Professional Documents
Culture Documents
Cybersecurity Summit Held in New Delhi
Cybersecurity Summit Held in New Delhi
info
Copyright © 2012 EastWest Institute
On the cover: “Where The Internet Lives," Google data center
For more information about the EastWest Institute or this publication, please contact:
www.ewi.info
SUMMIT CO-SPONSOR
SUMMIT PARTNERS
TIER 1
TIER 2
TIER 3
!$ +/+55*/+55
3
Building Trust in
The EastWest Institute is tackling the need to protect
Internet users and secure critical infrastructure. From
Dallas and London to New Delhi and Silicon Valley,
EWI is addressing the challenges triggered by the
explosion of new technologies.
5
n the span of three years, the global challenge—one that cannot
2009 2010
Global Cyber
$
Rights and Responsibilities
&?K
#* #M ? &? + #K
!? + Cyber Crime
M
Group
#5
for Governing Cyber Critical
Terminology #
& P K5 #
Russia, the Foundations Technology
the Geneva and
) #* =; $
A& >
and Cyber & &
Cyberspace
$ ;
2011
/
$
Economy
5QU)&& *; K V
A X A +#> &
M # !$ Cybersecurity Caucus, Fighting
/ # $%&% Spam
#
Trust
# # ) #
* K/ !? 2nd Worldwide
to International International Cybersecurity Congress
Collaboration on + Summit, London $
Cybersecurity, &
$ London
2012
The Internet
Mobilizing for
A !#
Cybersecurity International Action
/ Follow this timeline for a quick
International
Communications
overview of the steps taken by
Cyber EWI to strengthen cybersecurity,
$
bringing together private
) #*
and China
and public partners from key
countries around the world.
3rd Worldwide
Cybersecurity
*;; $
2013
Report titles are in italics.
7
;; Y P # B< & D
rules of engagement; cybersecurity was the theme of EWI’s third summit
breach information sharing; ICT H('H $ -
development/supply chain integrity;
and emergency response coordina-
Experts from ued this process. This location under-
scores India's rapid emergence as a
tion capability. across the globe ? %
+ D? that dates back to EWI has already begun planning for
$;; its fourth summit, to be held in Sili-
; < ?- the Cold War era, _ >;?H('`%
through groups and informal op-
portunities for cross-sector collabo-
EWI is uniquely be called the 4th Worldwide Cyberse-
curity Trustbuilding Summit—and will
%* ;; # positioned to pro- bring together innovators with global
were advanced for international leaders to address cross-border chal-
connectivity and emegency pre- pel that effort. %=;$ M #
# > $ #* _
sector. for practical solutions continues.
27 Recommendations
produced
Botnets In 2010, EWI as-
sembled a group of Chinese
#+; <
devise recommendations
30
|/V
2010 2011 2012 2013* 9
New Delhi 2012
At the 3rd Worldwide Cybersecurity Summit in New Delhi,
more than 300 participants from 22 countries heard from an
impressive international line-up of cyber experts and policy
strategists from both the private and public sectors.
10
11
$ ment of Telecommunications—not
+?>; K
12 X * ? # ! &;; # Y & ; 5/ }%Y
/ # #&Q} # !Y/ 5 V & ; #$ MM/
global community protecting itself.” more metrics in this area,” she said,
A# # # arguing that without such informa-
about what constitutes cyber crime tion much of the spending on cyber-
and how to combat it, including the security could prove ineffective.
#; B?V D
##V#
%B # #
“EWI has # ##
$ { # ? & ;
with the global community,” he certainly #/ 5 V ;; ##
added. EWI’s decision to hold the summit in
provided $ %B # ?>
While there were mixed reactions
to Sibal’s proposals, most partici-
leadership that is grand and it is bold,” he said,
pointing to the way the Internet has
pants agreed that the rapid pace of by serving #; ;> %
technological change has triggered also noted that most of the popula-
a corresponding leap in exposure to as a catalyst > #?
vulnerabilities that can be exploited
?? ; % ;
for collective ; # >
with an estimated $6 billion in an-
proposed solutions have also raised transnational nual losses in India and $400 billion
fears about government intrusion worldwide. “Right now it seems that
that could threaten privacy and indi- action.” the bad guys are winning,” he said.
vidual freedoms.
“This is a great, great challenge;
&<< >! / 5 V that’s why these summits are so
$ * = #? # ; D5 V #%B
; ? has certainly provided leadership by
information on the cybersecurity serving as a catalyst for collective
problems they face. “CEOs need transnational action.”
