www.ewi.

info
Copyright © 2012 EastWest Institute
On the cover: “Where The Internet Lives," Google data center

                      

focused on confronting critical challenges that endanger peace. EWI was established in 1980 as
a catalyst to build trust, develop leadership, and promote collaboration for positive change. The
   ! #    $%&%

For more information about the EastWest Institute or this publication, please contact:

The EastWest Institute

11 East 26th Street, 20th Floor
'(('()%*%+%
1-212-824-4100
communications@ewi.info

www.ewi.info
SUMMIT CO-SPONSOR

SUMMIT PARTNERS

SUMMIT PRIVATE SECTOR PARTNERS

TIER 1

TIER 2

TIER 3

!$ +/+55*/+55

3
 Building Trust in
The EastWest Institute is tackling the need to protect
Internet users and secure critical infrastructure. From
Dallas and London to New Delhi and Silicon Valley,
EWI is addressing the challenges triggered by the
explosion of new technologies.

Google data center

4
Cyberspace

5
 n the span of three years, the
I magnitude of the cybersecurity
problem has grown exponentially.
Each day brings headlines of new
breaches, resulting in staggering
losses. Some are purely criminal in
nature, while others involve far more
complex schemes of cyber espio-
nage and cyber sabotage. We live in
an age when hundreds of viruses—
  ; * <  =;
and Shamoon—are threatening to
> ?   > 
and public sectors across the globe.
!  #;   
are undermining international trust
at every level.
=;)%*%* A;-
 #* ! & 
member of EWI’s board of directors,
summed up the cybersecurity prob-
lem this way: “What we have now
learned over the last 10 or 20 years,
is that you cannot assume trust.
That is why we’re dealing with a per-
sistent problem of criminality, theft
of intellectual property and even
efforts to sabotage or damage our
infrastructure using the Internet.”
+  # 
that securing cyberspace is a
+?>;  K
6 $H('(M # H(''$ H('H
global challenge—one that cannot
"What we have
now learned over
the last 10 or 20
be solved by a single company or
country on its own. That is why the
EastWest Institute launched the
Worldwide Cybersecurity Initia-
tive, bringing together government
and corporate partners to protect
years, is that you the world’s digital infrastructure.
Experts from across the globe
cannot assume agree that progress in cybersecu-
trust. That is why rity will only be achieved through
trust-building among nations and
we’re dealing between the private and public sec-
tors. With a 30-year history of trust-
with a persistent ? #   # ?  &#
problem of War era, EWI is uniquely positioned
to propel that effort.
criminality, theft
To do so, EWI began hosting annual
of intellectual Worldwide Cybersecurity Summits,
property and even        
    ?-
efforts to sabotage ;% ;; B/  
$   ;D 
or damage our H('( $?#
infrastructure  ;< ; ) #
States, Russia, China, India and
using the Internet.” other nations discussed the limita-
tions of current cyber legislation and
# #     
! &  cybersecurity agenda. The top six
 issues: protecting undersea cable
infrastructure; priority international-
 5QU)&&  International
Global /  
Summit, Cybersecurity, 1st Worldwide
$?  Cybersecurity
*;; $

2009 2010
Global Cyber
$  
Rights and Responsibilities
&?K   
#*  #M ?  &? + #K
!?       +  Cyber Crime
M  
Group

 #5
for Governing Cyber Critical
Terminology   #
& P  K5 # 
Russia, the Foundations Technology
the Geneva and
) #*   =; $  
A& >   
and Cyber &   &
Cyberspace
$ ;
2011
/  
$  
Economy
5QU)&& *; K V 
A X A   +#> &   
M # !$  Cybersecurity Caucus, Fighting
/  #       $%&% Spam
 #
Trust
#  # ) #
*  K/  !?    2nd Worldwide  
to International International Cybersecurity Congress
Collaboration on +  Summit, London  $  
Cybersecurity, &   
$ London

2012
The Internet
Mobilizing for
A !#
Cybersecurity International Action
/   Follow this timeline for a quick
International
Communications
overview of the steps taken by
Cyber EWI to strengthen cybersecurity,
$  
    bringing together private
) #*  
and China
and public partners from key
countries around the world.
3rd Worldwide
Cybersecurity
*;; $

2013
Report titles are in italics.
7
 ;;   Y P    #
rules of engagement; cybersecurity
breach information sharing; ICT
development/supply chain integrity;
and emergency response coordina-
tion capability.
$;;  # 
? [;
international groups of experts com-
; # ##  ?-
security threats. It also resulted in
H?   
< ; ) #*   #
Russia to develop “rules of the road”
? P   #< 
; ) #*   #& 
#V ;; #  
 ; #?  %*
processes continue throughout the
year—culminating at the summits
where the next practical steps are
mapped out.
M # ;;  H(''B!? -
      +  D?  
   $;; 
 ; <  ?-
through groups and informal op-
portunities for cross-sector collabo-
  %* ;; #  
were advanced for international
connectivity and emegency pre-
#     > 
sector.
+?>KB    M >jU#  
8
B<      &  D
was the theme of EWI’s third summit
H('H $   -
Experts from ued this process. This location under-
scores India's rapid emergence as a
across the globe  ?  %
agree that prog- ? 
ress in cyberse-   $ ;;  
consultation with the Indian govern-
curity will only be ment and private sector leaders: ICT
development/supply chain integrity;
achieved through the role of international companies
trust-building in cloud computing and storage; and
# %+  $ 
among nations summit, leading Indian and Chinese
cyber experts declared their com-
and between the mitment to increased cooperation
private and pub- between their two countries, particu-
larly between their Computer Emer-
lic sectors. With gency Readiness Teams (CERTs).
This offered a concrete example of
a 30-year history  #  ? #   -
of trust-building ing to promote.
that dates back to EWI has already begun planning for
its fourth summit, to be held in Sili-
the Cold War era,  _ >;?H('`%  
EWI is uniquely be called the 4th Worldwide Cyberse-
curity Trustbuilding Summit—and will
positioned to pro- bring together innovators with global
leaders to address cross-border chal-
pel that effort.  %=;$ M #  
$  #*   _ 
for practical solutions continues.
Delivering Solutions
The chart and select examples below show the progress on EWI’s
cybersecurity recommendations to date. The institute considers a
recommendation as having entered the implementation stage when
       
