29. © 2018 FIRST.Org Inc. “Talinn Manual” • Born out of 2007 Estonia cyber attacks • Analysis of how existing law applies to cyberspace • Cyber events incur rights and obligations on behalf of countries • First edition covered important operations that involved states defending themselves, or stepping beyond regular international relations • Second edition adds legal analysis of more common incidents NATO
  • 30. © 2018 FIRST.Org Inc. • “London Process” or Global Conference on Cyberspace • London: Set of principles for “governing behavior in cyberspace” • Budapest: emerging issues, internet rights and security • Seoul: increased representation from countries, “open and secure cyberspace” • The Hague: greater representation from non-state actors • New Delhi • Outcomes include “Chair’s statement” and year specific goals GCCS
  • 31. © 2018 FIRST.Org Inc. • Export control for dual use goods • Includes intrusion and surveillance technologies • Consensus • Voluntary compliance Wassenaar
  • 32. © 2018 FIRST.Org Inc. Intrusion Software Software specially designed or modified to avoid detection by ‘monitoring tools’, or to defeat ‘protective countermeasures’ of a computer or network capable device, and performing any of the following: a. The extraction of data or information, from a computer or network capable device, or the modification of data of a system or user; or b. The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions; or Wassenaar
  • 33. © 2018 FIRST.Org Inc. • ASEAN: ASEAN Way, develop more predictable relationships • SCO: proposed international code of conduct under the UN – Focus on multilateral approach vs. multi-stakeholder – Highlights ”sovereignty” • Implications on technology provenance Regional processes
  • 34. © 2018 FIRST.Org Inc. • Call for input from 2010 through 2016 – Countries can share their own projects and progress – Flag issues they have that require international collaboration • Government Group of Experts (UNGGE) • International Telecommunications Union – Build “confidence and security” – Global Cybersecurity Agenda • Internet Governance Forum • ITU United Nations
  • 35. © 2018 FIRST.Org Inc. • Laws and treaties • Signers accept roles and responsibilities, ability to hold someone liable • Confidence Building Measures • Opportunities for states to interact, often on a voluntary basis • Enables growth of interaction and cooperation • Capacity Building • Norms of behavior • Developed in “norms melting pots” • Confirmed and enforced through behaviors between groups of actors • You distinguish norms through other’s reaction when they are violated What is being done?
  • 36. © 2018 FIRST.Org Inc. ‘collective expectations about proper behavior for a given identity’ – Jepperson, Wendt, Katzenstein (1996) Image Source: (top) https://www.flickr.com/photos/jmsmith000/, https://www.flickr.com/photos/hardaker/, (bottom) http://apectel56.com/, https://www.flickr.com/photos/apnic, https://oasis-open.github.io/cti-documentation/ TLP:WHITE TLP:GREEN TLP:AMBER TLP:RED So what are norms anyways?
  • 37. © 2018 FIRST.Org Inc. Who defines normal? ‘States should not conduct or knowingly support activity to harm the information systems of the authorized emergency response teams of another State' UNGGE ‘States and non-state actors should not conduct or knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.' Global Commission on the Stability of CyberSpace (GCSC) • Cyber Strategy • Indictments • Sanctions Unilateral, Bilateral, & Multilateral • US – China Cyber Agreement (2015) • US – South Korea Joint Statement (2015) • UK – China Cyber Agreement (2015) • G20 Leaders Communique (2015) • SCO Draft International Code of Conduct (2011)
  • 38. © 2018 FIRST.Org Inc. ‘A global, open, stable, and secure Internet that serves the entire Asia-Pacific community’ – APNIC Vision Getting Engaged
  • 39. © 2018 FIRST.Org Inc. Norms & the Tech Community
  • 40. © 2018 FIRST.Org Inc. Policymaker education • Release of our ”Incident Response for Policymakers” course Contributions as technical experts • Participation in the IGF, GFCE, ICT4Peace community and GCCS • Outreach and awareness building • Work on topic-specific issues, such as GDPR and Whois • Assembling a group of policy-aware technical experts within the FIRST community. Join us! • Contributing expertise to IGF Best Practices Forum on Cybersecurity. Join us! What is FIRST doing?
  • 41. © 2018 FIRST.Org Inc. Questions? maarten@first.org klee@apnic.net https://www.first.org