13
B {
age of interdependence.
! #;
nations of the world are
becoming dependent
on each other, with
economies, with security,
%+
industrial age has moved
into an information age,
and now we’re going into
an interdependence age.
company can solve the
issues of cybersecurity
alone.”
LATHA REDDY
$/)+ Q+M*&)5 +$_ *Q5 $ +
14
B} ; # #
society would function if every three
>; #
ring. Today, we are aware of spam
whenever we open our mailbox; a good
30 to 40 percent is spam, despite the
#% ;
what could happen if it were to occur
on the voice side: we’d all go mad.”
J. SATYANARAYANA
*&5+5$/+5!Q=M&5Q &*
+$ ! *5Q=&Q!!) &+ Q*
+$ $ +
B #>#
$%5 ;> “The more you frighten people, the
cooperation between less people will use technology that
China and India's computer drives the economy forward.”
emergency response teams.
We can help each other to JOHN SUFFOLK
stop the threats.” UMQ+M&5*&)5
Q== &5A)+
ZHOU YONGLIN
$ 5&Q5 5
*Q& Q=&A +
15
"Cyberspace is not a lawless space,
but a space where laws do apply
and where there are constraints on
state behavior. That’s one part of “We have to act
it. The second part is the practical fast to catch up to
things we can do to build better the development of
# ? %D
better cooperation and, ultimately,
better stability. The point here is to TORU NAKAYA
> # P # ; $ 5&Q5U5+M
P # { ? %j * )=Q5 =Q5!+ Q
+$&Q!!) &+ Q*
CHRISTOPHER PAINTER /QM &~ &/! *5
&QQ5$ +Q5=Q5&5 **)*)%*% Q= 5+M+==+ 5*+$
$/+5!Q=*+ &Q!!) &+ Q*}+/+
16
“I do believe that apart from
having closed communication
people, it is important to be
able to have a layer of priority
communication in the public
%D
R. CHANDRASHEKHAR
*&5+5$/+5!Q=
M&Q!!) &+ Q*! *5Q=
&Q!!) &+ Q*+$ $ +
PRADEEP GUPTA
&A+ 5!+!++U U$ 5&Q5&5!$ +~ $ +M$%
PUNIT RENJEN
&A+ 5!+Q=A
Q+5$$MQ MM/
17
“We’ve seen considerable
;> # ?
mitigation and in helping to
understand the issues involved
in undersea cables, yet we still
have a lot more to do. The other
outcome that I want to highlight
is the commitment to coming to
?%A> >
conversations helps to drive
awareness and will move the ball
forward.”
ANGELA MCKAY
/5 & /+M*&)5 *5+U *! &5Q*Q=
"They say, ‘The more you sweat in peace the less you bleed in war.’
+ #? % >#
# # # ?#;? {>
got to put all three contours of preventive, detective and corrective
action across the domains of people, processes and technology."
BURGESS COOPER
_ &/5* $&A =&AQMQU*&)5 Q== &5_Q$+=Q $ +
VARTAN SARKISSIAN
&QX UA*5 $U&5**!*
18
Troubling
Numbers
Every year during
the summit we poll
our international
participants about the
current situation in
cyberspace and what
needs to be done. Here
are some of the results.
93%
THINK THAT THE
CYBERSECURITY
RISK IS HIGHER
THAN ONE
YEAR AGO
19
33%
FEEL PROTECTED
ONLINE
41%
THINK THEIR ONLINE
PRIVACY IS NOT
SUFFICIENTLY
PROTECTED
20
B { ##
simple, single solutions. This has
? ; %
we’ve got to avoid the seduction
of that pursuit of the single but
rather unattainable solution.
So we need to build on existing
regional differences.”
NANDAN NILEKANI
&A+ 5!+Q=A) ) $ = &+ Q
+)AQ5 Q= $ +
21
B+ # #;
corporate leaders dramatically
underestimate the threat and they don’t
# % ;
the regulation is not there; in some cases
? #?
their budgets and balance sheets. In
; >
their CTOs are doing for the companies
is more than enough.”