        
governments or NGOs have integrated the recommendation into
their work to achieve sustainability.

2010-12: Fighting Spam and

27 Recommendations
produced
Botnets In 2010, EWI as-
sembled a group of Chinese
 #+;  <  
devise recommendations
30

for eliminating spam, still a

;V; 
> %!`++ U
    V   
52%
14 Implemented
the process of bringing the
two recommendations and
46 best practices to India’s
government and Internet
service providers to spur
transnational cooperation
26% 20
7 Institutionalized
on the issue.

Reliability of Global Undersea Communications

Cable Infrastructure (ROGUCCI) ) #;;   
cables are responsible for carrying over 99 percent of all interna-
     %$    {  # # {
government has committed to achieving best-in-class performance
      ?%) #    
; ?##;'H #%
10

Measuring the Cybersecurity Problem

In 2013, EWI will advocate for the establishment of
an independent, trusted entity to receive reports
on private sector cybersecurity breaches. Once
companies have committed to contributing
information anonymously, this entity will be able
 ? ? ;# >   
picture yet of the cybersecurity problem.

|/V 
2010 2011 2012 2013* 9
 New Delhi 2012
At the 3rd Worldwide Cybersecurity Summit in New Delhi,
more than 300 participants from 22 countries heard from an
impressive international line-up of cyber experts and policy
strategists from both the private and public sectors.

10
11
  $ 
T summit was on areas where
international cooperation is
vital—and the vulnerabilities
  %    -
 / # } !##K
“We are here for a purpose—to build
  # #    %DA
pointed out that the two previous an-
;;  $ #M # 
have led to the implementation of 52
percent of the 27 recommendations
that came out of those consulta-
 %B    V 
conference,” he added.
The conference’s location was no ac-
cident. “We are all in the room today
?    #   
essential partner on cybersecurity,”
 #5/ }% ;  
EastWest Institute.
A    #   [; 
;$   * 
+#> M 5## #* 
5%& # $ -
+?>; K
12 X * ? # €!  &;;    # Y & ; 5/ }%Y
 / #  #&Q} # !Y/ 5 V & ;  #$ MM/
ment of Telecommunications—not
"It is no longer
a question
of a nation
only participated in the summit but
#;   
agenda. In addition, the EastWest
   #  -
 +   *  #
*> &; ~+**&Q!
protecting its the Federation of Indian Chambers
of Commerce and Industry (FICCI)
own security;  # $ * &  
it’s a question # ~$*&   # 
? %  
of the global were chosen in consultation with the
Indian government and private sec-
community tor leaders.
protecting
X * ? # {!  
itself. India Communications and Information
Technology, appealed for “a global
pledges to work agreement” on how to protect the
with the global     #  
#%/      
community.” time in human history everyone is
operating from the same platform,
Sibal declared: “It is no longer a
X * ? question of a nation protecting its
own security; it’s a question of the
global community protecting itself.”
A#  #  # 
about what constitutes cyber crime
and how to combat it, including the
#; B?V D
  ##V#  
%B # # 
with the global community,” he
added.
While there were mixed reactions
to Sibal’s proposals, most partici-
pants agreed that the rapid pace of
technological change has triggered
a corresponding leap in exposure to
vulnerabilities that can be exploited
?? ; % ;
proposed solutions have also raised
fears about government intrusion
that could threaten privacy and indi-
vidual freedoms.
 &<< >!  
$   * = #? #
   ;   ? 
information on the cybersecurity
problems they face. “CEOs need
more metrics in this area,” she said,
arguing that without such informa-
tion much of the spending on cyber-
security could prove ineffective.
“EWI has   #   ##
$ { #  ? & ; 
certainly #/ 5 V ;; ##
EWI’s decision to hold the summit in
provided $ %B # ?>   
leadership that is grand and it is bold,” he said,
pointing to the way the Internet has
by serving   #;   ;> % 
also noted that most of the popula-
as a catalyst     >  #?
for collective  ; #  > 
with an estimated $6 billion in an-
transnational nual losses in India and $400 billion
worldwide. “Right now it seems that
action.” the bad guys are winning,” he said.
“This is a great, great challenge;
/ 5 V that’s why these summits are so
;  D5 V  #%B 
has certainly provided leadership by
serving as a catalyst for collective
transnational action.”
13
 B   {   
age of interdependence.
! #;
nations of the world are
becoming dependent
on each other, with
economies, with security,
   %+ 
industrial age has moved
into an information age,
and now we’re going into
an interdependence age.
    
company can solve the
issues of cybersecurity
alone.”

