A Digital Geneva Convention? The Role of the Private Sector in Cybersecurity

Author

Raquel Vázquez Llorente

eyeWitness

This Strategic Update explores what role the private sector should play in the global policy response, with companies on the 'front line' of the cyber threat often being more proactive than states.

Read the online edition:

Download the pdf:

The Role of the Private Sector in Cybersecurity

About the Author

Raquel Vázquez Llorente is a Senior Legal Advisor at eyeWitness, an organisation that works at the intersection of technology, law and public policy. In 2016 and 2017, she was featured in the Forbes '30 under 30' list for her contribution to the field of Law and Policy.

She has also been nominated to the Choiseul 100 leaders of tomorrow. Raquel holds a degree in Law and Business Administration from Universidad Carlos III de Madrid and an MSc in International Strategy and Diplomacy from the 杏吧论坛.

[1] Segal, A., 2016 (Ch. 2). The hacked world order: how nations fight, trade, maneuver, and manipulate in the digital age. [Kindle DX e-book]. New York: PublicAffairs.

[2] Kaplan, F., 2016. Dark territory: the secret history of cyber war. [Kindle DX e-book]. Simon and Schuster.

[3] Symantec. 2017. . June 2017, Volume 22. [Online] [Accessed: 07 May 2018].

[4] Privacy International. 2016. . July 2016. [Online] [Accessed: 07 May 2018].

[5] The most interesting works are: Fidler, M. 2015. “Regulating the Zero-Day Vulnerability Trade: A Preliminary Analysis”. ISJLP, Vol. 11, 405; Finklea, K 2017. “Law enforcement using and disclosing technology vulnerabilities”. Congressional Research Service. 26 April 2017; or Herr, T. 2017. Countering the proliferation of malware. Targeting the vulnerability life cycle. Harvard Kennedy School Belfer Center for Science and International Affairs. Paper, June 2017.

[6] Frei, S., 2013. The known unknowns: Empirical analysis of publicly unknown vulnerabilities. NSS Labs Inc., Austin.

[7] Perlroth, N. and Sanger, D.E., 2013. Nations buying as hackers sell flaws in computer code. New York Times, 13 July 2013.

[8] Denning, D. and Strawser, B.J., 2014. “Moral cyber weapons”. In: Floridi, L. Taddeo, M. (eds.) The Ethics of information warfare, pp. 85–103. Springer International Publishing.

[9] Daniel, M. 2014. . The White House, President Barack Obama, 28 April 2014. [Online] [Accessed: 07 May 2018].

[10] Healey, J. 2016. . Columbia SIPA [Online] [Accessed: 07 May 2018].

[11] Breene, K. 2016. World Economic Forum, 4 May 2016. [Online] [Accessed: 07 May 2018].

[12] Chase, M.S. and Chan, A., 2016. China’s evolving approach to “integrated strategic deterrence”. Rand Corporation.

[13] Giles, K., 2011. “Information Troops” A Russian Cyber Command?. CCDCOE Publications; also, Hulcoop, A., Scott-Railton, J., Tanchak, P., Brooks, M. and Deibert, R. 2017. . The Citizen Lab, 25 May 2017. [Online] [Accessed: 07 May 2018].

[14] NATO. 2016. . Press release, para. 70, 9 July 2016. [Online] [Accessed: 07 May 2018].

[15] DoD, US Department of Defense. 2011. . July 2011. [Online] [Accessed: 07 May 2018].

[16] BCI, Business Continuity Institute. 2017. Horizon Scan. February 2017.

[17] Chambers cited in PwC. 2017. . January 2017. [Online] [Accessed: 07 May 2018].

[18] CSIS, Center for Strategic and International Studies. 2014. . June 2014. [Online] [Accessed: 07 May 2018]

[19] Moar, J. 2015. . Juniper Research, 12 May 2015 [Online] [Accessed: 07 May 2018].

[20] Ross, A. 2016. . Wired, 25 April 2016. [Online] [Accessed: 07 May 2018].

[21] Statista. 2017. . [Online] [Accessed: 07 May 2018].

[22] PwC 2017.

[23] Stevens, T., 2017. “Cyberweapons: An emerging global governance architecture”. Palgrave Communications, Vol. 3.

[24] Grigsby, A. 2016. . Council on Foreign Relations, 31 March 2016. [Online] [Accessed: 01 May 2018].

[25] OSCE. 2013. . 975th Plenary meeting, 3 December 2013. [Online] [Accessed: 07 May 2018]. And OSCE. 2016. . 1092nd Plenary meeting, 10 March 2016. [Online] [Accessed: 07 May 2018].

[27] Rattray, G. and Healey, J. 2010 (p.79). “Categorizing and understanding offensive cyber capabilities and their use”. In: Dam, K. W. and Owens, W. A. (eds.), Proceedings of a Workshop on Deterring Cyberattacks, pp. 77–97. Washington, DC: The National Academies Press.

[27] Gates, B. 2002. . Wired, 17 January 2002. [Online] [Accessed: 07 May 2018].

[28] Charney, S. 2012 (p.8). Written Testimony of Scott Charney Corporate Vice President, Trustworthy Computing, Microsoft Corporation. Senate Committee on Homeland Security and Governmental Affairs, Hearing on “Securing America’s Future: The Cyber-Security Act of 2012”. 16 February 2012.

[29] McKay, A. 2016. . Microsoft Cybersecurity Blog Hub, 5 October 2016. [Online]. Also, Nicholas, P. 2017. . Microsoft Secure Blog, 7 June 2017. [Online] [Both accessed: 07 May 2018].

[30] Smith, B. 2017 (p.9). . Transcript of Keynote Address at the RSA Conference 2017. San Francisco, California, 14 February 2017 [Online] [Accessed: 07 May 2018].

[31]Ibid, p.15.

[32] Smith, B. 2017. . Microsoft Cybersecurity Blog Hub, 14 February 2017. [Online]; Smith, B. 2017. . Microsoft Cybersecurity Blog Hub, 13 April 2017. [Online]; Smith, B. 2017. . Microsoft On the Issues, 14 May 2017. [Online]; and Smith, B. 2017. . Microsoft On the Issues, 10 November 2017. [Online] [All accessed: 07 May 2018].

[33] Weber, .R. 2017. . Inside Cybersecurity, 25 April 2017. [Online] [Accessed: 07 May 2018].

[34] NATO CCDCOE. 2017. . 18 July 2017. [Online] [Accessed: 07 May 2018].

[35] Notably, Eugene Kaspersky and Julian Assange. Kaspersky, E. 2017. . Forbes, 15 February 2017. [Online]; Assange, J. 2017. . Twitter, 9 March 2017. [Online] [Both Accessed: 07 May 2018].

[36] Nicholas, P. 2017. . Microsoft Secure Blog, 29 March 2017. [Online] [Accessed: 07 May 2018].

[37] Levy, D. and Kaplan, R., 2008 (p.433). “CSR and theories of global governance: strategic contestation in global issue arenas”. In: Crane, A., Matten, D., McWilliams, A., Moon, J. and Siegel, D.S. 2008. The Oxford handbook of Corporate Social Responsibility, pp.432–451.

杏吧论坛