WS #64 Designing Digital Future for Cyber Peace & Global Prosperity

Summary

This discussion focused on strategies for achieving cyber peace and building a resilient digital future in an increasingly interconnected world. Experts from various sectors explored the challenges of cybersecurity and potential solutions. Key points included the need for multi-stakeholder collaboration, the importance of digital literacy and awareness, and the role of emerging technologies like AI in both creating and mitigating cyber threats.

Participants emphasized the critical need for trust-building among nations and stakeholders to facilitate information sharing and collaborative defense against cyber attacks. The discussion highlighted the importance of bridging the digital divide to ensure all nations, regardless of economic status, are adequately protected in cyberspace. Experts also stressed the need for ethical considerations in cybersecurity policies, particularly regarding the balance between security and privacy.

The role of the private sector in combating cybercrime was discussed, with examples of successful collaborations between industry and law enforcement agencies. Participants also addressed the challenges of holding actors accountable for cyber warfare under international law. The discussion touched on the potential of AI and other emerging technologies to both enhance cybersecurity and create new vulnerabilities.

Overall, the panel emphasized the urgent need for action beyond dialogue, calling for concrete steps to stem the rising tide of cybercrime and build a more secure digital ecosystem. The discussion concluded with a proposed framework for cyber peace, emphasizing collaboration, education, and resilience in the face of evolving cyber threats.

Keypoints

Major discussion points:

– The importance of multi-stakeholder collaboration and trust-building to address cybersecurity challenges

– The need for greater digital literacy, awareness, and capacity building globally

– The role of emerging technologies like AI in both creating new cyber threats and potentially mitigating risks

– Balancing innovation, security, and privacy concerns in cybersecurity policies and regulations

– Addressing the digital divide and ensuring inclusive cybersecurity frameworks that protect all nations

The overall purpose of the discussion was to explore strategies for fostering global cyber peace and building a more secure, resilient digital future for all. The panelists aimed to identify key challenges and propose solutions for enhancing international cooperation on cybersecurity issues.

The tone of the discussion was largely constructive and solution-oriented, with panelists offering insights from their diverse backgrounds in government, industry, academia, and civil society. There was a sense of urgency in addressing growing cyber threats, but also optimism about the potential for collaborative approaches. Towards the end, the tone became slightly more pessimistic when discussing the difficulties of holding actors accountable for cyberattacks, but overall remained focused on finding ways forward.

Speakers

– Subi Chaturvedi: Moderator, Global SVP, Chief Corporate Affairs and Public Policy Officer of Inmobi

– Kumar Vineet: Founder and CEO of Cyber Peace

– Major General Pawan Anand: Director of the Center for Atmanirbhar Bharat, United Services Institution of India

– Melodina: Professor of Innovation Management at the Mohammed Bin Rashid School of Government in Dubai

– Genie Sugene Gan: Head of Government Affairs and Public Policy, APJ and Meta Regions for Kaspersky

– Sanjeev Relia: Chief Strategy Officer for Athenian Tech Limited and consultant for Center for Humanitarian Dialogue

Additional speakers:

– Jonah Klivnovic: Managing Partner and CEO of IT and Risk Management

Expanded Summary: Strategies for Achieving Cyber Peace and Building a Resilient Digital Future

This discussion brought together experts from various sectors to explore strategies for achieving cyber peace and building a resilient digital future in an increasingly interconnected world. The panel, moderated by Subhi Chaturvedi, focused on the challenges of cybersecurity and potential solutions, emphasising the need for multi-stakeholder collaboration, digital literacy, and the role of emerging technologies.

Key Themes and Discussion Points:

1. Multi-stakeholder Collaboration and Trust-building

A central theme throughout the discussion was the critical importance of collaboration between various stakeholders to address cybersecurity challenges effectively. Kumar Vineet emphasised that “governments cannot do it alone” and called for a platform where “industry, academia, civil society, government, netizens, all of us need to come” together. This sentiment was echoed by other speakers, including Major General Pawan Anand and Genie Sugene Gan, who stressed the importance of building trust and awareness among stakeholders and promoting public-private partnerships.

Genie Sugene Gan highlighted the No More Ransom initiative as a successful example of multilateral cooperation. This project, involving law enforcement agencies, cybersecurity companies, and other partners, has helped decrypt devices affected by ransomware and saved victims millions in potential ransom payments.

Sanjeev Relia highlighted the need for establishing communication channels between nations for information exchange, particularly regarding cybercrime, cyberattacks, and zero-day vulnerabilities. He also emphasized the growing threat of cyber espionage, underscoring the importance of international collaboration in addressing these challenges.

2. Digital Literacy, Capacity Building, and Awareness

The panel agreed on the urgent need for greater digital literacy, awareness, and capacity building globally. Kumar Vineet addressed the challenges of language barriers and accessibility issues in cybersecurity awareness, emphasizing the need for interactive and engaging formats to capture people’s attention. Jonah Klivnovic noted that people typically only dedicate about two minutes per year to cybersecurity awareness, highlighting the challenge of effective education.

Vineet provided examples of evolving cybercrime patterns, such as the Jamtara district in India becoming a hub for phishing scams and the rise of Cambodia-based scams, illustrating the need for adaptive awareness programs.

Sanjeev Relia emphasised the importance of enhancing capacity building efforts, especially for developing nations. The discussion highlighted the persistent digital divide between technologically advanced and developing countries, with both Melodina and Sanjeev Relia acknowledging this as a significant obstacle to achieving global cyber peace.

3. Emerging Technologies: Opportunities and Challenges

The role of emerging technologies, particularly artificial intelligence (AI), in both creating new cyber threats and potentially mitigating risks was a key point of discussion. Jonah Klivnovic provided a balanced perspective, noting that AI is “changing the fabric of society” and increasing the velocity and reducing the costs of cyberattacks. However, he also highlighted its potential as a tool for cybersecurity practitioners.

Melodina raised ethical concerns about the securitisation and militarisation of AI, emphasising the need for human-centred approaches and the protection of human rights. She cited the “Lavender Project” as an example of ethical concerns in AI-driven security decisions, stating, “If our mandate is being human-centred, that it is at the end of the day about people and all lives have value… then we have a big challenge on how we’re doing this.”

4. Balancing Security, Privacy, and Innovation

The discussion touched upon the delicate balance between security needs, privacy concerns, and innovation in cybersecurity policies and regulations. Melodina highlighted the ethical challenges of collecting information on individuals for cybersecurity purposes while respecting privacy rights. The rapid pace of technological change outpacing policy frameworks was identified as a significant challenge, with speakers calling for more cohesive global governance frameworks for cybersecurity.

5. International Collaboration and Information Sharing

Enhancing threat intelligence sharing between nations and industries emerged as a crucial strategy for combating cybercrime. Sanjeev Relia stressed the need for information exchange on various cyber threats and attacks. Melodina advocated for developing global standards and alignment on cybersecurity practices, emphasizing the need for political will to achieve this alignment. The audience raised concerns about the lack of accountability in cyberspace.

