Is a radical reframing of cybersecurity the way to beat cyberwarfare?
Is a radical reframing of security the way to beat cyberwarfare? The rise of cyberwarfare has changed the rules of engagement in conflicts between countries, and putting a global framework in place to establish the red lines is easier said than done, the Financial Times says. There have been multiple efforts to do this, including the non-binding 2013 Tallinn Manual, and the Paris Call for Trust and Security in Cyberspace, which was signed last year by 67 countries and some private companies. But some feel that a more radical approach is needed, including a multilateral agreement on a reciprocal declaration of flaws discovered in one another’s systems, rather than looking for ways to exploit them — a sort of nuclear non-proliferation treaty for the cyber world. This would, however, mean a complete overhaul of our approach to cybersecurity, which we’re still a long way away from.
What makes it so difficult to reach a consensus? In essence, states have widely divergent views on cybersecurity. While the US and UK have historically seen cyberwarfare as governed by the principles of international law, Russia and its close allies regard it as being radically different from offline conflict. These states “tend to see cyber measures as part of a broader information war,” says one specialist, who works at a UK think-tank.