NEWPORT, R.I.—Pell Center Senior Fellow Francesca Spidalieri recently traveled to Europe for the Global Conference on CyberSpace and to meet with world-renowned cybersecurity subject-matter experts and policy-makers discussing the future of Internet governance and security. Spidalieri shares her account of her trip:
Armed with information, experience, and lessons-learned from my research work in the United States, I embarked on a quest to Europe to shed light on some of the most pressing topics at the intersection of cybersecurity and international affairs.
I first visited Geneva, Switzerland, for a series of meeting during which I had the opportunity to present some of my most recent work on countries’ cyber readiness—the Cyber Readiness Index assesses countries’ maturity and commitment to securing their cyber infrastructure—and explored possible collaborations with similar projects at the International Telecommunication Union (ITU) and the United Nations Institute for Disarmament Research (UNIDIR). The ITU created a Global Cybersecurity Index, which ranks the
cybersecurity capabilities of nation states, and the UNIDIR developed a Cyber Stability Policy Tool, which aims to support policy-makers and diplomats to frame discussions and make better-informed decisions related to cyber risks and threats. The leaders of the two projects, Luc Dandurand, Head of the ICT Applications and Cybersecurity Division at the ITU, and Ben Walker, UNIDIR Emergency Security Threats Program Lead, welcomed the possibility to collaborate on data-sharing and highlighted the many benefits of cross-intersection among the indices. The three indices, in fact, share the overall goals of better informing decision-makers working at the national, regional, and international levels about the complexity of the cyber arena; promoting
government cybersecurity policies, strategies, and initiatives; and providing frameworks to evaluate countries’ progress towards cyber security or stability.
During my Swiss visit, I also met and discussed some of my work carried out under the Pell Center’s Cyber Leadership Project with Gustav Lindstrom, Head of the Emerging Security Challenges Programme at the Geneva Centre for Security Policy (GCSP)—an international foundation that promotes peace, security and stability through executive education, research, and dialogue. Both the Pell Center and GCSP, in fact, have initiatives aimed at providing cyber leadership development and training for private sector representatives as well as government officials on the security and legal implications of emerging technologies.
After Switzerland, I traveled to The Hague to participate in the Global Conference on CyberSpace (GCCS), hosted by the Dutch government. This was the forth iteration of the International Cyberspace Conference process, often called the “London Process” because it started in London in 2011, aimed at promoting practical cooperation across a broad suite of cyber issues, from security to economic development. This multi-stakeholder process aims to build a focused dialogue on principles for governing behaviors in cyberspace and ensure that the Internet remains free, open, and secure. The key objectives of the conference this year were to:
- Support practical cooperation in cyberspace;
- Promote capacity-building and knowledge exchange in cyberspace; and
- Discuss norms for responsible state behavior in cyberspace.
The conference drew high-level participation from Ministers and leaders from international organizations, businesses, universities, and civil society, and the quality of conversation and ideas was impressive. This highly-anticipated event was preceded by the International ONE Conference—dedicated to cybersecurity professionals and (intern) national CERT community—and additional side events, including a panel discussion on International Cyber Norms and Global Swing States at the Hague Institute for Global Justice, a lunch debate on Advanced Persistent Security sponsored by Microsoft, Shell and KMPG, and the launch of the Asia-Pacific Insights Report. The GCCS and ONE conferences brought together over 1500 participants from a hundred countries and representing perspectives from all over the world to discuss how an open, interoperable, secure, and reliable cyberspace supports international trade and commerce, strengthens international security, and fosters free expression and innovation.
The Netherlands emerged as one of the top world leaders in the area of cybersecurity by organizing and hosting both events back-to-back in the same venue with the overall goal of “creating a bridge between all the actors involved in the global ICT-community” and “building international coalitions necessary to effectively create a secure, free, and profitable digital domain.”
The GCCS conference’s main outcome was the launch of a Global Forum on Cyber Expertise (GFCE), designed to provide a dedicated and informal platform for policymakers, practitioners, and experts from different countries and regions. The goal is to share experiences, identify gaps in global cyber capacity, complement existing efforts in capacity building, make available technical expertise as well as new funding to strengthen cybersecurity, help fight cybercrime, better protect data, and support e-governance. Membership of the GFCE is open to all countries, intergovernmental organizations and private companies who subscribe to the Hague Declaration on the GFCE. So far there are a total of 42 subscriptions, with the United States as a founding member.
After my whirlwind tour of Europe, I returned in time to attend the RSA Conference in San Francisco—the biggest cybersecurity conference in the world—which this year broke attendance records with over 33,000 participants. This renowned conference, usually focused mostly on security tools and technologies, highlighted information-sharing between companies and the role of chief security officers (CSOs) as key conversation points. This year, however, it also dedicated an entire space of the three huge conference buildings to a “Cyber Safety Village-Kids Initiative,” that offered innovative programs and ideas designed to help children make smarter and safer decisions online, and to teach them how to protect themselves from various dangers on the Internet—including cyber-bullying, online predators, and identity theft. In addition, a powerful keynote panel on how to protect children from online predators left many of the participants shaken and almost in tears—not what you would expect at a technology event. After Alicia Kozakiewicz shared, in amazing detail, her nightmarish abduction by an Internet predator and her difficult rescue, the panel discussed additional challenges and offer solutions designed to ensure the safety of children online and offline.
In sum—what a wonderful journey! Even though it is clear that much has already been achieved to increase security and establish some norms of conduct in cyberspace, my travels to Europe and San Francisco only confirmed that there’s still much more to be done in the years ahead.
I’m looking forward to it.