Last week at RSA, more than 30 global companies came together to sign the Cybersecurity Tech Accord “to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.” It is an example of collaboration, which demonstrates the commitment and focus of the signatory companies to take action in order to tackle the significant security threats we are currently facing. It is this type of collective action we have promoted as part of our collaborative security
The Tech Accord is a positive step by large corporations across the globe involved in security to come together in the name of collaboration and make security commitments that resonate with the demands of Internet users everywhere. Per the Accord’s website, there are four main tenets of the Tech Accord:
- Stronger defense
The companies will mount a stronger defense against cyberattacks. As part of this, recognizing that everyone deserves protection, the companies pledged to protect all customers globally regardless of the motivation for attacks online.
- No offense
The companies will not help governments launch cyberattacks against innocent citizens and enterprises, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.
- Capacity building
The companies will do more to empower developers and the people and businesses that use their technology, helping them improve their capacity for protecting themselves. This may include joint work on new security practices and new features the companies can deploy in their individual products and services.
- Collective action
The companies will build on existing relationships and together establish new formal and informal partnerships with industry, civil society and security researchers to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimize the potential for malicious code to be introduced into cyberspace.
We support these principles!
This is all movement in the right direction: Norms and principles are being developed to tackle the issues that cause diminishing trust in the Internet. Many of them fall in line with our own Key Issues of 2018 in the Internet of Things, Routing Security, and Internet Governance. This collaborative security approach has already manifested itself in multiple ways:
- The MANRS initiative, to bring together network operators and IXPs to provide crucial fixes to reduce the most common routing threats that can lead to things like DoS attacks and traffic inspection.
- The to establish internationally agreed ‘rules of the road’ for behavior in cyberspace, and create a more focused and inclusive dialogue between all those with a stake in the Internet (governments, civil society and industry) on how to implement them.
- The GFCE, a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building
- The call to protect the public core of the Internet comes from this diverse set of experts and stakeholders.
- The Canadian IoT Security Project, to create a set of norms and/or policies to secure IoT in Canada.
- The Internet Infrastructure Security Guidelines for Africa, to emphasize the importance of a collaborative security approach.
- And so many more, as outlined on our Collaborative Security pages.
We believe more entities should adhere to the principles laid out in the Cybersecurity Tech Accord. However, in moving forward it becomes crucial that these principles are implemented in actions. Creating momentum involves engagement with more actors and key players who have a vested interest in expanding and implementing those principles and working across the globe, across industries, and across communities to make real change. In order for this to happen though, it is paramount that the process becomes more transparent and multistakeholder to ensure as many organizations as possible are engaged.
Take these principles with you, incorporate them into your organizational cyber defense strategy and let’s all strive for better security together.
Learn more about Collaborative Security and how you can contribute to a trusted Internet.