Unresolved Issues and Future Directions:

Despite the constructive discussion, several issues remained unresolved, including:

1. Ensuring accountability in borderless cyberspace

2. Effectively bridging the digital divide between nations

3. Balancing innovation with regulation in a rapidly evolving technological landscape

4. Combating sophisticated cyber attacks and cyber warfare

5. Creating truly inclusive governance frameworks

The panel proposed several action items and potential compromises, including:

1. Developing more cohesive global governance frameworks for cybersecurity

2. Enhancing threat intelligence sharing between nations and industries

3. Creating cyber rehabilitation programmes for both survivors and criminals, as suggested by Vineet

4. Establishing communication channels between nations for information exchange

5. Focusing on capacity building efforts, especially for developing nations

6. Balancing security needs with privacy concerns through ethical AI frameworks

7. Combining top-down policy approaches with bottom-up education and awareness efforts

Conclusion:

The discussion emphasized the urgent need for action beyond dialogue, as highlighted by Jonah Klivnovic, calling for concrete steps to stem the rising tide of cybercrime and build a more secure digital ecosystem. Dr. Subhi Chaturvedi proposed the “SECURED” framework, which encapsulates key points from the panel:

S – Stakeholder engagement

E – Education and awareness

C – Capacity building

U – Understanding evolving threats

R – Resilience through collaboration

E – Ethical use of technology

D – Digital inclusion

This framework, along with the upcoming Internet Governance Forum (IGF) in Norway mentioned by Subhi Chaturvedi, provides a roadmap for future efforts in achieving cyber peace. The proposed approach emphasizes collaboration, education, and resilience in the face of evolving cyber threats, with a strong focus on multi-stakeholder engagement and international cooperation.

Kumar Vineet: towards cyber peace and ensuring a resilient digital future for all. As we stand at the crossroad of technological innovation and societal transformation, we are reminded of the immense power and potential that cyber space holds, not just for a few, but for every citizen, organization, and nations across the interconnected world. Today we gather not just to discuss, but to catalyze action towards a future where digital prosperity is linked with global peace and security. We are joined by our esteemed panel of experts who bring with them a wealth of knowledge from groundbreaking advancement in technology security to innovative educational frameworks that aim to empower and protect communities at every level. As we navigate through our discussions, I encourage each one of you to think beyond the immediate. We are here to challenge the status quo, to question and to create a unique opportunity to mold a safer digital landscape. Let us explore bold and transformative ideas and address the root causes of cyber vulnerabilities, bridge the digital divide, and foster an environment where an individual, organization, and even nation-states can thrive in safety and dignity in cyberspace. Together, let’s set the stage for a dialogue that is as profound as impactful, ensuring that our collective journey towards cyber peace transcends the boundaries and sets new benchmarks for global cooperation. With that, let me introduce our online moderator. I can see Dr. Subhi has joined. Dr. Subhi Chaturvedi. She has done her PhD from IIT Delhi. She currently is the Global SVP, Chief Corporate Affairs and Public Policy Officer of Inmobi. Inmobi is India’s first UNICORN. or Global Tech MNC across 26 country, distinguished professor of IIM Jammu, distinguished professor of University of Delhi, professor of practice of JHU Delhi. She has been part of the governing board member of the Indian National Science Academy. She also served as a chair of the Working Group 7, Inclusive Growth, Entrepreneurship, Startups, and MSMEs of the US-India CEOs Forum. So long introduction, Subi, and plenty of achievements. But one thing that I’d like to call it out to everyone here in the room, is she was also the former MAG member of the Internet Governance Forum. And she was appointed by the UN Secretary General. So welcome, Subi. Now, over to you.

Subi Chaturvedi: Thank you, Vineet. It’s such a pleasure being back in this room. As you know, I’m an old time MAG member. It is always a joy coming back. And what better session than to look at how we can design cyber peace for a more inclusive world. I’m so glad that you could make it in person, despite the fact that you are unwell. So 100 marks and an A plus for all effort. I think we have a fantastic panel today. And we have a wonderful audience that’s joined us online as well. So without further ado, when we are looking at framing the larger questions, I don’t think there’s any deliberation on cyber warfare not being a distant threat anymore. It is actually present. And it’s reality with 13 attacks per second happening on critical infrastructure in 2023 alone. And there’s an anticipated surge in cyber crime. The costs are approximately $9.5 trillion by 2024 itself. The urgency for action of the world coming together with multiple stakeholders has never been clearer. So I’m truly delighted that we have a true, true multi-stakeholder panel today in every sense of the word. I think the deliberate design of digital technologies takes on heightened significance, which is offering both opportunities for promoting cyber peace and un… addressing emerging challenges in the realm of cyber conflicts. Today in this session where we have about an hour, what we are going to do is first turn to each of our panelists for three minutes each in terms of first level, which is a more detailed intervention. And then we’ll come back for round two so that we have at least 10 minutes for questions. The second round will be a two minute intervention by all the panelists where we post questions so that we can look at actual solutions and not just address more questions and bring them into the room. The panel today will explore integrate interplay between technological innovation, cyber threats and the pursuit of peace in the online world. And this session will highlight critical importance of preserving principles such as openness, interoperability, user centricity and a champion of human rights. These are all core values of the internet and we are ever so grateful to the two fathers of the internet. I think understanding cyber conflicts and threats, navigating ethical considerations around AI, probably the most used word, I think in this edition’s IGF and cyber warfare, fostering collaboration for cyber peace, innovating towards cyber resilience and policy implications for cyber peace are major topics that this panel hopes to cover. Some of the key policy questions that our panelists will address, they include the role of policymakers in how they can balance innovation and security. We have equal representation from gender. We are so happy that this is not a manual and we have equal representation from industry and all other stakeholder groups as well, including intergovernmental members. We are also going to be exploring in this panel policy implications of emerging cyber threats and global cybersecurity efforts and what are the peace building initiatives that we can look at. And we are so happy that the next IGF will take place in Norway, which is known for its ability to broker consensus and build peace. So how can international norms and agreements shape governance of cyber peace? What are the strategies that can be employed to… foster collaboration among stakeholders, and how can we together enhance cyber defense capabilities, mitigate the risk of cyber warfare? And lastly, but very, very important, how can regulatory frameworks adapt to the rapid pace of technological innovation while upholding principles of human rights? And now for the cherry on the cake, the fantastic panelists that we have brought together in this room include Major General Pawan Anand, he’s the Director of the Center for Atmanirbhar Bharat, which stands for a self-reliant India. He leads the United Services Institution of India, and is also the co-champion of the Joint Cyber Peace Center for Building Peace along with USI. Major Vineet Kumar, who you just heard from, my co-organizer and co-moderator for today, he’s the founder and CEO of Cyber Peace. And Colonel Sanjeev Raylia, he’s the Chief Strategy Officer for Athenian Tech Limited and consultant for Center for Humanitarian Dialogue. We are so delighted to have Melodina Stephens, she’s a Professor of Innovation Management at the Mohammed Bin Rashid School of Government in Dubai. We have Jonah Klivnovic, Managing Partner and CEO of IT and Risk Management. And last, but certainly not the least, we are so happy to have Jeanne Sugin-Gann, Head of Government Affairs and Public Policy, APJ and Meta Regions for Kaspersky. And some of the considerations, before we get into the meat of the matter, the first malicious cyber attack actually came to us in 1998 with the Morris firm designed by a Cornell University graduate student. And it was intended only as an experiment to measure the size of the internet, but it inadvertently caused significant disruption. It affected and infected approximately 6,000 computers, 10% of the internet at the time, causing systems to slow down or crash. This is but a grim reminder of what some of the unintended consequences, which can then turn into national level catastrophes and disasters can be. In 2024, we’ve had several attacks per second. This has cost us about 4.88 million US dollars, the average cost of a data breach in 2024. This has seen a 10 percent increase over the last year, which is the highest total ever. Forty percent of all data breaches have involved data stored across multiple environments, and that brings in the question of, how should global governments engage with industry, which obviously ask for a balance between innovation and the global cost of cybercrime, is only projected to reach over $10 trillion in 2024, which is a 15 percent increase. Lastly, it is human error, which has still remained a significant factor. How do governments, industries, also engage with citizens and consumers? Because they’ve contributed to 88 percent of cybersecurity breaches. With that, I come to our illustrious panelists for the day. Major General Pawan Anand, if I can please start with you, and we can look at a perspective, which you can share with us around resilience against cyber threats. So what would be some of the strategies that, according to you, nations and corporations can implement to build a resilient internet? They can build resilience against increasingly sophisticated cyber threats, while promoting an open and secure global digital economy. The floor is yours. Can I please request the host to also make him the co-host? I think he’s trying to unmute himself.

