WSIS Forum 2019: Open Space TalkX on Cybersecurity

March 23, 2020 WSIS TalkX Season 2019
WSIS Forum 2019: Open Space TalkX on Cybersecurity
WSIS Forum 2019: Open Space TalkX on Cybersecurity
Mar 23, 2020 Season 2019

spk_0:   0:05
Hi, everyone, and welcome to a new episode of rhesus talks. I'm Lila hasn't, and I'm leading today's podcast. Today we were going to be talking about cyber security and we are joined today by Dr Pavan Duggal, who is the chairman of the International Commission on Cybersecurity Law and heading the artificial intelligence laws. Huh? I'm also joined by Miss Maria Beachy, who is the Swiss cybersecurity community manager. Thank you both for joining us. Thank you very much. So cyber security A very trending topic at the moment. Could you each tell us a bit about your

spk_2:   0:34
work? Sure. So we founded this we Cyber Security Association in 2013 Scenes. Then we are meeting our community members regularly to exchange of our cybersecurity topics. This was a community off cyber security experts, consultants, all the people who are working day by day in the field. And after a couple of years, the need grew the requirements I higher and higher. And we decided to transform this easygoing, informal talks in events where we are providing knowledge share and we are providing our audience with, um, valuable content in the field. Now we see that not only between us as professionals is the need to share this kind off knowledge. This is a topic that interest everyone because it's spreading more and more the awareness and also the need off having all the people in four. So everybody who has a cell phone, everybody who is using a left off is already subject a cyber attack. For this reason, we extended our activities and we are heading cyber security awareness training for everybody. Thank

spk_0:   2:01
you, Dr Dugong.

spk_1:   2:03
Uh, I'm heading the International Commission on Cybersecurity Law as it's German, where we're looking at common legal principles toe govern the regulation of cybersecurity. Actually, different countries have begun religious leading on cyber security without understanding a holistic, harmonized approach. So we're helping to come up with common legal principles which could then inform the decision making off countries as they come up with their national cybersecurity policies and strategies. In addition, I'm and practicing attorney in the Supreme Court of India. I specialize in cyberlaw, cybersecurity and currently also heading the artificial intelligence law hub where we're looking at the cutting edge legal principles which must be now a world to deal with the challenges off artificial intelligence I have been extensively writing. I've written 100 and five books in 25 years or the various aspects off cyberspace and cyberlaw. I've been extensively involved with the boat at the international and national levels on radius and cyber legal initiators and approaches. I've been advising the government of India on various Sybil or initiatives. I have ah, being the Council for India's first cyber crime conviction. We're heading the Blockchain lawyer presenter. We're looking at blocked in religion legalities and of course, it's a constantly watering paradigm. So you're right. You speak, you listen, you learn.

spk_0:   3:35
Thank you. And can you tell us a bit about the challenges that you faced in ah, these areas and in your

spk_2:   3:40
work? Yeah, sure. So I think that the biggest challenge is that some of the people don't realize the real need of cyber security awareness. But we always say that better safe than story. So we are working on the preparation. We are giving classes in our office. We are doing new early also online courses so you can request on our web porta this kind off far trainings and what is very important to adopt the content so I saw a lot of cyber security awareness. Training's out there, but what is really missing is the rial 1 to 1 adoption, tow the institutions NGOs company's business model on. What do you do? What do you need, Fauria? In case you have journalists working, huh? From remote, for example, you have You are facing other challenges than if you have 10 architects working at the desk. And for this reason, I think that here we can help. And here we can at somebody.

spk_0:   4:54
And you mentioned that there isn't a really understanding of why cyber security awareness is important. Why do you think that is?

