Challenges of International Cyber Security

This was written by Michael Cheek on Monday, November 16, 2009, 16:02.

International agreements form the foundation for international cooperation on a host of issues, from the proliferation of nuclear technologies, to chem/bio weapons, to terrorism, though no such foundations really exist for cyber security issues. At a recent luncheon hosted by the World Affairs Council, General Hayden, former head of NSA and deputy director of National Intelligence, Dr. Jim Lewis of CSIS and Dr. Jamie Saunders, counselor at the British Embassy in Washington, DC, each spoke on the topic of the need for international cooperation in cyberspace.

Gen. Hayden highlighted some of the basic issues when discussing cyber security, particularly understanding just how complex the topic is. “I would much rather be up here speaking about something as straight forward as Afghanistan,” said Gen. Hayden. The issues surrounding cyber security are remarkably complex and represent a variety of challenges. Dr. Lewis discussed the need for a tiered approach to cyber security, saying that “one size does not fit all.” Dr. Lewis highlighted the need for increased international approaches in order to shrink the ’sanctuaries’ that are available to cyber criminals.

Dr. Saunders discussed his concern over any possible US approaches to international engagement. He pointed to the threat of unilateralism in deciding protocols for cyberspace. Dr. Lewis, conversely, highlighted the need for the US to take a central role in forming any international legal frameworks. As IT space begins to move further afield of the US, it is possible that other nations will take the lead in developing cyber security solutions that the US may not like or agree with.

An interesting question however, is does the US need to decide its own domestic ideas of cyber security before moving into the international realm. Gen. Hayden seems to think so, observing that the US needs to be on the same page before going out to other nations in an effort to obtain a treaty or convention. Dr. Lewis took the concept a step further and pointed out that once that happens, there also needs to be consensus reached with foreign nations on what different words mean when holding discussions about cyberspace. Gen. Hayden also drew attention to the reluctance of the US to talk about cyber security, both culturally and institutionally, along with finding the right balance of security, ease of use and privacy.

With all these challenges, what are some solutions? At this point, it is difficult to say. It is clear that the US needs to formulate a unified concept of what cyber security constructs are needed before proceeding internationally. One thing is certain, cyber threats will continue to increase and new international codes need to be formulated to mitigate them.