At a glance.
- The UN Security Council considers cybersecurity.
- US legislation intends to encourage cyber literacy: industry comment.
The UN Security Council takes up cybersecurity.
Yesterday the UN Security Council convened a formal cybersecurity conversation for the first time, SecurityWeek reports. Estonia organized the virtual public meeting. One topic under consideration was cyber’s status as a “dual use domain,” where greater creativity is required to address threats than in traditional arms control discussions.
At the event, UN Undersecretary General for Disarmament Izumi Nakamitsu highlighted cyber operations’ low barriers to entry and the growing suspicion between countries, according to Federal News Network. Attribution challenges, she noted, increase the risks of escalation.
By 2022, Nakamitsu said, experts predict there will be over twenty-eight billion Internet-connected devices. “As advances in digital technologies continue to revolutionize human life, we must remain vigilant in our understanding of malicious use of such technologies that could imperil the security of future generations. Digital technologies are increasingly straining existing legal, humanitarian and ethical norms, non-proliferation, international stability, and peace and security,” she concluded.
US Ambassador Linda Thomas-Greenfield stressed the threat from Government and criminal operatives alike, the risks to critical infrastructure, and the prevalence of cross-border attacks. Nations must begin enforcing agreed-upon norms, she said, while defending digital freedom of expression and association.
Every country has a role to play, Estonia PM Kaja Kallas observed, as do industry actors, scholars, and private citizens. She expressed Estonia’s support for the applicability of international law to the cyber realm.
UK official Tariq Ahmad pointed to the complexity of determining how international laws play out in cyberspace and the difficulty of responding to violations. England “will use” its cyber capabilities for self-defense, he warned.
Russian Ambassador Vassily Nebenzia asked the assembled countries to “meaningfully” participate in the development of the new anti-cybercrime treaty, due out in 2023. (The EU and US, among others, had objected to the initiative.) He fretted that “some technologically advanced states” are “militariz[ing] information space by promoting the concept of `preventive military cyberstrikes’…against critical infrastructure,” in an effort to impose their will, contrary to the UN’s peacekeeping agenda.
More comment on pending US Federal cyber awareness legislation.
Jerome Becquart, COO of Axiad, thoroughly approves of efforts to increase cyber literacy:
“This cyber literacy campaign is absolutely needed. We’ve seen again and again that people are ultimately the greatest liability when it comes to cybersecurity – whether it’s human error or misunderstanding the importance of secure best practices. In the case of businesses, studies have shown that any form of employee security training reduces the impact of cyberattacks by over 70%. If businesses are making this a priority for their employees, then governments should also make it a priority for their citizens and see the same reduction in attacks.”