Panel: Working together to protect cyberspace

Our October 14th livestream discussion, "Digital Peace: Trust and Security in Cyberspace," presented by GZERO Media — in partnership with Microsoft and Eurasia Group - focused on the need for a global framework to govern cyberspace.

The panel was moderated by Meredith Sumpter, CEO of the Coalition for Inclusive Capitalism, and included:

• Marietje Schaake, International Policy Director, Cyber Policy Center, Stanford University
• Marina Kaljurand, Member, European Parliament; Former Chair, Global Commission on the Stability of Cyberspace; Former Minister of Foreign Affairs of Estonia
• Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft
• Dapo Akande, Professor of Public International Law, University of Oxford

A major theme that emerged from the discussion is how the healthcare sector has become more vulnerable to cyberattacks due to the pandemic. But this sector also poses a major opportunity for governments and other actors to work together on protecting the world from such attacks — with huge resources already being mobilized to do so.

Burt underscored how the rapid digital transformation spurred by COVID-19 has made online activity an even bigger target for cybercriminals, with health systems and vaccine research as the top objectives for hackers. Microsoft alone, he pointed out, has blocked over 1 billion phishing emails since the pandemic began.

Although the EU, US, Russia, and China still don't see eye to eye on which laws should apply, and even on core values, the panelists agreed that at a minimum coordination on greater transparency and predictability is a step forward towards wider cooperation in the future.

For Akande, the main issue in moving towards a digital Geneva Convention to govern the rules of cyber conflict is determining how international law applies in cyberspace. Both the UN Charter and international human rights laws should be useful tools, but the problem (as always) is enforcement.

Kaljurand — who shared how her native Estonia responded to a Russian cyber attack in 2007 — explained that international cooperation is crucial to prevent a type of war that has no borders. The lesson for the EU from the pandemic, she said, is that EU member states have a lot more to gain from standing together for common interests like cybercrime instead of building borders between each other.

Finally, since cyberspace is mostly developed, owned, and operated by the private sector, the experts debated whether private firms should take on more responsibility on governance. That doesn't mean that governments will not be ultimately responsible, but such a complex problem will require more inputs from business and civil society.

Kaljurand said that even if the private sector is closely involved, governments should have the ultimate responsibility. For Schaake, public-private cooperation in this sphere can only work if there's clarity about the role each side will play to ensure transparency around communication, responsibility and accountability.

Beyond governments and tech firms, Burt suggested employers and citizens as other key players, putting the example of how Microsoft data shows that 99% of all cyber attacks can be stopped by enabling multi-factor authentication across all accounts by users.

This event was the last in a four-part livestream panel series about key issues facing the 75th United General Assembly.