Major General Pawan Anand: Can you hear me, Subhi?

Subi Chaturvedi: Yes, I can hear you. You’ve been unmuted. We can hear you loud and clear. Over to you, Sam.

Major General Pawan Anand: All right. I don’t seem to be able to disable… start video. So maybe I’ll just stick with the voice. Thank you so much, Abhi, for such a brilliant introduction. Always expected of you. So it’s an honor to be on this panel with you. It appears to me that, you know, with such a brilliant set of people that you’ve already got, there’s very little that a person like me would be able to say that others would probably not be saying. But let me start with saying that the main issue that we probably are looking at when we talk about cyber peace is building up an environment of trust. And that environment can only be built up when agencies and people come together to discuss and outline the various guidelines for each other. I think a lot has already been worked out in terms of the internet, but we would be failing in our duties if we did not take it forward. And I think the IGF meet really helps in taking this forward. As far as government strategies are concerned, I think the first thing that most governments would be keen to do is to build up a strategy, build up a national strategy for cybersecurity. More important than building that up is also to bring in the digital public infrastructure in place. And I think India leads in that. India has also been offering the DPI to various countries of the global south. And hopefully after we have coming into the digital world and increasing their digital penetration as much as there has been in India, I think the next stage would be to ensure that everybody is safe. So the first strategy is to bring in digital penetration. And the second would be to ensure that it is absolutely safe. How do you then build up this confidence to keep the trust in the digital world? And the most important in all that would be spreading awareness. When knowledge is spread, when people are aware of the threats that exist, when people know how much of cyber hygiene has to be maintained, I think we will be able to achieve our strategies correctly. So I pause over here and let you go on with the others. And maybe when there’s something more specific, I’ll definitely intervene. Thank you, Subi.

Subi Chaturvedi: Thank you. Thank you so much, Major General Pawan Anand. Great remarks as always. And we’ll come back to you for round two. I now turn to Melodina. And we want your perspective. You have a profound academic journey. It’s such an impressive CV. It was such a pleasure going through it. We would love to hear your perspective on emerging technologies. How do emerging technologies like quantum computing and AI influence the current cyber landscape? What are some of the potential risks and benefits that you are seeing of these technologies in the context of building global cyber peace? And how do you think we can mitigate risk? Please, the floor is yours, Melodina.

Melodina: Thank you so much. So first, I would like to start with what do we mean by cyber peace, right? So I think it is peace in the cyber atmosphere. Or do we also mean it’s cyber spilling over to physical? And I think it is both of that. If I think of peace as the absence of war, then what are we having a war with? And I think it’s very clear. It’s share of heart, share of mind, share of resources. If I think of share of mind, we are already seeing misinformation, disinformation campaigns. And this is profound. Part of it comes from ignorance. We have people who don’t understand, maybe don’t have the knowledge of general affairs, or even cyber security. So even before I think of cyber, I think general knowledge, there’s a missing piece, education piece that’s there. And this makes them a lot more susceptible sometimes to these outside influences. When I think of share of heart, I’m thinking of soft power in some ways. And we do see right now with algorithms this is easy to do. There was an interesting case in Romania right now, the elections have been postponed simply because the candidate got a huge amount of share of likes, for example, on social media. And then they found out this was bot introduced, right? So I this is really a challenging issue. And if I think of the last one, share of resources, hardware for cyber is extremely expensive. We’re not talking small amounts of money. So this comes along with funding, and funding has strings globally. So this is also something we must talk about. There is a talent shortage. This is something we have to talk about. There is a resource shortage. For example, with the war that took place in Europe, I believe a significant amount of the Argonne production, which is needed for semiconductors, was wiped out. So we are looking at these kind of narratives. If we want cyber peace, we have to address all three. Now your question was on quantum computing. This is a challenging one, because the speed at which we compute will increase. So if I take, for example, Google Willow, which was just introduced a few weeks back ago, it can do in 10 minutes what a supercomputer will take 10 raised to the power of 25 years to do. There is no way human beings can match this speed. But this raises also challenges, because it can crack codes. Blockchain is no longer secure. So how do we manage in this environment where we’re looking at the speed of, I don’t know, light? and human beings don’t have the capacity. So the question is, do we need the technology for the sake of the technology, or is the technology actually beneficial to people? And I’m not sure we’ve answered that question. So I’m just gonna stop over there.

Subi Chaturvedi: Thank you. I think it was fantastically articulated, really, really well put, and some pertinent questions brought to the floor. Thank you for sharing with us. I think, Vineet, now it’s time to bring you in. I believe civil society has been at the forefront of pushing for user interest, asking industry as well as governments for greater accountability, ensuring security first practices. So what role do you see organizations like CyberPeace, which is working at the grassroots, which many a times act as a bridge builder, how do you see CyberPeace playing a definitive role at a local level in the global scheme of things? When it comes to establishing peace and brokering peace processes? Over to you, Vineet.

Kumar Vineet: Thanks, Suvi, great question. And let me share that CyberPeace, like you rightly mentioned, that we are a grassroots NGO and a policy think tank. We are the voice of the people on the ground. The kind of issues, challenges that the netizens face, whether it is the child sexual abuse material, ransomware, the issue that the startups, MSMEs, and all different sectors like the critical infrastructure face. So we work closely with them and we kind of identify the issues and challenges and take it to the policy maker. One thing that I keep mentioning everywhere that cyber security and peace, in fact, there’s a very interesting paper that CyberPeace we have written. It’s called Crowdsourcing CyberPeace and CyberSecurity. Because we generally believe that governments cannot do it alone. When we talk about peace and responsible online behavior, when we talk about security, all of us need to be… need to come on a ground. All of us need to come on a platform. Industry, academia, civil society, government, netizens, all of us need to come. And that’s where CyberPeace, as a nonprofit, as a grassroots NGO, we are kind of working out on a model. We are working out, in fact, to create a platform where all these individuals can be brought out. Connecting the unconnected people and people at the grassroots, those who do not have the reach, basically, to get their views shared or get their voices to a forum like IGF or any such major forum. We act as a bridge. We act as a kind of a platform where these voices come. And then we share the voices with policymakers, with industry, academia, civil society, and government. So that’s what we are doing. And I generally believe crowdsourcing is the way forward. One of the things that we have tried doing it is, I mean, and the way we try to mention that we can achieve peace is by creating people as first responders, making them sure that they kind of count the emerging crimes, the emerging set of defects, or AI-generated misinformation that’s being distributed in the community. They need to be well aware about it. They need to be aware on how to address the kind of challenges and how to report challenges that are coming up. Trying to create these first responders across the country in India. In fact, in the next two years, we are going to create around 8 million first responders. And with the help of the Commonwealth Secretariat, we are just trying to work out a program on how these first responders, the Cyber Peace Corps, and the first responders could be actually, the network could be spread in Commonwealth countries and later to other set of countries. So what I believe is we need to come. and the IGF Secretariat, and the remote hosts who are making participation possible. I remember back in 2012 when we started as part of the Manifesto, we had a meeting with the IGF Secretariat and the remote hosts, and we had a discussion about how we can address these issues together. So with that, I pass it over to you, Subi, again. Thank you.

