There is consensus on the principle that cybersecurity can better be achieved through transnational cooperation rather every country or block on its own. Yet, the work undertaken under the auspices of the United Nations, namely under the General Assembly, is progressing at a very slow pace. I recently published a research article on that ongoing work at the UN in the field of cybersecurity, available at : Article Information and telecommunications diplomacy in the context ...
. It confirms that progress is slow, so this raises a few questions. What is needed to improve multilateral cooperation on cybersecurity? Are there some specific topics of cybersecurity that should be prioritized in the multilateral arenas? What format (binding, non-binding, information sharing, confidence-building) should the expected deliverables have?
. I think being more today about New security threat. It not Un priorities
How can citizen be even informed if the media frame their opinion. It may be beneficial to establish a community of practice in the area of the Cyber security engaging practitioners working with developing countries, it will result through negotiations to formulation different approaches and resolutions.
Regard
https://www.armscontrol.org/act/2013-09/un-takes-big-step-forward-cybersecurity
The United Nations can play a significant role in supporting these efforts, all of which are crucial to the maintenance of international peace and security. The former UN Secretary-General already raised a number of international ICT/cybersecurity matters in policy statements, suggesting the growing importance of the issue within the Organization. Initial efforts were also made within the Secretariat to coordinate efforts on ICT/cybersecurity-related matters. Yet, in view of global society’s increasing dependency on ICTs and the simultaneous increase in their malicious use, engagement on ICT and international peace and security by the top UN official and the United Nations leadership needs to be scaled up.
One of the helpful methods they can add is, applicability of international law to state behavior in cyberspace, by extending traditional transparency and confidence-building measures. Also recommending international cooperation and capacity building to make information and communications technology infrastructure globally more secure.
The most serious cybersecurity vulnerabilities exist because software is not properly specified, designed, implemented and verified.
To give two examples:
1. If email clients are designed to support emails that contain attachments and links to websites then the software should ensure that they can be opened securely, inside a protected "sandbox" or similar safe environment. It is absurd to call it "uer error" when someone is tricked into opening malware in an email, because the user is using their software exactly as it has been designed to be used. The designer of the email client is to blame, not the user.
2. Buffer overflows and injection attaccks are possible because the software has not been written and verified to be cybersecure. It is perfectly possible to write software so that run-time failures cannot occur, for example by using the static analysis tools and correct-by-construction methods in the SPARK toolset that Praxis/Altran/Adacore promote. Current software development is amateurish, relying on testing to provide evidence that the software is fit for purpose, despite 50 years of experience and theory that shows that testing can never show the absence of defects and that software should be developed with mathematical rigour. No other engineers rely on testing without a foundation of mathematical reasoning and proof.
I would like to see the UN co-ordinate and support a long-term programme of work to vastly improve the tools and methods used by programmers worldwide, because cybersecurity will continue to get worse until the problem of defective software is tackled with science-based engineering tools and methods, and a recognition that the developers of faulty software must carry liability for the damage they cause.
Many thanks, dear Arian Besnik Kadriu, for your very accurate and important remark. Such projects exist at regional levels, such as OSCE or NATO, but really it is up to the UN to take the lead, especially of course as far as applicability of international law to state behavior in cyberspace. In this regard, I think that academia has a prominent role to play, and intensify work and research on this particular topic.
The UN is unable to influence in any way. Until the UN Security Council is able to hold the aggressor countries to account. And this will not happen while russia is there. There are no mechanisms to stop any aggression, including cyberspace.
Thank your for your two examples Martyn Thomas , I find them very illustrative. In fact, the UN is already now striving to cooperate with industry in order to improve the accountability of producers. The problem you mention is not only a problem for the users such as all of us. Worse than that, it is a problem along the whole SUPPLY CHAIN because if a producer cannot rely on the safety of the components and inputs of its own suppliers, the whole chain is affected...
I completely agree with you, Mr. Christian Pauletto. But you also need to be a realist)
OEA/OAS is involved in cybersecurity, with events, trainings and regular meetings of experts in the region.
You can take a look of the events here: https://search.oas.org/es/paginas/default.aspx?k=cybersecurity
For increasing efficiency of UN program entirely it should be free from Veto power system
- Badges
- Science topic
- Similar topics
- Books