ARMEN SARKISSIAN
_ &&A+ 5!++* * * )Y
=Q5!5/5 !! *5Q=+5! +
22
50%
THINK THAT CORPORATE
BOARDS GROSSLY
UNDERESTIMATE THE
CYBERSECURITY
PROBLEM
17%
THINK THAT
THEY ARE TOO
CONFUSED
23
62%
SAY THAT THEIR
GOVERNMENTS
ARE IN THE
EARLY STAGES OF
UNDERSTANDING
THE CYBERSECURITY
PROBLEM AND
COMMITTING TO
INTERNATIONAL
COOPERATION
24
“If any issue consistently emerged from
?;; $ ;;
in London and yesterday's outstanding
summit activities, it’s the criticality of
strong international cooperation, public
and private, to drive the policy changes, the
business process changes and multilateral
agreements to improve cybersecurity.”
BOB CAMPBELL
&Q&+!/MMUMQ+M*5_ &*Y!!5Q+5$
Q=$ 5&Q5*+* * * )
25
“The global cyber commons requires safe
navigation by nations for their well-being, economic
growth and national security.International
cooperation to enhance openness, strengthen
governance, and stability of cyberspace is
essential. India, with the third largest number of
; #%D
KAMLESH BAJAJ
&Q$++*&)5 &Q)& M
Q= $ +~$*&
26
55%
DOUBT THAT
THEIR COUNTRY
CAN DEFEND
ITSELF AGAINST
SOPHISTICATED
CYBER ATTACKS
27
WHAT KIND OF RULES SHOULD
APPLY IN CYBERSPACE?
Is cyberspace a truly new society that deserves its own rules or an
extension of the real world—and should most or all of its rules apply?
30%OLD RULES
28
“We really are operating in concentric
circles. First, companies need to
protect the data of their customers and
themselves, and then around that is
industry and, third, at a country-level.
and the world has moved farther. I
?
are intersecting with what happens
across the world, becomes even more
important.”
ARBIND PRASAD
$ 5&Q5U5+M
=$5+ QQ= $ +
&A+!5*Q=&Q!!5&
+$ $)*5~= &&
29
Working Togethe
The institute's summit process is oriented around ongoing
breakthrough groups, diverse collections of experts assigned
to devise solutions to major cybersecurity challenges.
30
r
31
he success of EWI's World- new vulnerabilities. While there is
32
ICT Development/ Payload Security
Supply Chain Integrity
In a perfect world, the government
Governments and businesses are can access the critical informa-
unable to determine the integrity tion it needs in a timely manner
of the hardware and software on to ensure national security and
which they vitally depend for the As essential ? #
reliability and security of their criti- > V
%!V >
data now often cyberspace with safety, security and
privacy – i.e. freedom from being
underway by national governments traverses needlessly observed or interrupted.
to improve their oversight of the
technology responsible for national international / >
critical infrastructure as well as vital and service providers should meet
national security operations. The
borders, ? # ?
#? >; %A>
>; ;V < the lack of neither government nor private sec-
and experience resides in the private
sector, where much of the hardware a common ?V >; #
and software design, development, ; ?
deployment and operation occur.
understanding to neither.
Thus governments are typically at of the + # >-
a substantial disadvantage, forced
to rely on the private sector for appropriate ?#
insights. That said, private sector of a common understanding of the
insight can be biased as a result of
rigor for its appropriate rigor for its protection
# ;V?
;; ?V > protection and > % ? #
status quo approaches.
access is a # # )%*%H
? # # ? ##
# )%*%H?
major obstacle international policies affecting moni-
toring and privacy.
# # - for everyone.
ing international principles for the
integrity of ICT development/supply
chains that may be otherwise over-
# #; #
national initiatives.
33
Additional proposed by EWI’s report / as hospitals in cyberspace; this
International Communications #> ; #-
Breakthrough Groups ~/ &K* & # ; dressing this potentially dangerous
of Crisis. problem.
Pursuing World Class
Performance for International
Emergency Preparedness Measuring the
Connectivity: Timely Outage
for the Financial Service Cybersecurity Problem
Repairs for Global Undersea
Sector in Cyberspace /# # # -
Communications Cable
Collaboration in the international ## # >? ;
Infrastructure (GUCCI)
> ;- cybersecurity compromises is vital
+ &?
tive to prepare for future crises, in a world of increased complexity,
/ &;; {? -
# connectivity and criticality.
tices for timely outage repairs of
could occur in cyberspace.
undersea cables is essential to both
Stopping Cyberspace Pollution:
maintaining stable international
Dealing with the New Power International Cooperation on
connectivity and restoring service
Structure of Non-State Actors Fighing Spam and Botnets
as soon as possible in the event of
in Cyberspace #;;
an outage.