Subi Chaturvedi: Thank you, Vineet. It’s such a delight. At this point, I want to really call out the IGF Secretariat and the remote hosts who are making participation possible. When we started as part of the MAG, this used to be one of the asks to connect the unconnected and also be the voice and give people voice and agency. So it is a great beginning. With that, Jonah, I come to you. You fight the good fight. You’ve been heading risk. Can you elaborate for us on the importance of threat intelligence, collaboration, threat intelligence, sharing between nations and industries? How can trust be built amongst various stakeholders to share sensitive information more openly, more promptly, and learn from these models? Over to you, Jonah.

Audience: Thank you, Dr. Subi, for the great question. And it’s a difficult one and one that I’ve been kind of grasping with my entire professional career. I think there’s a big difference, and I think we should start off with that, between intelligence and information. So information is just factual, while intelligence is contextualized information that is timely, actionable, and relevant. And this is where I get to the operationalization aspect of it. As a former practitioner in a large-scale bank and also as a member of an intelligence-sharing community that was EC3 under Europol, I can tell you that, in principle, intelligence sharing works really well. And it’s something we definitely should do. But the actual operationalization of it is not well executed in a lot of instances. And what I mean by this is how you build trust between the public and the private sector. sector is that the public sector, which has enforcement capability, needs to showcase how the intelligence that was provided from the private sector has actually led to enforcement capabilities being enacted. Because it’s tremendously taxing on the private sector. And I know I was running one of these teams, and you’re very short-staffed, and you don’t have the talent. And then you have reporting requirements. Every quarter, you need to produce new data, and you need to submit it, and it goes into the ether. And then nothing is heard, and you don’t know how this actually influenced the mitigation of the capabilities of wider threat actors. So I think it’s enhancing the dialogue to really focus on how we are actually dealing with suppressing these threat actors. And there’s a lot of discussion in terms of how shared information and intelligence can contribute to fighting digital threats, and especially cybercrime. And this is true. But also, then, there’s a regulatory aspect to it. Because there’s a lot of regulatory friction in terms of sharing data, even of fraudsters. And we’ve encountered this in Europe, where I actually couldn’t share the details of a Belgian entity with the details of a French entity due to GDPR considerations. And these were details of fraudsters. And there needs to be some regulatory streamlining, I think, on a global level, where a lot of consideration needs to go into understanding that while the private sector does bear a big brunt of responsibility, its resources are not infinite. And there needs to be kind of a consideration that there cannot be seven or eight reporting protocols that need to be done in a quarter. That there needs to be a streamlining of information flow and an enhanced view on operationalization of what is being done. So I think those are the core key factors. And that is how trust builds.

Subi Chaturvedi: Thank you so much, Jonah, for your passion and the fact that you’re still at it. We’ve all looked at. of the EU as a great source of inspiration where you can look at brokering consensus with industry, where industry looks at more creative ways of coming back to regulation, saying what’s practical, what’s feasible, what’s not going to throw the baby out with the bathwater. I’m so glad that we have people like you who are still in the room, who are still at it. Jeannie, with that, I come to you. Kaspersky is no novice to protecting ecosystems, protecting computers, protecting equipment. What role do you believe the industry can play in global cyberspace? And we’re having this discussion at the IGF. There is no better platform for a true example of multi-stakeholder interaction. Can you give us examples where intervention by the industry have led to significant advancements in cyber peace? Over to you, Jeannie.

Genie Sugene Gan: Right. Thank you. Thank you for that. Thank you for that question. Yes. Well, I think the private sector has a big… Yes. The point of view that has gone before me have already quite a fair bit of the other aspects of the topic. And I really want to focus on something which I think they haven’t just done when it comes to cyber crime. And I want to list on cyber crime prevention

Subi Chaturvedi: you, we want to go off with you that we might be able to hear you better. Go ahead, go ahead Jeannie. While I think Jeannie reconnects, Colonel Sanjeev Raylia, okay, we have Jeannie back with us again. Jeannie, do you want to try my next video?

Genie Sugene Gan: Yes.

Subi Chaturvedi: Go ahead. Go ahead. Go ahead. Okay, let me come to you, Sanjeev, we will come back to Jeannie when she has better connectivity. Sanjeev, you’ve got a background in both the Signal Corps, the Indian Army, you spent over two decades, and then you’ve also looked at industry in terms of selling cybersecurity solutions, designing them. And currently, you’re the India representative for the HD Cyber, which is looking at humanitarian dialogues around conflict resolution, peace building. Could you speak to the question of how important is multi-stakeholderism? How is it that, you know, all of us can foster more international dialogues, where we can push a common understanding, where we can look at track two diplomacy engagements, you’ve been fostering some of those, how can we establish more norms, standards, and just look for common interests between nations? Over to you, Sanjeev.

Sanjeev Relia: Well, thank you so much, Subhi, for inviting me. And before I come to the question, I would like to briefly speak on two aspects. One is that when we talk of the critical infrastructure, we only speak of the attacks that are happening, which is primarily aimed towards sabotage. We often forget to talk about the cyber espionage, which itself is a big part of, you know, the threat to the CIA. So we must keep in mind that. it is not just an attack which is to bring down the critical infrastructure, but there is a huge amount of espionage that is also happening against nation states, against critical infrastructure of nation states. Two, the cyber security itself is changing its form. From what used to be a very, very preventive kind of environment, today with the use of artificial intelligence and machine learning, we live in a world where cyber security means not just prevention, but also deception and detection and response. So the entire concept of cyber security is changing. Now, coming back to your question, how can we foster more multilateral and more multi-stakeholder dialogue? Yes, I’m presently involved in a dialogue like this, where we are trying to negotiate cyber peace and build a cyber ecosystem between India and one of our neighbors through dialogue. Right now, it is at track two level. Now, the only way that, of course, United Nations is the apex body in this, which is putting in a lot of effort. But I personally feel that just the effort of United Nations may not be adequate because we are a big world. We have a large number of users of the cyberspace. And we have a whole lot of, you know, the world economy today depends greatly on the cyberspace. So we need to have much more involvement, way beyond what the UN can do, actually. And there comes in maybe bilateral dialogues, maybe multilateral dialogues. And, of course, the best solution is a multi-stakeholder solution, where every stakeholder who has a say in the cyberspace, who’s a user, a major user of cyberspace, can be brought in to bring out their issues, to bring out the… the problems that they face, and then a solution needs to be worked out, especially when nation-states today are involved or non-state actors on behalf of nation-states are involved in carrying out these attacks. So multi-stakeholder is perhaps the only solution which will be able to foster in a good cyber ecosystem.

