The Cybersecurity Tech Accord Fits Squarely in the Collaborative Security Approach Thumbnail
Building Trust 26 April 2018

The Cybersecurity Tech Accord Fits Squarely in the Collaborative Security Approach

By Olaf KolkmanPrincipal - Internet Technology, Policy, and Advocacy

Last week at RSA, more than 30 global companies came together to sign the Cybersecurity Tech Accord “to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.”  It is an example of collaboration, which demonstrates the commitment and focus of the signatory companies to take action in order to tackle the significant security threats we are currently facing. It is this type of collective action we have promoted as part of our collaborative security

The Tech Accord is a positive step by large corporations across the globe involved in security to come together in the name of collaboration and make security commitments that resonate with the demands of Internet users everywhere. Per the Accord’s website, there are four main tenets of the Tech Accord:

  • Stronger defense
    The companies will mount a stronger defense against cyberattacks. As part of this, recognizing that everyone deserves protection, the companies pledged to protect all customers globally regardless of the motivation for attacks online.
  • No offense
    The companies will not help governments launch cyberattacks against innocent citizens and enterprises, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.
  • Capacity building
    The companies will do more to empower developers and the people and businesses that use their technology, helping them improve their capacity for protecting themselves. This may include joint work on new security practices and new features the companies can deploy in their individual products and services.
  • Collective action
    The companies will build on existing relationships and together establish new formal and informal partnerships with industry, civil society and security researchers to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimize the potential for malicious code to be introduced into cyberspace.

We support these principles!

This is all movement in the right direction: Norms and principles are being developed to tackle the issues that cause diminishing trust in the Internet.  Many of them fall in line with our own Key Issues of 2018 in the Internet of Things, Routing Security, and Internet Governance. This collaborative security approach has already manifested itself in multiple ways:

  • The MANRS initiative, to bring together network operators and IXPs to provide crucial fixes to reduce the most common routing threats that can lead to things like DoS attacks and traffic inspection.
  • The to establish internationally agreed ‘rules of the road’ for behavior in cyberspace, and create a more focused and inclusive dialogue between all those with a stake in the Internet (governments, civil society and industry) on how to implement them.
  • The GFCE, a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building
  • The call to protect the public core of the Internet comes from this diverse set of experts and stakeholders.
  • The Canadian IoT Security Project, to create a set of norms and/or policies to secure IoT in Canada.
  • The Internet Infrastructure Security Guidelines for Africa, to emphasize the importance of a collaborative security approach.
  • And so many more, as outlined on our Collaborative Security pages.

We believe more entities should adhere to the principles laid out in the Cybersecurity Tech Accord. However, in moving forward it becomes crucial that these principles are implemented in actions. Creating momentum involves engagement with more actors and key players who have a vested interest in expanding and implementing those principles and working across the globe, across industries, and across communities to make real change. In order for this to happen though, it is paramount that the process becomes more transparent and multistakeholder to ensure as many organizations as possible are engaged.

Take these principles with you, incorporate them into your organizational cyber defense strategy and let’s all strive for better security together.

Learn more about Collaborative Security and how you can contribute to a trusted Internet.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 21 February 2020

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA....

Building Trust 11 February 2020

Every Day Should Be Safer Internet Day

Safer Internet Day is an opportunity for people and organizations around the world to join forces in a series...

Building Trust 28 January 2020

This Data Privacy Day It’s the Little Things That Count

Today we’re celebrating Data Privacy Day, which is all about empowering people and organizations to respect privacy, safeguard data,...