HARRY D. RADUEGE, JR.

B     ;   M%U5+M~5%&A+ 5!+
‘leapfrogged’ in technology, because $MQ &5=Q5&5
in a sense our whole industrial Q_+ Q
revolution has been compressed
into 60 years, what other countries
'((H((H‚( #% 
started off with almost no industry
when we became independent in
1947, except for a textile industry,
which had actually been driven into
the ground by the introduction of
a lot of imported textiles. So we
really had to start from scratch.
/      
cyber technology, we did leapfrog.”

LATHA REDDY
$/)+ Q+M*&)5 +$_ *Q5 $ +

14
 B}  ;  # #
society would function if every three
>;   #
ring. Today, we are aware of spam
whenever we open our mailbox; a good
30 to 40 percent is spam, despite the
     #% ; 
what could happen if it were to occur
on the voice side: we’d all go mad.”

J. SATYANARAYANA
*&5+5$/+5!Q=M&5Q &*
+$ !  *5Q=&Q!!) &+ Q*
+$  $ +

B #>#  
$%5    ;> “The more you frighten people, the
cooperation between less people will use technology that
China and India's computer drives the economy forward.”
emergency response teams.
We can help each other to JOHN SUFFOLK
stop the threats.” UMQ+M&5*&)5 
Q== &5A)+ 
ZHOU YONGLIN
$ 5&Q5 5
*Q& Q=&A +

15
 "Cyberspace is not a lawless space,
but a space where laws do apply
and where there are constraints on
state behavior. That’s one part of “We have to act
it. The second part is the practical fast to catch up to
things we can do to build better the development of
 # ?        %D
better cooperation and, ultimately,
better stability. The point here is to TORU NAKAYA
> # P   # ;   $ 5&Q5U5+M
 P  # { ?     %j * )=Q5 =Q5!+ Q
+$&Q!!) &+ Q*
CHRISTOPHER PAINTER /QM &~ &/!  *5
&QQ5$ +Q5=Q5&5 **)*)%*% Q= 5+M+==+ 5*+$
$/+5!Q=*+ &Q!!) &+ Q*}+/+

B    >  &Q #;;  

in this area. One would agree that a CEO would
 ?;  ##    V  
     ; 
        > ; 
#%A{      #
;   #     ? 
 #   < ;  %D

ERIN NEALY COX

ƒ&) _!++U U$ 5&Q5*5Q =5 $5U

16
“I do believe that apart from
having closed communication
    
people, it is important to be
able to have a layer of priority
communication in the public
 %D

R. CHANDRASHEKHAR
*&5+5$/+5!Q=
M&Q!!) &+ Q*!  *5Q=
&Q!!) &+ Q*+$  $ +

“Will we become a rogue nation or will we become a

cybersecurity superpower is really the question.”

PRADEEP GUPTA
&A+ 5!+†!++U U$ 5&Q5&5!$ +~ $ +M$%

“Today’s cyber world

calls for vigilance.
It also demands
that we move with
urgency, because
the challenges we’re
facing are growing
with both strength
and velocity.”

PUNIT RENJEN
&A+ 5!+Q=A
Q+5$$MQ MM/

17
 “We’ve seen considerable
;> # ?  
mitigation and in helping to
understand the issues involved
in undersea cables, yet we still
have a lot more to do. The other
outcome that I want to highlight
is the commitment to coming to
 ?%A>  > 
conversations helps to drive
awareness and will move the ball
forward.”

ANGELA MCKAY
/5 & /+M*&)5 *5+U *! &5Q*Q=

"They say, ‘The more you sweat in peace the less you bleed in war.’
+ #?  %    >#
 # #  #   ?#;? ‡{>
got to put all three contours of preventive, detective and corrective
action across the domains of people, processes and technology."

BURGESS COOPER
_ &/5* $†&A =&AQMQU*&)5 Q== &5_Q$+=Q $ +

“In order to achieve international

   #  
on local efforts, awareness and
local cooperation.”

VARTAN SARKISSIAN
&QX UA*5 $U&5**!*

18
Troubling
Numbers
Every year during
the summit we poll
our international
participants about the
current situation in
cyberspace and what
needs to be done. Here
are some of the results.
93%
THINK THAT THE
CYBERSECURITY
RISK IS HIGHER
THAN ONE
YEAR AGO

19
 33%
FEEL PROTECTED
ONLINE

41%
THINK THEIR ONLINE
PRIVACY IS NOT
SUFFICIENTLY
PROTECTED

20
 B {   ## 
simple, single solutions. This has
  ? ; %   
we’ve got to avoid the seduction
of that pursuit of the single but
rather unattainable solution.
So we need to build on existing
      
regional differences.”

MIKE ST. JOHN-GREEN

=Q5!5$/)$ 5&Q5Q== &Q=
&5*&)5 +$ =Q5!+ Q
+**)5+&)%X%

"The second big driver for what we’re

doing is how do we create a payment
system which allows the government
to accurately credit money or
goods to people’s accounts in an
 ;? > ?% {
? ;  ? 
 #;  ; >
and more equitable."