/ >; ## have made their identities extreme-
promote constructive cooperation # > ;
Harmonizing Legal Frameworks
with non-state actors in cyber- ;;# -
+#> ?V >
space, and assure that the existing # ## ;
recommendations for potential
prescribed instruction and training ;# %
new legal mechanisms is critical to
# U > #A cooperation and policy is crucial to
combating cyber crime and cyber
> - effectively addressing the problem.
%
> ? P %
Implementing Public Health
Priority International
International Aspects of Critical Models for the Internet
Communications: Strategy
Infrastructure Protection In the face of mounting cyber
for Implementation
$ > threats, international cooperation
? <
U > #A > based on a global public health
the steps the international com-
there are currently no distinctive, model can improve device health
; ; # ;-
> ?;- ## %
menting the four recommendations
tected humanitarian entities such
+?>; K$ _>& ; &?/ &;; ~ &/&Y$ #_ / #
34 Q * &&?M ; #Y! Q{5 # & ; !`++ UY$ # &; YX
=# 5& Q #$ #= Y* U#; & ~;+ *
? =;YM?=~ %Y+ !X/ * * !
New Ideas
The 3rd Worldwide Cybersecurity Summit provided
an excellent opportunity for experts, stakeholders
and decision-makers from industry, government
and academia to review papers on the international
policy-related aspects of cybersecurity.
For a full list of presented papers visit the summit website at www.cybersummit2012.com.
35
“India's importance
In the News in this domain can
The 3rd Worldwide Cybersecurity Summit ?V##;
made it to the front pages of major fact that, after the
newspapers in India and attracted wide previous two editions
media interest abroad. Here are some M # #$
headlines and soundbites from the summit. $
the Third Worldwide
Cybersecurity
B ? Summit.”
explosions and no declarations
of war, but cyber crimes can
P V ;#;%
< ; )%*% #
India are meeting at a summit “'We have 1.2 billion people and will
$ # > be the largest in terms of population
cybersecurity areas.” in the world in years to come. Cyber
crime affects us perhaps much
more than any other country in the
#; # ! X
Sibal said on the sidelines of the 3rd
Worldwide Cybersecurity Summit.”
B
here, it’s a massive business
opportunity across the
#!%/ # #
Real Time on the sidelines B} *A ?
of the EastWest Institute’s cybersecurity chief, told Reuters
cyber security summit in at a cybersecurity conference in
$ #% $ #
; U;
?# security researcher Felix Lindner, who
focuses on issues of global has exposed vulnerabilities in the
security and is chaired by company's routers, from its $100 home
!%/ %D Internet devices
vices to multi-million dollar
equipment.”
36
B) ;! X * ? New Publications
on Tuesday called for a global effort Two new EWI reports were released to coincide
to fortify cyber security. Interacting with the convening of the New Delhi Summit.
with reporters at the third Worldwide
Cybersecurity Summit here, Sibal Priority International Communications
said that such security is necessary
$ # } { ; # ; -
as online space doesn't have a down in 2011, the London bombings in 2005, and the 2008
boundary and information could !;? #'' ; ;; -
# ; # %/ -
>; P &;; ~/ &? ##
prevent the loss of lives and property in such crisis situations.
sensitive matters.”
# ;# ;; # <-
perts, this publication sets forth straightforward steps needed
to set up an international capability for both government
# > #%+; {
technologies and services continue to demand greater and
? # #
more frequently.
“The global summit sought to bring
/ &;; K* & #
more stability and safety into the Times of Crises presents four actionable recommendations
global cyberspace by identifying ;; ##> ; #-
;; > V;;#%
critical security areas and ways to # #? > # > #
with critical roles in times of crises. They are critical infrastruc-
address them.” ~;; >
# Y? ~
government, emergency management) and individuals with
national security responsibilities.
37
Silicon Valley 2013
After holding its last two summits in London and New Delhi,
the EastWest Institute will bring its cybersecurity summit series back
to the United States in 2013 (November 4-6). Located at the epicenter
of technology innovation, the Silicon Valley summit will drive
intense, focused work on vital cybersecurity issues. As its new name
indicates, the summit will feature a renewed emphasis on building
trust among key players. This means bringing together private and
public sector representatives of nations that normally are wary of
each others’ cyber capabilities, planning and ambitions.