Subi Chaturvedi: Thank you, Sanjeev, very well put. I’m so glad we have more advocates in the room for multi-stakeholderism. Can’t emphasize the importance of people-to-people connect better. We’ve got Jeannie back in the room. Jeannie, please feel free to unmute yourself. We’d love to hear your perspective.

Genie Sugene Gan: Yes, yes, yes, yes. Sorry about that as I’m on the road to the airport, actually. So I’m trying to do this as well, being on the road. Well, I was actually going to talk a little bit about giving some examples of how the private sector really has a part to play in this entire topic that we’re discussing today, because I think we’re talking about, and also I think Sanjeev was talking about the multilateral stakeholders, cooperation and approach to how we solve these issues. So I think I want to give some examples of how we have been doing this at Kaspersky. So I think from a context setting point, sort of an approach, I want to just say that, you know, I think we all know that there has been a lot of that’s been rapid development of network technology. Incidents of cybercrime have also, of course, been rising globally, right? So we’re talking about malware attacks, we’re talking about phishing, we’re talking about distributed DDoS attacks, ransomware, all of which, of course, significantly harmed the interests of network users, causing huge losses to society. Just to put things in perspective, according to some industry organizations, actually losses from all forms of cybercrime about 10 years ago in 2015 amounted to about three trillion US dollars. And in 10 years time, which is by next year, we actually will be tripling, more than tripling that. And we’re talking about annual losses of about more than 10 trillion dollars. So, I think it’s obvious a conclusion to say that it’s imperative to stop cybercrime. And so, Kaspersky, as one of the world’s leading cybersecurity solutions provider, we have been extremely committed to providing comprehensive and effective cybersecurity protection to users around the world, obviously. But also, a lot of what we do is to actively cooperate with law enforcement agencies around the world, including Interpol, Afropol, ASEANAPOL, and so on and so forth. So, just, you know, within Asia-Pacific alone, for instance, Kaspersky actually has been given awards also for being part of Singapore Police Force’s Alliance of Public-Private Cybercrime Stakeholders and, of course, also recently appointed to the Hong Kong Police Force’s Cybersecurity Action Task Force. What am I really trying to say here? What I’m really trying to say here is that the private sector really has a part to play. And instead of, you know, even when we’re talking about, you know, for-profit companies, which have a lot, a huge amount of expertise that resides within the company, and we’re talking for companies like Kaspersky, we actually have got a great amount of specialists in the cybercrime research area. And we’ve got the threat intelligence that we provide in our bid to fight cybercrime together. So, in September 2023, for example, during Interpol’s second operation to combat the surge in cybercrime in Africa, we actually provided threat intelligence data that enabled investigators to identify compromised infrastructure and arrest suspected cybercrime threat actors across the African region. So, this operation actually resulted in the arrest of 14 perpetrators and the identification of related network infrastructure that resulted in economic losses of more than US$40 million. So, I just really want to pause there. I think these initial remarks are probably enough for context setting. And we can discuss a little bit more in detail if there are more specific questions that come up along the way.

Subi Chaturvedi: Fantastic. I’m so glad that we have you on the panel. These were great examples of some of the things that we’re going to pick up now when we get into specifics of building capacity. With that, General Anand, I want to come to you. This is going to be a shorter round of conversation. We’re keeping about a minute, minute and a half, two minutes each for everyone. In the context of cyber warfare, what are some of the specific strategies that nations can adopt to prevent A, escalation, B, look at de-escalation and also contribute to global peace building when it comes to regional cooperation? You always need to be nice to your neighbor. You don’t choose your neighbor. So go ahead, please take it away.

Major General Pawan Anand: You know, cyber space today is a place of, is literally a space of contestation. It’s also a space where so much good is happening, but it’s also a space where a lot of malafide actors come into play. I think the major issue that we are looking at over here is how cyber space is getting exploited by state and non-state actors for waging warfare in a manner where there is complete lack of accountability and lack of identification. That makes it very easy for nation states and non-state actors to actually remain completely anonymous and make sure that they’re able to disable, disrupt services that are taking place in a country. The potential for harm in hybrid warfare, I think is huge. And therefore there is this deep need for at least well-meaning actors to come together and ensure that cyber warfare as we see it today, is more a movement of cyber peace as we spoke of earlier.

Subi Chaturvedi: Thank you. Thank you so much and safe travels. I want to come to you Jonah again. When you’re looking at emerging technologies like AI, a lot of responses from government sometimes is, hey, where’s the kill switch or how do we regulate? Can you look at positive use cases of how emerging technologies like AI can play an actual role in identifying, sometimes even mitigating risks as well as predicting cybersecurity practices. Over to you.

Audience: Thank you so much for the question. I think when you asked me that a case comes to mind and it’s a practitioner’s dream. It’s the New Zealand government actually launched their own chat bot that was called Rescam. And the main point of this chat bot would be if you get a phishing email or a scamming message, you could send it to the chat bot and the chat bot would continue conversation indefinitely with the fraudster to cause resource attrition. And some of the conversations are pretty good. And once you see that as an application for the prevention of cybercrime, that’s quite funny to see. But of course, fraudsters use chat bots. So we’re probably witnessing some chat bot on chat bot fraud happening right now. But in all seriousness, I mean, AI as a technology is going to change the fabric of society. And it already is. We’re seeing the velocity of cybercrime and velocity of cyberattacks significantly increasing. We’re seeing the costs going down. But as much as it is a tool for the other side, it is a tool for cybercrime and cybersecurity practitioners. Research analysis is easier now. Code analysis is easier now. So I think there’s use cases in both sides because this is just elevating the playing field to a much more high velocity environment. So I think that, you know, in this kind of high velocity environment, something that is. is I think going to be very important that we touched on is this digital literacy and awareness of the general population that is really going to be a core focus. And I’m going to leave you with the final fact in this section that we did an internal study when I was working for BNP Paribas amongst our clients. And we found that people have two minutes a year to listen about cybersecurity and fraud and cyber crime and stuff like that. So that’s the attention span we’re dealing on average with average people. And now how do you cram in what is relevant and what is pertinent to the people at the time? So this is where I think from an operational standpoint we need to work better to not just carpet bomb people but actually educate.

Subi Chaturvedi: Thank you. Such a great thought. I think we’ll have to look at elevators, pitches on the lines of startup founders. Melody and I come to you next. We are seeing an increasing dependence on AI and automation. You talked about a crisis of resources and overall our goal is to look at a more inclusive world. What kind of ethical considerations do you think we should be prioritizing when it comes to cybersecurity policies?

Melodina: So first of all, I think when we look at cybersecurity policies, there’s a fine line between security and privacy. And that’s a challenging one to manage when you look at it from an ethical point of view. So at what point do I justify that the information I’ve collected on an individual is a security threat or a security deterrent? And again, there are nuances to that all the way to warfare. And you can see that with the Lavender Project that was, and I think the foreign policy wrote a very nice article on this one where they collected I think 23,000 identifiers to identify people. It was then used in drone strikes against these people. Now, if I asked you, should we kill X? Yes or no? How much time do you think you would wanna spend on that? And the research. that they found was it was 20 seconds. So I think the high velocity part that Jonas mentioned is really, really critical. AI is taking us to a whole other realm where it’s not about accountability, but it’s about we’ve immuned ourselves to the decisions we take in the security space, and that is scary. And I think more importantly, if our mandate is being human-centered, that it is at the end of the day about people and all lives have value, and that is the fundamental principle of universal human rights, then we have a big challenge on how we’re doing this. So if we come really down to the basics, the securitization, the militarization of AI is going to be a big challenge in the future.