spk_2:   5:01
I think that Auntie is not happening is always hard to convince people that this is a challenge. And I consider that our mission is to don't arrive in this situation to prevent already. Now is not a matter off on if it's a matter of when, and sometimes we already see that cyber attacks secure the the martyr is already in your computer. You are not neither aware. And what we are teaching our, um, customers, our NGOs, our association is that you have to be aware that this could happen also to

spk_0:   5:43
you, Dr de Gaulle. Maybe you'd like to speak a bit about the challenges that you've encountered

spk_1:   5:48
well in cyberspace. The legal fame bergs are in a constant state of evolution. So one of the biggest challenges is that there is no one international cyber law in place. We do not have anyone International cyberlaw treaty. We do have the bottomless convention, but that's only limited to just cyber crime. Similarly, when one looks at cyber security when finds there's no one international law on cyber security, not even a common understanding off what should be the legal principle to governing cyber security? We're back at the races for um, 2015. I had motive the idea in the high level policy statements that the world today requires on international convention on Cyber law on cybersecurity. It's been a slow journey. Countries do not want to be regulated currently by any international legal framework, so countries are now began to start coming up with national and bilateral approaches. They come up with national laws to deal it cyber security, and they're coming up with bilateral arrangements and cooperation. But I think while it's light step in the right direction it will not ready. Suffice much because cybersecurity is a global paradigm, a global challenge and you cannot deal with global problems by just national or parochial. Regional approach is so That's one of the biggest challenges. Also, attribution is increasingly becoming a big challenge as today, cybercriminals have become very, very smart, and they are invariably now using large numbers of anonymous eyes ear's to wipe their electronic footprints further. With the advent of now artificial intelligence coming in and it being used for both cybersecurity breaches and also for cybercrime purposes, I think we're opening up a Pandora's box where newly emerging technologies are providing extremely for Thai atmospheres and conditions for their misuse for cybercrime, breeches and type of security incidents. When one looks at the global figures, one often shudders with fear because, as for one estimate, the global cost off cyber crimes should exceed $6 trillion were 2021 the global cost off cybersecurity breaches in 2019 alone should exceed $2 trillion. So in a scenario like this, what's currently required is that the world must start looking at small baby steps, common legal principles, which are generally accepted they could meet made the basis for a welding cybersecurity law. Otherwise, different countries are coming up with their own national laws and cybersecurity. And I'm finding the class city case off five blind men trying to discover an elephant or describe the elephant. Different approaches are going to lead the world and wilder world in two different directions. So the international cooperation is absolutely essential. Norms of behavior in cyberspace needs to be duly evolved and incorporated, and I think we have to come to one basic understanding. We may all be going by national interests, but Internet is the global heritage. We have a duty to protect go the Internet per se from the onset of new technologies and cyber crimes. Because if funds every history believed the artificial intelligence is poised to surpass human intelligence by 2062 the time is taking. A lot of these challenges have to be appropriately addressed, and I hope a concerted international effort in this direction starts bringing some positive, cogent results instead.

spk_0:   9:29
Yes, absolutely, and and And how do you see the whistles process may be contributing to these kind of goals of raising awareness and so on.

spk_2:   9:36
I think that is the name off our associations, a Swiss cyber security. We are very focused on the local organization on the local development, why this is giving us a brighter view and is giving us the opportunity to interact with international organization. So I'm very grateful to be here because during this week we already spoke with a lot off public sector representatives, governments, other NGOs, small companies and all these information exchange and potential collaboration. We ride for the next year's our activities and our it will contribute to our growth.