NANDAN NILEKANI
&A+ 5!+Q=A) ˆ) $ = &+ Q
+)AQ5 Q= $ +

B  {      # {    { ?

to get off. The Internet is becoming so integrated into everybody’s
    V # {     
to a pre-Internet age is possible.”

JOHN M. HOWELL ƒ&) _$ 5&Q5 &Q!!) &+ Q**Q& 

21
 B+   # #;  
corporate leaders dramatically
underestimate the threat and they don’t
   #   % ;
the regulation is not there; in some cases
? ‰#?  
their budgets and balance sheets. In
;       >
their CTOs are doing for the companies
is more than enough.”

ARMEN SARKISSIAN
_ &&A+ 5!++* * * )Y
=Q5!5/5 !!  *5Q=+5! +

“There are four aspects “The challenge is to go from

that are now shaping the
entire cyberspace. One is
connectivity; the second
is mobility; the third is the
social media, and the fourth
 ;   %D
individual personal relationships
to a process that allows
for a continuous exchange
of important information
as opposed to exceptional
exchange of information.”

GULSHAN RAI GREG SHANNON

$ 5&Q5U5+M&5 $ + &A =*&  *&5/5QU5+!
$/Q=M&5Q &*†  $ + &+5U !MMQ) _5* 

“Insecurity in the cyber world comes

in all forms and is perpetrated by all
 #%D

MARIA LIVANOS CATTAUI

=Q5!5*&5+5U5+M 5+ Q+M
&A+!5Q=&Q!!5&Y!!5Q+5$Q=
$ 5&Q5*+* * * )

22
50%
THINK THAT CORPORATE
BOARDS GROSSLY
UNDERESTIMATE THE
CYBERSECURITY
PROBLEM

17%
THINK THAT
THEY ARE TOO
CONFUSED

23
 62%
SAY THAT THEIR
GOVERNMENTS
ARE IN THE
EARLY STAGES OF
UNDERSTANDING
THE CYBERSECURITY
PROBLEM AND
COMMITTING TO
INTERNATIONAL
COOPERATION
24
 “If any issue consistently emerged from
?;;  $ ;; 
in London and yesterday's outstanding
summit activities, it’s the criticality of
strong international cooperation, public
and private, to drive the policy changes, the
business process changes and multilateral
agreements to improve cybersecurity.”

BOB CAMPBELL
&Q&+!/MMUMQ+M*5_ &*Y!!5Q+5$
Q=$ 5&Q5*+* * * )

“Some of the points

“This summit process has proven
effective in developing innovative
recommendations, seeing these
recommendations implemented
?;V;  #
governments, and then seeing their
;; #       #
by long-term sustainable changes.”
VIJAY BHARGAVA
/5* $ &Q!!) &+ Q*
*Q&  U5+M$+! &*
>P #
in our Information
 + #
actually become a global
#  
base on which all of the
international diplomacy
on cybersecurity can go
forward.”
SUBIMAL
BHATTACHARJEE
&Q)5A+$

25
“The global cyber commons requires safe
navigation by nations for their well-being, economic
growth and national security.International
cooperation to enhance openness, strengthen
governance, and stability of cyberspace is
essential. India, with the third largest number of
     ;   #%D

KAMLESH BAJAJ
&Q$++*&)5 &Q)& M
Q= $ +~$*& 

BQ ;   #;

 >    ;V    #
 #  # > # # 
confront a situation when people will die as a
 ?  % #?
a game changer of the worst type.”

JOHN EDWIN MROZ

/5* $+$&Q+* * * )

B  ?  B*?; ?  >#

what cybersecurity but they are very critical and form part
was and had a      %    
handle on it, then  ?    { >  
  ;    ?   
see that our ?; ?     
understandings of it media that connects all that. Without
would converge.” ?; ?  # { 
have the Internet and you don’t have
STUART cyberspace.”
GOLDMAN
&A+ 5~=!5 DEAN VEVERKA
+ * Q5X &A+ 5!+ 5+ Q+M&+M/5Q& Q
5Q/5+ M  &Q!! ~ &/&Y$ 5&Q5 Q5X*+$
=Q5)!YMMM+* _ &/5* $Q/5+ Q**Q)A5&5Q**
FELLOW (RET.) &+M*M ! $

26
 55%
DOUBT THAT
THEIR COUNTRY
CAN DEFEND
ITSELF AGAINST
SOPHISTICATED
CYBER ATTACKS

27
 WHAT KIND OF RULES SHOULD
APPLY IN CYBERSPACE?
Is cyberspace a truly new society that deserves its own rules or an
extension of the real world—and should most or all of its rules apply?

26% ALL NEW

RULES
40%
SOME NEW
RULES

30%OLD RULES

28

“Technologically,
cyberspace is without
boundaries but the
privacy issues are country-
 %  
may be very acceptable
for open discussion in
)%*%;>  
own sensitivities in India.
So the whole question is,
how do you address all
these issues so that the
#   #[
government, regulators,
service providers, civil
society, the media—
have some common
acceptance of
cybersecurity?”
ARBIND PRASAD
$ 5&Q5U5+M
=$5+ QQ= $ +
&A+!5*Q=&Q!!5&
+$ $)*5~= && 
“We really are operating in concentric
circles. First, companies need to
protect the data of their customers and
themselves, and then around that is
industry and, third, at a country-level.
       
and the world has moved farther. I
 ?    
are intersecting with what happens
across the world, becomes even more
important.”
SOM MITTAL
/5* $+ Q+M+**Q& + QQ=
*Q= +5+$*5_ &&Q!/+ *
~+**&Q!
“In the area of theft of intellectual
property and espionage, there’s been
very little progress, and maybe it’s the
nature of that challenge. That there
 {   ?>;
internationally because there are some
   #    >  
operate across the globe.”
MICHAEL CHERTOFF
&A+ 5!++$&Q=Q)$5&A5Q==
U5Q)/Y=Q5!5)%*%*&5+5Q=AQ!M+$
*&)5 Y!!5Q+5$Q=$ 5&Q5*
29
 Working Togethe
The institute's summit process is oriented around ongoing
breakthrough groups, diverse collections of experts assigned
to devise solutions to major cybersecurity challenges.