Subi Chaturvedi: Thank you. Thank you so much, Melody, for sharing that. And Jeannie, I come to you next. If you could share with us a successful example or a use case of multilateral cooperation, that would be wonderful in terms of templatizing. It may not be a one-size-fits-all, but a great beginning. Over to you.

Genie Sugene Gan: Thank you. Well, I think one success story, I think from our lived experience would be our No More Ransom initiative, which Kaspersky co-sponsored together with the Royal Netherlands Police and other partners, including other private vendors as well in the cybersecurity space. So together, regardless, just ignoring competition for a moment and everything, we all just came together and we worked on this project that we call No More Ransom, which is really an initiative to fight ransomware attacks. And it actually generated more than 360,000 downloads of our decryption tools over a seven-year period, raising awareness across the globe about the perils of ransomware attacks and prevention. and also providing decryption tools so that people will not have to pay ransom if they were, well God forbid, if they were ever to be attacked by ransomware. So, and this initiative is a prime example of how multilateral stakeholders cooperation can, at all levels actually, in terms of breadth and depth, be able to help to prevent cybercrime. And in the process, we have actually helped nearly 2 million victims decrypt their devices and save them from having to pay a single dollar of ransomware, a single ransomware dollar. So I think this is a good example from my end. I hope that inspires people to sort of come up with initiatives like that and promote more cooperation.

Subi Chaturvedi: Thank you, Jeannie. I still remember back in 2012, Kaspersky, Microsoft, Meta, which was then Facebook and Google, they came together in India and they brought together the Stop Think Connect program, which was one of the first interventions that anybody had made across India, working with the youth across colleges. And the most interesting part was the use of street plays, theater, and radio. And there was a cross-fertilization of ideas. So I think Kaspersky has always been a great support and we truly appreciate your initiative. Vineet, I come to you next. You’ve been working as a volunteer and you’ve been serving also with the territorial army. You run a center of excellence. And inadvertently, you’ve consciously created a space where you’ve ended up being a bridge with governments as well as different arms of security agencies. How do you think governments can play a more active, let’s say a proactive role in ensuring cybersecurity? How do you see them balancing regulation and innovation? Because you work with the industry equally well. I’d love to hear, you know, like a two-minute intervention from you. Go ahead.

Kumar Vineet: Subhi, for this question, I think two minutes are not enough. I probably need ten minutes to address everything. But I’ll come to some basic issues. While we keep talking about global policy frameworks, the Cyber Crime Treaty, the Cyber Peace Index that Cyber Peace is also currently working on. So we are talking on different policies, frameworks, regulations that need to come. There are some challenges that remain on the ground. And these challenges are some, I would say, unique challenges. And something that Jonah mentioned is awareness. Awareness still remains the number one challenge among the people. Because what we also see is a lot of reinvention is happening. People reinvent the same wheel. There are awareness programs, campaigns. But we kind of reinvent the same wheel, rather than focusing on a collective impact that can be done. And more and more people will be made aware. Second is the language in which we do these awareness programs. So we have to reach the last mile. And we have to communicate these awareness programs in the manner, in the language that the end users understand. Not everything could be PPT-based, video-based. Something could be interactive, like skits or road shows or something like that. Something very engaging that people understand, basically, the issues and problems. This is more on the prevention front. The other is the research front. On the research side, we need to kind of make sure. And I, again, keep mentioning it. We are mentioning that technologies, emerging technologies, are coming up. And they are bringing a lot of challenges. While they’re bringing challenges, I feel that these technologies only have the solution with the right balance and the right human connect. These technologies can come up with a good set of solutions which can impact the society at large. So that’s where the constant research, because technology is changing. Crime patterns are changing. Cybercrime hotbeds are also. changing. Like in India we had, for those who aren’t aware, there is a small district in the state of Jharkhand called Jamtara. There’s a Netflix show on the basis of the kind of fraud in the network that has happened. Now these kind of hotbeds are coming across the country, not just in India but in other countries also. We have seen people getting scammed, Indians getting scammed from people who are residing in Cambodia. In fact there are some Indians who got traffic to Cambodia and then they were asked to scam people in India. So there are unique set of problems, unique set of challenges that are coming up and it requires, I would say, a very strategic thinking and a collective thinking where all of us need to come on board together and try to see how we can kind of solve this problem rather than doing efforts which are scattered and something that does not have an impact. We need to focus on something very impactful so that we reach the last mile. Otherwise frauds are just increasing. Like at CyberPeace every day we are flooded with calls of children getting abused online, issues of child sexual abuse, revenge porn, financial frauds and now cyber enabled trafficking. In fact these kind of new set of challenges where humans are getting trafficked in other countries. So all cyberspace has become the medium now. So we need to think on how we can come up with programs like a cyber rehabilitation program where we need to rehabilitate the kind of survivors and also we need to rehabilitate the cybercrime, cyber criminals. They also need to be rehabilitated so that overall we need to kill or remove the kind of hotbeds that are coming up in cybercrime. So overall these are the things and while we keep talking about ethical AI frameworks and MDX and different policies. We need to address the issues on the ground at the grassroot. And overall, that help us in establishing a peaceful and resilient cyberspace for everyone.

Subi Chaturvedi: Thank you, Vineet. Thank you so much. Sanjeev, I want to come to you quickly. What would be your top two priorities? Let’s make it a Twitter intervention. How can international collaboration be enhanced to combat the rise in cybercrime and cyberterrorism? Because we know MLADs exist between countries. But when it comes to practical approaches, what would be your top two points? Over to you. Just a quick one, Sanjeev. We want to keep some time for questions from the floor and online participants as well. Go ahead.

Sanjeev Relia: So two things which will improve the situation from what it is today is one is that building of communication channels between nations, which unfortunately are not there. We need to exchange information, whether it is on cybercrime, whether it is on cyberattacks, whether it is on zero-day attacks, whatever be the case. We need to exchange information. We need to update each other. And we have to have these communication channels. We can’t be working in silos in the cyberspace. And two is capacity building. I personally feel that the globe today lacks capacity to fight the challenges of cyberspace. So hopefully, we need to develop capacities within the nation, with developed nations helping other nations to build up the capacity to fight the menace in the cyberspace.

Subi Chaturvedi: Thank you, Sanjeev. And a plus one to you for sticking to time. I think it’s been a fantastic conversation. Before we open the floor for questions, I was listening actively to all the participants. We’ve come up with somewhat of a high-level framework based on the deliberations. This is Dr. Subbi for the record again. I think we can look at something like secured, which is a framework that we are proposing. And we can look at collaboration across all stakeholder groups. So the S here stands for… for strengthening global governance. The E stands for empowering communities through digital inclusion. The C stands for championing ethical technology development. U calls out for uniting stakeholders for collaborative innovation. R is calling out for resilience in cyber ecosystems. E is greater education and awareness. Thank you for emphasizing Jonah and Melody both on that point. Vineet for doing the heavy lifting. And D here is digital transformation for sustainable growth. The floor is now open for questions and my heart is filled to the brim. Thank you for being such fantastic panelists, both people in the room as well as people who’ve joined us online despite their commitments. Please feel free to ask any questions, direct them to the panelists. You can even make an observation or a comment. Do we have any questions online? We don’t seem to have any questions from the room. We do, Vineet. We’ve just received a question. This is a question from Nabil Syed. All the panelists can actually respond to it. Great question. What steps can be taken to create a more cohesive global governance framework for cybersecurity, which is ensuring that all nations, regardless of their economic or technological standing, are adequately protected? We did speak briefly to that point saying that who are the people who are not in the room today? How do we look at giving voice to the voiceless, giving more agency despite the fact that this could be an emerging country, it could be a developing economy, it could be a small island nation? Would any of the panelists like to go ahead and take a stab at it?