spk_1:   10:29
I believe the vicious process is a unique process. It actually provides a very fertile platform for not just exchange of ideas but also fosters cooperation, partnerships and new joint understandings and initiators. I have been part of the business process. It wasn't the Tunis Summit and even prior to that, but the rhesus process has no being Ah, put forward, I think is the world's best bet today in terms of coming up with common legal principles so that people can interact, cooperate, understand and try to come up with joint approaches on how to deal with the cyberspace challenges, please understand when Jonas happened, Samos face was different. Today in 2019 it's a different world altogether and in the next 10 years, the total number of for jobs existing. One thought off those jobs I yet to be born. So in a scenario where change is the only constant, I think what the vases process tends to provide tremendous stability towards discussions towards deliberations and ultimately would go a long way towards the fulfillment. Auf uns dgs. Because this kind of a fertile atmosphere, it is very germane to further development off modest initiatives but also off jurisprudence which can ultimately help. Cyberspace is a whole. Together we have a duty to protect and preserve cyberspace. We have a duty to try to protect our I wouldn't liberties and our privacy to the best extent possible. However, there's a need for the harmonized approach between the interests off the state and the breasts off individuals. Percy. It's platforms and processes like this is that tends to provide at good enablement for the thought processes for all stakeholders. The multi stakeholder approach has shown to beer positive concrete, fruit, and I think we're going to see this is to be an important contributor in the evolving cyberlaw and cybersecurity. Larger respondents. As time passes

spk_2:   12:39
by, I would like to add only one more thing. So I think that due to the fact that in this very accelerated lifestyle that we have, Wise is also offers you one full week Toby here to talk to the people to receive them the day after and to make slow networking is also an added value and is contributing to consolidate your relationship. Moreover, we re see some faces. So is also good that coming back a year by year, we can even have better relationship and we can concentrate our projects.

spk_0:   13:20
Yes, absolutely. It's a wonderful platform for discussion and fostering partnerships, and it's been great having you with us. I'm I just ask one last question. So you mentioned how you know what countries are creating laws on a national level and how there are no really international treaties on cybersecurity. And I think it was the special report on privacy. Who said in the Human Rights Council that it's not a it's not a question of whether we have a right to privacy, but it's a question of who can ensure that right, which is linked to where does this authority extend to? Because jurisdictions are a very important topic in this debate. Do you think international bodies should be doing more? I think

spk_1:   13:56
international organizations have a body positive and constructive role to play in the in this particular context. They are great and breaking the ice. They provide the right platform for the purposes off appropriate discussion and debate. But yes, we're living in very different and difficult times. We're living in an age where countries are increasingly expanding the scope of their cyber security. They're making the national laws applicable not just to the territorial boundaries but also to outer space and to deep sea bets. So when

spk_0:   14:33
you are as a country trying to come up

spk_1:   14:35
with the extra territorial laws, it's bound to create some conflict, some confusion at an appropriate time in this. In this regard, I believe international associations and organizations provide a great networking platform for countries to start exchanging ideas about their experiences. Their perspectives there are bound to be differences or debates which should happen, and that's healthy because the entire world cannot go in one particular direction. But it's

spk_0:   15:05
the kind

spk_1:   15:05
off, the very fertile ground that this is another processes and other international organisations provide that. I believe Suri contributes to pushing the envelope off Judas burdens with a period of time. Things don't happen overnight. But as they say, these organizations provide the platforms, which provides a very good exchange of ideas. And today's world No. One is alone. You can't have a silos approach. You will have to work with other state called us. You will need to understand that. Learn from what are the experiences of other nations, and as a nation you'll have to be nimble footed. You will have to constantly adapt yourself to newly emerging technologies and your new approaches. So this churning off technologies are going to bring across new leaders knew our nation's who actually shine in our train. Others, thanks to their thought leadership, the vision, I think, the example of how a small country like Estonia got hit by a massive cyber attack by 27 2000

spk_0:   16:07
seven. And in the next

spk_1:   16:09
12 years it's done a complete massive transformation and today has become a world leader. As for the cyber security is concerned are some of the cutting is developments in technology a taking place. So nations have to quickly realize that technology is a great leveller. And it's these international organizations that have providing the black phone for appropriate discussion off appropriate exchanges, off thought processes, procedures, practices and appropriate mechanisms and perspectives that need to be adopted on this constantly welding a technological paradise.

spk_0:   16:45
Thank you both. So much for joining us today. Thank you to all of our listeners. Make sure to check out the rest of the wasters talks Podcast.

spk_1:   16:51
Thank you. It's been a pleasure talking. Thanks.