30
r

31
 he success of EWI's World-
T wide Cybersecurity Initiative
is measured in part by the
 ? ;#
   >   
both during the summit meeting and
in the follow-up activities throughout
the year.
?V > ?-
through groups is to have actionable
recommendations for industry and
government that, if implemented,
recommendations
 >    ;  ;-
ing cyberspace and the real world
safer, more stable and more secure.
+ M #  #$ ; 
 $ ;;  ##
 #  ? 
groups, immersing participants in
interactive sessions with profes-
sional peers from around the world.
Following consultation with the In-
dian government and private sector
leaders, three new issues, discussed
below, emerged as central areas of
  $ ;; %
Globally Distributed
Processing and Data
Storage (the "Cloud”)
The transition to so-called “cloud”
style design and management
? ?      #
32
new vulnerabilities. While there is
; #~%% 
&#* +    ; 
security within the constraints of
distributed processing and storage,
fundamental issues at the core of
Agreements, the discussion remain unresolved.
Which policies apply to the data of
standards,  + ; #? 
‡  +   ƒ
policies and  # ‡A‡ # 
questions have made many uneasy.
Equally urgent are concerns about
need to catch governments overreacting with
    # P >-
up to already tion or otherwise restrict freedoms.
introduced The answers to these and other
innovative questions directly impact the safety,
security and integrity of phenomena
services that       ;  
have befuddled   ?# 
 #   #    
government, ?>    %+; 
standards, policies and recommen-
legal and social dations need to catch up to already
paradigms. introduced innovative services that
have befuddled government, legal
and social paradigms.
 ? #   ?-
   # )%*%H?  
which put forth voluntary principles
that multi-national companies
should subscribe to when designing
and operating “cloud” applications.
ICT Development/
Supply Chain Integrity
Governments and businesses are
unable to determine the integrity
of the hardware and software on
which they vitally depend for the
reliability and security of their criti-
  %!V  >
underway by national governments
to improve their oversight of the
technology responsible for national
critical infrastructure as well as vital
national security operations. The
>; ;V < 
and experience resides in the private
sector, where much of the hardware
and software design, development,
deployment and operation occur.
Thus governments are typically at
a substantial disadvantage, forced
to rely on the private sector for
insights. That said, private sector
insight can be biased as a result of
;; ?V >   
status quo approaches.
 ? #  #
    # )%*%H?  
 #   #  -
ing international principles for the
integrity of ICT development/supply
chains that may be otherwise over-
# #; #  
national initiatives.
Payload Security
In a perfect world, the government
can access the critical informa-
tion it needs in a timely manner
to ensure national security and
As essential ?     #
 >      V
data now often cyberspace with safety, security and
privacy – i.e. freedom from being
traverses needlessly observed or interrupted.
international / >     
and service providers should meet
borders, ?  #     ?
 #? >; %A>
the lack of neither government nor private sec-
a common ?V >; #‰ 
;      ?
understanding to neither.
of the + #     >-
appropriate     ?# 
of a common understanding of the
rigor for its appropriate rigor for its protection
 # ;V? 
protection and > % ? # 
access is a  #   # )%*%H
?    ## 
major obstacle international policies affecting moni-
toring and privacy.
for everyone.
33
 Additional proposed by EWI’s report /   as hospitals in cyberspace; this
International Communications  #> ; #-
Breakthrough Groups ~/ &K*  &  #  ; dressing this potentially dangerous
of Crisis. problem.
Pursuing World Class
Performance for International
Emergency Preparedness Measuring the
Connectivity: Timely Outage
for the Financial Service Cybersecurity Problem
Repairs for Global Undersea
Sector in Cyberspace /#   # #  -
Communications Cable
Collaboration in the international ## # >? ;
Infrastructure (GUCCI)
   >    ;- cybersecurity compromises is vital
+      &?
tive to prepare for future crises, in a world of increased complexity,
/   &;; {? -
   #    connectivity and criticality.
tices for timely outage repairs of
could occur in cyberspace.
undersea cables is essential to both
Stopping Cyberspace Pollution:
maintaining stable international
Dealing with the New Power International Cooperation on
connectivity and restoring service
Structure of Non-State Actors Fighing Spam and Botnets
as soon as possible in the event of
in Cyberspace     #;;
an outage.
/ >; ##  have made their identities extreme-
promote constructive cooperation #    >  ;
Harmonizing Legal Frameworks
with non-state actors in cyber- ;;#   -
+#>      ?V >
space, and assure that the existing  # ## ;
recommendations for potential
prescribed instruction and training ;#   %    
new legal mechanisms is critical to
#  U > #A cooperation and policy is crucial to
combating cyber crime and cyber
    >   - effectively addressing the problem.
 %
    > ? P  %
Implementing Public Health
Priority International
International Aspects of Critical Models for the Internet
Communications: Strategy
Infrastructure Protection In the face of mounting cyber
for Implementation
$ >       threats, international cooperation
 ?   <
U > #A >   based on a global public health
the steps the international com-
there are currently no distinctive, model can improve device health
; ;   # ;-
>  ?;-  ##  %
menting the four recommendations
tected humanitarian entities such