) #* & The Stanford Institute for Eco- Social Networking
38
SILICON 4th Worldwide
4
C
Cybersecurity
VALLEY T
Trustbuilding
2013 Summit
S
40
Angela Chen (U.S.) Wolfgang Ischinger (Germany) Tsuneo Nishida (Japan)
= # #! $ Chairman +;?#Y
U?+ + ! * & /; 5 >
/ U?A# } )%%
Epoch Fund U> ; +
+ * Ronald P. O’Hanley (U.S.)
Michael Chertoff (U.S.) / # + ! ;
& #! / Anurag Jain (India) and Corporate Services
Chertoff Group Chairman Fidelity Invesments
M# /> %M #%
David Cohen (U.K.) Yousef Al Otaiba (U.A.E.)
Chairman James L. Jones (U.S.) +;?#
=&5 / ! ; =;)%*% * ;? ) #+?
+#> Emirates in Washington
Joel Cowan (U.S.)
/ Haifa Al Kaylani (U.K.) Admiral (ret) William A. Owens
Georgia Institute of Technology = #& (U.S.)
+? ; {=; Chairman
Addison Fischer (U.S.) ++A# +
& ; &= # Zuhal Kurt (Turkey) Former Vice Chairman
/ A = # CEO )%*%} & *
X
Adel Ghazzawi (U.A.E.) Sarah Perot (U.S.)
Founder Kevin McGovern (U.S.) $ &&
&QX+* Chairman $>;
The Water Initiative $& /; +
Stephen B. Heintz (U.S.) Co-Founder
/ # *Q> Louise Richardson (U.S.)
5 = # /
General (ret) T. Michael ) > * %+ #
Emil Hubinak (Slovak Republic) Moseley (U.S.)
& ; &Q ! #+ MM& John Rogers (U.S.)
Logomotion Former Chief of Staff ! $
) #* + = U#; *&%
John Hurley (U.S.)
! /
&>+ ! ; CEO
/ > U
41
&Q=Q)$5 $ 5&Q5*!5
George F. Russell, Jr. (U.S.) Ira D. Wallach* (U.S.) Jan Krzysztof Bielecki (Poland)
Former Chairman Former Chairman CEO
EastWest Institute & U ; % /XQ *%+%
Chairman Emeritus Co-Founder =;/ ;! / #
Russell Investment Group EastWest Institute
Founder Emil Constantinescu (Romania)
Russell 20-20 / #
&A+ 5!!5 Institute for Regional Cooperation
Ramzi H. Sanbar (U.K.) #& P /> ~ &Q5
Chairman Berthold Beitz (Germany) =;/ # 5;
*$&U % / #
+ #X> William D. Dearstyne (U.S.)
Ikram ul-Majeed Sehgal #A?* Former Company Group Chairman
(Pakistan) } }
Chairman Ivan T. Berend (Hungary)
* ! ; / John W. Kluge* (U.S.)
Services Ltd. ) > & M+ =;& ; #
! ;# U
Kanwal Sibal (India) Francis Finlay (U.K.)
Former Foreign Secretary of India Former Chairman Maria-Pia Kothbauer
Clay Finlay LLC (Liechtenstein)
Henry J. Smith (U.S.) +;?#
CEO Hans-Dietrich Genscher Embassy of Liechtenstein to
#*; Q % (Germany) + Q*& # ) _
=;_ & !
Pierre Vimont (France) = + William E. Murray* (U.S.)
Executive Secretary General Former Chairman
< + *> Donald M. Kendall (U.S.) The Samuel Freeman Trust
=;+;?# =;& ; &Q
Embassy of the Republic of France / &% % John J. Roberts (U.S.)
$%&% * +#>
Whitney MacMillan (U.S.) +; U~+ U
Alexander Voloshin (Russia) =;& ; &Q
& ; # Cargill Inc. Daniel Rose (U.S.)
Q}*&) Chairman
5+ %
Zhou Wenzhong (China)
Secretary-General Mitchell I. Sonkin (U.S.)
=;+ ! $
! + &
|$#
42
India Summit Committee
Kapil Sibal
! ) &;; # ;
Committee Chairman
Nandan Nilekani
& ; ) # + #
~) $+
A# +#> U)
/V ~+U)/
Arbind Prasad
$ U =# # &;?
Commerce and Industry (FICCI)
Kamlesh Bajaj
&Q$ * & # ~$*&
Dilip Chenoy
&Q * $>; &
43
Founded in 1980, the EastWest Institute is a global, action-oriented
## % ?;?K
www.ewi.info