Melodina: So I think if you really want to do it well, you need both a bottom-up approach and a top-down approach. If you start from the bottom, it’s education. We spoke about that very strongly. So it’s a very strong literacy on AI, some of its vulnerabilities, and how to safeguard and protect yourself, right? Then at the second level, you’ve got to go back to people who are designing these AI systems. They have to understand it needs to be inclusive. So the moment you’re not inclusive, people are going to be left behind, and they’re going to be vulnerable. So designing systems, taking into consideration people’s limitations, whether it’s technology, language, access, will actually help them. Third, you need to go to the industry and set standards. We do have some standards, but they’re not yet very global, and I don’t think we have much alignment on them. So this is important, having global alignment on some standards. And last, of course, you’ve got to have political will. Because the world is so fragmented at this point in time, and I think it will continue over the next year or so, we need to have political will on what does cyber peace mean or what does peace mean, and what are we willing to pay to get that?

Sanjeev Relia: Can I add to that, Subhi?

Subi Chaturvedi: Absolutely, Sanjeev. Over to you.

Sanjeev Relia: Thank you. So my personal view is that a digital divide will remain forever. Like in the physical space, there are powerful nations, and there are nations which are not so powerful. There are rich nations, and there are rich which are not so rich. Similarly, in the cyberspace, we will have nations which will always be way ahead in technology, and there will be nations who are trying to catch up. Now, how can we bridge this digital divide so that we ensure that we all are equally safe in the cyberspace? First is that we need to prioritize the inclusivity and equality. We have to bring everyone on board. And second is we need to leverage technology in this. I personally feel that emerging technologies like AI have tremendous scope to bridge this gap. So we need to do that. And one last thing is that we need to foster trust amongst nations. I personally feel that right now this trust is missing as far as cyberspace is concerned. So there have to be confidence building measures which need to be put into place. We need to encourage dialogues between nations which have to be multi-stakeholder. So that is the only way we will be able to bridge the digital divide and bring in more security.

Subi Chaturvedi: Thank you, Sanjeev. Great thought. CBMs are wonderful. We have another question from an online participant. Pragya Tantia is asking, as cyber attacks become more sophisticated, how can the international community recognize and respond to cyber warfare in the same way as traditional warfare, ensuring accountability and protection under international law? A very, very interesting question. Jonah, do you want to come in? I would love to hear your thoughts or Jeannie or Major General Pawan Anand.

Audience: I can give my opinion. I might be a bit cynical because I don’t think the international community is doing a great job at holding people accountable in traditional warfare, let alone in cyber warfare. So I don’t think it’s easy because our societies are split by borders and by nations and by different cultures that govern us and guide us. And unfortunately, the cyberspace isn’t. And accountability is always going to be an issue in cyberspace. And I don’t see a clear-cut solution. I think multilateralism and building of this coherent collective trust is one baby step in the way forward. This also pertains to the previous question. We need to build a governance framework that caters to the lowest common denominator. And this is extremely difficult. But more importantly, we need to stop spending time only in dialogue. Things need to start happening. Because dialogue and discussions and everything is great. from an operational perspective, the more time we waste, the worse things we’ll get. If you look at these projections in cybercrime losses, in infrastructure damage and stuff, it’s only getting worse. When is the tide going to be stemmed? So this is kind of a bit of a pessimist operational view. So it’s a spanner in the works.

Subi Chaturvedi: Thank you so much, Jonah. And that’s all that we have time for. I want to thank all our 23 participants who’ve dedicatedly stayed online. The two, Nabeel and Pragya, thank you for your questions from India. Vineet, thank you for being a fantastic co-host and moderator despite your ill health. I hope you recover soon. To all the panelists, you’ve been absolutely outstanding. I couldn’t have asked for a better panel. General Pawan Anand, Jonah, Melodina, Jeannie, Vineet, Sanjeev, thank you very much. And also to the team and our wonderful hosts in Saudi Arabia, thank you for giving us a fantastic IGF. We look forward to the next edition. Vineet, I hand over the mic to you to close the proceedings. Thank you.

Kumar Vineet: Thank you, Subhi, for being an excellent moderator. And you actually stretched the session very well, bringing out all the best pointers and suggestions that the session could have actually been able to bring out. So thank you. And thank you, all the speakers, panelists, the audience who is present here. Overall, we wish to work together for a peaceful and resilient cyberspace for everyone, where we protect communities at large, the society at large, and it starts with here. So with that, we’d like to end the session. Thank you, everyone, once again. Thank you.

Agreement Points

Importance of multi-stakeholder collaboration

speakers

Major General Pawan Anand

Kumar Vineet

Genie Sugene Gan

Sanjeev Relia

arguments

Building trust and awareness among stakeholders

Crowdsourcing cybersecurity efforts and creating first responders

Promoting multi-stakeholder cooperation and public-private partnerships

Fostering trust and confidence-building measures between countries

summary

Speakers agree on the critical need for collaboration between various stakeholders, including governments, industry, and civil society, to address cybersecurity challenges effectively.

Need for capacity building and awareness

speakers

Major General Pawan Anand

Kumar Vineet

Sanjeev Relia

arguments

Building trust and awareness among stakeholders

Language barriers and accessibility issues in cybersecurity awareness

Enhancing capacity building efforts, especially for developing nations

summary

Speakers emphasize the importance of building capacity and raising awareness about cybersecurity issues, particularly in developing nations and at the grassroots level.

Similar Viewpoints

Both speakers stress the need for international cooperation and standardization in cybersecurity practices to address global cyber threats effectively.

speakers

Melodina

Sanjeev Relia

arguments

Developing global standards and alignment on cybersecurity practices

Establishing communication channels between nations for information exchange

Unexpected Consensus

Persistent digital divide

speakers

Melodina

Sanjeev Relia

arguments

Rapid pace of technological change outpacing policy frameworks

Digital divide and unequal technological capabilities between nations

explanation

Despite coming from different backgrounds, both speakers acknowledge the persistent digital divide and the challenges it poses to global cybersecurity efforts. This consensus highlights the complexity of achieving universal cyber peace.

Overall Assessment

Summary

The main areas of agreement include the importance of multi-stakeholder collaboration, the need for capacity building and awareness, and the challenges posed by the digital divide and rapid technological advancements.

Consensus level

There is a moderate level of consensus among the speakers on the fundamental challenges and approaches to cybersecurity. However, there are variations in the specific strategies and focus areas proposed by different speakers. This level of consensus suggests that while there is a shared understanding of the core issues, there is still room for debate and diverse approaches in addressing global cyber peace and security.