+?>; K$ _>& ;     &?/   &;; ~ &/&Y$    #_ / # 
34 Q  *  &&?M ; #Y! Q{5 # & ; !`++ UY$   #  &; YX
=# 5&  Q #$   #=     Y*  U#; & ~;+ * 
?  =;YM?=~ %Y+ !X/  * *    ! 
New Ideas
The 3rd Worldwide Cybersecurity Summit provided
an excellent opportunity for experts, stakeholders
and decision-makers from industry, government
and academia to review papers on the international
policy-related aspects of cybersecurity.

Thirteen papers were presented and discussed on

topics such as: the worldwide response to a cyber
crises (e.g., priority international communications
and trusted information sharing); global awareness
and education (e.g., protecting youth, spam, and
the private-public partnerships needed to secure
the global economy); and worldwide governance,
frameworks and protocols for day-to-day behavior
! !" #
of the authors presented their papers at the Poster
Session of the summit.

For a full list of presented papers visit the summit website at www.cybersummit2012.com.
35
 “India's importance
In the News in this domain can
The 3rd Worldwide Cybersecurity Summit ?V##; 
made it to the front pages of major fact that, after the
newspapers in India and attracted wide previous two editions
media interest abroad. Here are some M #  #$
headlines and soundbites from the summit. $    
the Third Worldwide
Cybersecurity
B  ?   Summit.”
explosions and no declarations
of war, but cyber crimes can
P  V ;#;%
< ; )%*% #
India are meeting at a summit “'We have 1.2 billion people and will
$  # >  be the largest in terms of population
cybersecurity areas.” in the world in years to come. Cyber
crime affects us perhaps much
more than any other country in the
#€; # !  X 
Sibal said on the sidelines of the 3rd
Worldwide Cybersecurity Summit.”
B€     
here, it’s a massive business
opportunity across the
#€!%/  # # 
Real Time on the sidelines B} *ŒA ‘€?
of the EastWest Institute’s cybersecurity chief, told Reuters
cyber security summit in at a cybersecurity conference in
$ #% $    # 
       ;     U; 
?#       security researcher Felix Lindner, who
focuses on issues of global has exposed vulnerabilities in the
security and is chaired by company's routers, from its $100 home
!%/ %D Internet devices
vices to multi-million dollar
equipment.”

36
B)  ;!  X * ?
on Tuesday called for a global effort
to fortify cyber security. Interacting
with reporters at the third Worldwide
Cybersecurity Summit here, Sibal
said that such security is necessary
as online space doesn't have a
boundary and information could
>;   P  
sensitive matters.”
“The global summit sought to bring
more stability and safety into the
global cyberspace by identifying
critical security areas and ways to
address them.”
"While governments fear
  ?   
infrastructures such as nuclear power
  #?   ;  
>;   #   
and credit card fraud to grapple with.
The recently concluded Worldwide
&? *;; # $ 
has done well to throw some light
on the enormity of the challenge of
   ; %j
New Publications
Two new EWI reports were released to coincide
with the convening of the New Delhi Summit.
Priority International Communications
$   #  } {  ;  # ; -
down in 2011, the London bombings in 2005, and the 2008
!;?  #’“''    ; ;; -
  # ;    #  %/   -
   &;;   ~/ &?    ## 
prevent the loss of lives and property in such crisis situations.
#   ;#  ;;    # <-
perts, this publication sets forth straightforward steps needed
to set up an international capability for both government
  # >  #%+;   {
technologies and services continue to demand greater and
 ? # #         
more frequently.
/      &;;   K*  &  # 
Times of Crises presents four actionable recommendations
   ;; ##> ;   #-
 ;;  >    V;;#%
  # #?  >   # > #
with critical roles in times of crises. They are critical infrastruc-
 ~;;       > 
 #     Y?   ~ 
government, emergency management) and individuals with
national security responsibilities.
Cyber Detente Between
the United States and China
{     ) #*   #& >  -
tious relationship when it comes to their cyber capabilities
 #   % #  &?$     
) #*   #& K*  + #, these two coun-
tries have common cyber concerns that could bring them to
 ?   ## ; <  #
solutions, avoiding an escalation of aggressive strategies from
either country.
      H;
> #  %A>
   # ;[?   #  [
needs to be more intense, to cover more concrete problems
and to involve a larger number of people on both
sides, especially from the
military and private sector.
The paper calls for a fresh
appraisal of the impact of
both countries’ military
cyber policies.
37
 Silicon Valley 2013
After holding its last two summits in London and New Delhi,
the EastWest Institute will bring its cybersecurity summit series back
to the United States in 2013 (November 4-6). Located at the epicenter
of technology innovation, the Silicon Valley summit will drive
intense, focused work on vital cybersecurity issues. As its new name
indicates, the summit will feature a renewed emphasis on building
trust among key players. This means bringing together private and
public sector representatives of nations that normally are wary of
each others’ cyber capabilities, planning and ambitions.

