How Can Technological Solutions Advance Cybersecurity?
Session reports
Event report
The moderator, Dr Jovan Kurbalija, Founding Director of DiploFoundation and Head of the Geneva Internet Platform), highlighted the dichotomy between technological and policy fields in the cybersecurity domain. He then moved on to present the speakers.
Prof. Kavé Salamantian, Computer Science Department, University of Savoie and Senior Researcher, Castex Chair of CyberSecurity, IHEDN Paris, spoke about the semantic difference between cyber-strategy and cybersecurity. When people refer to cybersecurity, they are talking about stability and the status quo through maintenance of existing systems. As security is a more exclusive process, he prefers to use the term cyber-strategy, which, in technological terms, seeks to create measures rather than implement them. Professor Salamantian then pointed out the need to reduce the arrogance and lack of respect between the technical and policy fields of cybersecurity. He recommended this be done by increasing multi-disciplinary and other interactions between the fields, while increasing each other’s knowledge about the other’s field.
Prof. Solange Ghernaouti, University of Lausanne, and Director, Swiss Cybersecurity Advisory and Research Group, stressed the importance of multidisciplinary research and teaching. She said that it is important to incorporate social, economic, and wider policy issues related to the technological aspects and vice-versa. Professor Ghernaouti finished by pointing out that the existing problems in funding and organisations should be addressed while also looking at the importance of cybersecurity in the humanitarian field.
Mr Laurent Ferrali, Director, Government and IGO Engagement, Geneva Office, Internet Corporation of Assigned Names and Numbers (ICANN), stated that ICANN seeks to address the issue of silos by translating business and technological language to governments and vice versa. He emphasised that there is a need for better understanding of the big picture in cybersecurity but that, even with better understanding and threat assessment, the individual and technological issues form the weakest links in the cybersecurity chain. As such there needs to be greater awareness and education about wider cyber hygiene, as we will not have full technological solutions until there is an increase in education. He finished by describing how ICANN needs to be developed to increase coordination, and to bridge the gaps between stakeholders.
Prof. Adrian Perrig, Computer Science Department, ETH Zurich, stated that sovereignty remains the central question in terms of ownership of computational technology. He said that private companies have far-reaching powers to change the rules of the Internet. Governments, however, with increasing cyber-offensive capabilities, have ‘indirect kill-switches’. To address these issues, there need to be technological changes as the current encryption used actually enables the existence of kill-switches. Perrig argued that non-technical issues might not in fact be the weakest link because there are technological measures that enable the placing of humans into the centre of coordinated decision-making in a safer ‘neighbourhood’ or environment.
In the lively discussion, the debate ranged from issues of cyber citizenship to blockchain. Salamantian emphasised the need to re-frame the issues around the interactions and connections between the real and the digital worlds. He also pointed out that we need to have kill-switches in case something goes wrong, with which Perrig agreed while advocating the need for transparency and accountability in their governance. He also pointed out that blockchain is not currently a solution to governance because of issues in the logic of majority. Salamantian and Ghernaouti concluded that there remains a need for further governance and regulatory measures as governments increasingly seek to assert control over the Internet.
The moderator then ended the debate after thanking the audience and panellists.