Different Viewpoints

Approach to addressing cybersecurity challenges

speakers

Kumar Vineet

Audience

arguments

Crowdsourcing cybersecurity efforts and creating first responders

Enhancing threat intelligence sharing between nations and industries

summary

Kumar Vineet emphasizes a grassroots approach with first responders, while the Audience speaker focuses on enhancing threat intelligence sharing at higher levels.

Unexpected Differences

Optimism about addressing cybersecurity challenges

speakers

Audience

Kumar Vineet

arguments

Lack of accountability in cyberspace

Crowdsourcing cybersecurity efforts and creating first responders

explanation

The Audience speaker expresses skepticism about addressing cybersecurity challenges, while Kumar Vineet presents a more optimistic view with concrete solutions.

Overall Assessment

summary

The main areas of disagreement revolve around the approach to addressing cybersecurity challenges, the level of optimism about solutions, and the specific focus areas for international collaboration.

difference_level

The level of disagreement among speakers is moderate. While there are differences in approaches and emphasis, there is a general consensus on the importance of international collaboration and the need to address cybersecurity challenges. These differences in perspective can potentially lead to a more comprehensive approach to cybersecurity if integrated effectively.

Partial Agreements

Both speakers agree on the need for international collaboration, but Melodina emphasizes global standards while Sanjeev Relia focuses on establishing communication channels.

speakers

Melodina

Sanjeev Relia

arguments

Developing global standards and alignment on cybersecurity practices

Establishing communication channels between nations for information exchange

Similar Viewpoints

Both speakers stress the need for international cooperation and standardization in cybersecurity practices to address global cyber threats effectively.

speakers

Melodina

Sanjeev Relia

arguments

Developing global standards and alignment on cybersecurity practices

Establishing communication channels between nations for information exchange

Key Takeaways

Building trust and awareness among stakeholders is crucial for cyber peace

Multi-stakeholder cooperation and public-private partnerships are essential

Emerging technologies like AI can be leveraged for cybersecurity but also pose new challenges

There is a significant digital divide between nations that needs to be addressed

International collaboration and information sharing are key to combating cybercrime

Balancing security needs with privacy concerns remains an ongoing challenge

Resolutions and Action Items

Develop more cohesive global governance frameworks for cybersecurity

Enhance threat intelligence sharing between nations and industries

Create cyber rehabilitation programs for both survivors and criminals

Establish communication channels between nations for information exchange

Focus on capacity building efforts, especially for developing nations

Unresolved Issues

How to ensure accountability in cyberspace given the lack of borders

How to bridge the digital divide between technologically advanced and developing nations

How to balance innovation with regulation in rapidly evolving technology landscape

How to effectively combat sophisticated cyber attacks and cyber warfare

How to create truly inclusive governance frameworks that cater to all nations

Suggested Compromises

Balancing security needs with privacy concerns through ethical AI frameworks

Combining top-down policy approaches with bottom-up education and awareness efforts

Leveraging AI and emerging technologies to help bridge the digital divide between nations

We generally believe that governments cannot do it alone. When we talk about peace and responsible online behavior, when we talk about security, all of us need to be… need to come on a ground. All of us need to come on a platform. Industry, academia, civil society, government, netizens, all of us need to come.

speaker

Kumar Vineet

reason

This comment emphasizes the critical need for multi-stakeholder collaboration in addressing cybersecurity challenges, highlighting that no single entity can solve these issues alone.

impact

It set the tone for discussing collaborative approaches throughout the session and led to further exploration of how different sectors can work together.

AI as a technology is going to change the fabric of society. And it already is. We’re seeing the velocity of cybercrime and velocity of cyberattacks significantly increasing. We’re seeing the costs going down. But as much as it is a tool for the other side, it is a tool for cybercrime and cybersecurity practitioners.

speaker

Jonah

reason

This comment provides a balanced perspective on AI’s impact on cybersecurity, acknowledging both its potential for harm and its utility for defense.

impact

It deepened the discussion on emerging technologies by highlighting the dual-use nature of AI and prompted further consideration of how to harness AI for cybersecurity while mitigating its risks.

If our mandate is being human-centered, that it is at the end of the day about people and all lives have value, and that is the fundamental principle of universal human rights, then we have a big challenge on how we’re doing this. So if we come really down to the basics, the securitization, the militarization of AI is going to be a big challenge in the future.

speaker

Melodina

reason

This comment brings ethical considerations to the forefront, emphasizing the need to prioritize human rights and human-centered approaches in cybersecurity and AI development.

impact

It shifted the conversation towards ethical implications of cybersecurity measures and AI, prompting participants to consider the human impact of technological solutions.

We need to exchange information, whether it is on cybercrime, whether it is on cyberattacks, whether it is on zero-day attacks, whatever be the case. We need to exchange information. We need to update each other. And we have to have these communication channels. We can’t be working in silos in the cyberspace.

speaker

Sanjeev Relia

reason

This comment underscores the importance of information sharing and open communication channels between nations to combat cyber threats effectively.

impact

It led to further discussion on international collaboration and the need for trust-building measures between nations in cyberspace.

Overall Assessment

These key comments shaped the discussion by emphasizing several crucial themes: the necessity of multi-stakeholder collaboration, the dual nature of emerging technologies like AI in cybersecurity, the importance of maintaining a human-centered and ethical approach, and the need for enhanced international cooperation and information sharing. The discussion evolved from identifying challenges to exploring potential solutions, with a focus on balancing technological advancements with ethical considerations and fostering global cooperation to address cybersecurity issues effectively.

How can we address the challenge of limited attention span for cybersecurity awareness?

speaker

Jonah

explanation

Jonah mentioned that people have only about two minutes a year to listen about cybersecurity, which poses a significant challenge for education and awareness efforts.

How can we balance security and privacy considerations in cybersecurity policies?

speaker

Melodina

explanation

Melodina highlighted the ethical challenge of balancing security needs with privacy rights when collecting information on individuals for cybersecurity purposes.

How can we address the securitization and militarization of AI in cybersecurity?

speaker

Melodina

explanation

Melodina pointed out that the increasing use of AI in security decisions raises ethical concerns about accountability and human-centered approaches.

How can we develop more effective cyber rehabilitation programs for both survivors and cybercriminals?

speaker

Kumar Vineet

explanation

Vineet suggested the need for programs to rehabilitate both cybercrime survivors and perpetrators to address the root causes of cybercrime.

How can we improve communication channels between nations for sharing cybersecurity information?

speaker

Sanjeev Relia

explanation

Sanjeev emphasized the need for better information exchange between countries on various cyber threats and attacks.

How can developed nations help build cybersecurity capacity in less developed countries?

speaker

Sanjeev Relia

explanation

Sanjeev highlighted the global lack of capacity to address cybersecurity challenges and the need for developed nations to assist others.

How can we create global alignment on cybersecurity standards?

speaker

Melodina

explanation

Melodina pointed out the lack of global alignment on cybersecurity standards and the importance of addressing this issue.

How can we leverage AI to bridge the digital divide in cybersecurity?

speaker

Sanjeev Relia

explanation

Sanjeev suggested exploring the potential of AI to help address disparities in cybersecurity capabilities between nations.

How can we foster more trust among nations in the cyberspace domain?

speaker

Sanjeev Relia

explanation

Sanjeev emphasized the need for confidence-building measures and multi-stakeholder dialogues to build trust between nations in cyberspace.