) #*  &  The Stanford Institute for Eco- Social Networking

T India, Russia, Israel and

many other countries will
be represented as the
;;   ?-
through groups, composed of
government and private sector
experts, to address:
International Critical
Infrastructure Protection
+ ? ; > 
dependent on international critical
infrastructures, what steps can
?      #
resilient operation?
Acts of Aggression
in Cyberspace
_  * <   #=;
#  #  
possibilities for both state and
     %A#
    # ;
#   P  ‡
Multinational Company Data
Handling Expectations
A#    
from the misalignments of expec-
  ; P     
laws, variations in procedures, etc.
be addressed?
; /  #5 ~* /5 
also set to host a special plenary
session and dinner on the second
day of the summit at Stanford
) > > # > ? -
demic setting for the proceedings.
##    ? 
groups, the summit will feature
plenary sessions to address
aspects of cybersecurity critically
hindered by distrust. They are:
Political Action Promoting In-
ternational Cybersecurity
Failure to pass effective cyberse-
curity legislation and the uproar
over international bodies’ at-
tempts to regulate cyberspace are
V ;   
 ; #%
Industrial Espionage
/ >  ;-
larly the victims of cyber crime.
A>  #   
?? ;-
 < ;#   #> 
effective solutions.
Policy Envelope
The Internet’s future is now
being envisioned and designed
by innovators in Silicon Valley
and elsewhere, raising a whole
host of new policy issues at the
?>%A <   #
future policy gaps be addressed
in such a way that they will be
B D‡+ #  ?
the role of the private sector and
# > #       ‡
When it comes to cybersecurity,
policy continues to lag far behind
the pace of technological innova-
 %?    -
sentatives from the world’s great
cyber powers to address these
critical issues, the EastWest Insti-
     # ? # 
that gap.
X  www.ewi.info to
learn more about summit pro-
gramming and registration.
SIGN UP
FOR SUMMIT
UPDATES

38
 SILICON 4th Worldwide
4
C
Cybersecurity
VALLEY T
Trustbuilding
2013 Summit
S

“See something or say something," Eric Fischer

Orange#   =   blue dots are locations of Twitter tweets. 39
White dots are locations that have been posted to both.
 EWI #$  
Q== &Q=A OFFICERS
&A+ 5!
John Edwin Mroz (U.S.)
Ross Perot, Jr. (U.S.) / # &= #†&Q
Chairman EastWest Institute
EastWest Institute
Chairman Mark Maletz (U.S.)
A #$>; &%MM& Chair of the Executive Committee
#$   EastWest Institute
$ % Senior Fellow
A># *
Armen Sarkissian (Armenia)
Vice Chairman R. William Ide III (U.S.)
EastWest Institute & †* 
/ # EastWest Institute
 A     / 
=;/ ;!   !X M †+# #MM/
+; 
Leo Schenker (U.S.)
Treasurer
EastWest Institute
* < >_ / #
&   U ;  %
40
!!5*
Martti Ahtisaari (Finland)
Former Chairman
EastWest Institute
H((•?// M 
=;/ # =  #
      
& ; †&Q
*   ~AXM #%
Jerald T. Baldridge (U.S.)
Chairman
Republic Energy Inc.
    
Chairman
ƒ/*;  # 
Matt Bross (U.S.)
CEO
A X 
Robert N. Campbell III (U.S.)
Vice Chairman (Retired)
$ MM/
Peter Castenfelt (U.K.)
Chairman
+   M #%
Maria Livanos Cattaui
(Switzerland)
Former Secretary-General
International Chamber of
Commerce
Mark Chandler (U.S.)
& ; †&Q
  
 Angela Chen (U.S.)
= # #!  $  
U?+  +  
/ 
Epoch Fund
Michael Chertoff (U.S.)
& #†!  /  
Chertoff Group
David Cohen (U.K.)
Chairman
=†&5 / ! ;
Joel Cowan (U.S.)
/
Georgia Institute of Technology
+?     ; {=;
Addison Fischer (U.S.)
& ; †&= #
/  A = # 
Adel Ghazzawi (U.A.E.)
Founder
&QX+*
Stephen B. Heintz (U.S.)
/ # 
5 = #
Emil Hubinak (Slovak Republic)
& ; †&Q
Logomotion
John Hurley (U.S.)
!  / 
&>+ ! ;
Wolfgang Ischinger (Germany) Tsuneo Nishida (Japan)
Chairman +;?#Y
! * &   /;  5  >
U?A# }   )%%
U> ; + 
+  * Ronald P. O’Hanley (U.S.)
/ # + ! ; 
Anurag Jain (India) and Corporate Services
Chairman Fidelity Invesments
M# /> %M #%
Yousef Al Otaiba (U.A.E.)
James L. Jones (U.S.) +;?#
=;)%*%  *  ;? ) #+?
+#>  Emirates in Washington
Haifa Al Kaylani (U.K.) Admiral (ret) William A. Owens
= #†&  (U.S.)
Chairman
++A# + 
Zuhal Kurt (Turkey) Former Vice Chairman
CEO )%*%} & * 
X   
Sarah Perot (U.S.)
Kevin McGovern (U.S.) $  †&& 
Chairman $>;
The Water Initiative $& /; + 
Co-Founder
*Q> Louise Richardson (U.S.)
/  
General (ret) T. Michael ) > * %+ #
Moseley (U.S.)
! #+  MM& John Rogers (U.S.)
Former Chief of Staff !  $  
) #*  + = U#; *†&%
      
CEO
/ > U
41

George F. Russell, Jr. (U.S.)
Former Chairman
EastWest Institute
Chairman Emeritus
Russell Investment Group
Founder
Russell 20-20
Ramzi H. Sanbar (U.K.)
Chairman
*$&U %
Ikram ul-Majeed Sehgal
(Pakistan)
Chairman
* †! ; 
Services Ltd.
Kanwal Sibal (India)
Former Foreign Secretary of India
Henry J. Smith (U.S.)
CEO
#*; Q    %
Pierre Vimont (France)
Executive Secretary General
 <  +  *> 
=;+;?#
Embassy of the Republic of France
    $%&%
Alexander Voloshin (Russia)
& ;  #
Q}*&)
Zhou Wenzhong (China)
Secretary-General
=;+ 
QQ+5$&Q!! 
!!5*
Laurent Roux (U.S.)
Founder
U   ! ; MM&
Hilton Smith, Jr. (U.S.)
/ # †&Q
 &%M$
|$#
42
&Q=Q)$5
Ira D. Wallach* (U.S.)
Former Chairman
&   U ;  %
Co-Founder
EastWest Institute
&A+ 5!!5  
Berthold Beitz (Germany)
/ #
+ #X>  
 #A?*   
Ivan T. Berend (Hungary)
/
) > &  M+ 
Francis Finlay (U.K.)
Former Chairman
Clay Finlay LLC
Hans-Dietrich Genscher
(Germany)
=;_ & †!  
=  + 
Donald M. Kendall (U.S.)
=;& ; †&Q
/ &% %
Whitney MacMillan (U.S.)
=;& ; †&Q
Cargill Inc.
$ 5&Q5*!5 
Jan Krzysztof Bielecki (Poland)
CEO
 /XQ  *%+%
=;/ ;!  / #
Emil Constantinescu (Romania)
/ #
Institute for Regional Cooperation
 #& P  />  ~ &Q5
=;/ # 5; 
William D. Dearstyne (U.S.)
Former Company Group Chairman
}  †} 
John W. Kluge* (U.S.)
=;& ;  #
! ;#     U
Maria-Pia Kothbauer
(Liechtenstein)
+;?#
Embassy of Liechtenstein to
+  Q*& # ) _  
William E. Murray* (U.S.)
Former Chairman
The Samuel Freeman Trust
John J. Roberts (U.S.)
* +#> 
+;      U~+ U
Daniel Rose (U.S.)
Chairman
5+   %
Mitchell I. Sonkin (U.S.)
!  $  
! +  &  
Thorvald Stoltenberg (Norway)
/ # 
  5#&
Liener Temerlin (U.S.)
Chairman
Temerlin Consulting
John C. Whitehead (U.S.)
Former Co-Chairman
Goldman Sachs
=;)%*%$ * 
of State
 India Summit Committee

Kapil Sibal
!  )  &;;    # ;   
Committee Chairman

/)M &*&Q5 /5 _+*&Q5

Sachin Pilot Virat Bhatia

!  *  &;;    #  & ; = && &;;   †
$   ;&;; 
Milind Deora
!  *  &;;    #  Anurag Jain
& ; M# /> %M #%
R. Chandrashekhar
*  $ ; ;;    Sanjay Kapoor
!  &;;    #  &Q # †* +  +  

J. Satyanarayana Marten Pieters

*  $ ;    #  CEO, Vodafone India
!  &;;    # 
C.S. Rao
B. K. Gairola / # & +  #5 
$  U    ; & ~ & Reliance Communications Ltd.

Gulshan Rai Udayan Sen

$  U &5 #  &Q #!  / 
$ A †*
Som Mittal
/ #   +   *  #
*> &; ~+**&Q!

Nandan Nilekani
& ; ) ‰ #   +   # 
~) $+ 
A# +#> U) ‰
/V ~+U)/

Arbind Prasad
$  U =#   #  &;?
Commerce and Industry (FICCI)

Kamlesh Bajaj
&Q$ * &   # ~$*& 

Dilip Chenoy
&Q  * $>; & 

43
Founded in 1980, the EastWest Institute is a global, action-oriented
  ##  %         ?;?K

Convening for discreet conversations representatives of institutions

and nations that do not normally cooperate. EWI serves as a trusted
??? BHD# ; # 
public forums to address peace and security issues.

Reframing      %# 

    5 &  ) #*   #
other powers, EWI brings together disparate viewpoints to promote
collaboration for positive change.

Mobilizing   # > #;?  ?  #

private sectors. EWI leverages its access to intellectual entrepreneurs
and business and policy leaders around the world to defuse current
 P   #>  P%

          ‚('~~`   

      #!%Q
## # #   #? # > 
international board of directors and our supporters.

EWI New York Center EWI Brussels Center

11 East 26th St. Rue de Trèves, 59-61
20th Floor '(˜(
'(('( 32-2-743-4610
1-212-824-4100

EWI Moscow Center !# !   $ &'

$; >* %–“‚ '(—’;} * %
 # '—th Floor    $&H(((–
!'H‚((’ 1-202-492-0181
7-495-2347797

www.ewi.info