International Information Security: Actual Challenges

Dr. Vladislav P. Sherstyuk,
Co-Chairman of the Forum,
Security Council of Russian Federation Secretary Adviser
Director of Institute of Information Security Issues,
Lomonosov Moscow State University

Dear Participants and Guests of the Forum! Ladies and Gentlemen!

I am pleased to welcome you all at the Forum’s seventh meeting held in Garmisch-Partenkirchen, Germany. The Forum will discuss topical issues of international information security in the format of partnership between the government, business and civil society.

It is no accident that our annual Forum is held here in Germany. On the one hand, Germany is a Central European power and a member of the European Union which is actively engaged in countering threats to cyber security as an important component of the overall national security. On the other hand, in view of its favorable geographical position, Germany makes a perfect venue for experts representing various political opinions to get together and exchange their views on the difficult problem of forming a solid system of international security. This greatly facilitates understanding between international experts and helps find ways to reconcile their positions towards the discussion items on the Forum’s agenda.

Over recent years, the number of the Forum attendees has grown
considerably while their geography expanded.

This year, the Forum will be attended by more than 100 scientists and experts representing 18 countries, including: Austria, Azerbaijan, Bahrain, Belarus, the United Kingdom, Germany, India, Italy, Kazakhstan, Canada, China, Cuba, Russia, the USA, France, Switzerland, Estonia and Japan.

Representatives of the Organization for Security and Cooperation in Europe (OSCE) and the International Corporation for Assigned Names and Numbers (ICANN) will also attend the Forum.

A numerous group of Russian experts and scientists have arrived to Germany to take part in the Forum. The group includes representatives of the Executive Office of the Russian Federation Security Council, the Russian Federation Ministry of Foreign Affairs and the Russian Federation Ministry of Defense as well as representatives of leading companies who are members of the Russian Information Protection, and a large delegation from the Moscow State University.

The delegation of the Executive Office of the Russian Federation Security Council, whose function is to advise the Russian Federation President on the issues relating to information security, is headed by Ivan I. Belyaev, a co-chair of the Forum’s Organizing Committee.

As you are well aware, in 2010, the Forum stakeholders put their efforts together to found the International Information Security Research Consortium. Today the Consortium includes 17 organizations and associations: the Information Security Institute at Lomonosov Moscow State University, the United Institute of Informatics Problems of the National Academy of Sciences of Belarus, The Internet Community of Bulgaria, the Cybercrime Research Institute (Germany), the Israeli E-government Information Security Department, Indian Institute of Information Technology in Allahabad, the Chinese People’s Association for Friendship with Foreign Countries, a telecommunications company “MFI Soft” (Russia), the State University of New York, Global Cyber Risk (USA), Tokai University (Japan ), EastWest Institute (USA), the Defence Research and Development Organisation of the Indian Defence Ministry, Qafqaz University (Azerbaijan), PayPal Inc. (USA), University of the “Caucasus” (Azerbaijan), and the non-governmental organization SecDev Foundation, engaged in global security and development research (Canada).

Despite the short time since the formation of the Consortium, its experts have already implemented a number of joint projects, in particular, the experts from the Information Security Institute at Lomonosov Moscow State University (ISI LMS) and EastWest Institute have developed the basic terminology (the glossary) in the area of information security to support the negotiating process with the view to establish the international information security system. As the result of Phase I of the above project, a brochure containing detailed commentary to 20 basic cybersecurity terms was published in Russian and English. The brochure is available on the Internet and is actively referred to in other publications on international information security. The project is currently in Phase II which will be completed by the end of 2013 with another publication detailing other 20 basic terms in information security. Another project involving the study of provisions in national legislations with regard to Internet content filtering which have brought together the efforts of all the members of the Consortium is also nearing completion.

In 2012 the ISI LMS and the Conflict Studies Research Centre (the UK), both the Forum participants, implemented a joint project related to the study of the provisions of the Convention on International Information Security. The results of this project are available on-line. Thus the Forum has de facto become one of the most important platforms to discuss various discuss various aspects of international information security.

Please allow me to express our deep gratitude to the Forum attendees who support the Forum not only with their personal participation but also with substantial funding. Here, I would like to name of few names: Alexander N. Gridin, director general of FSUE STC “ATLAS”, Andrei A. Novikov, director general of “RNT”, Vladimir G. Matyukhin, first deputy director general and research manager of NIIAS (Russian Railways), Veni Markovski, vice president of ICANN, and Andrei G Romanov, deputy director general of the Internet National Domain Coordination Center.

I would like to convey to all of you the gratitude of the Organizing Committee for accepting our invitation and attending the Forum.

The significance of this year’s agenda of the Forum is very high as ever more nations begin to realize the urgent need for coordination of the international effort to curb the growing mistrust of information and communication technologies among citizens, business organizations, and public authorities. Such technologies have an enormous potential in improving the socio-economic development of the human society, reinforcing state guarantees of human and civil rights and freedoms, and facilitating national defense and state security. Further decline in confidence in information and communication technologies would be a hard blow to the expectations of the international community’s responsibility of enhancing people’s quality of life and self-realization, reducing poverty, and providing better access to high-quality education.

The joint effort of many years of a number of nations, international organizations, business organizations and the expert community relating to the study of the problem of international information security and implementation of practical measures to enhance security of information systems and communication networks, has finally paid off. A common understanding of the most dangerous threats to international security of the present day has been reached. Such threats include: the growing cybercrime activity, preparation and implementation of acts of cyberterrorism, and the use of information and communication technologies in hostilities between nations.

All the items on the Forum’s agenda are one way or another related to the formation of the system of international information security which aims to promote the development of the global information society and the use of information and communication technologies for the benefit of individuals and
the human society as a whole.

We all understand that formation of the global information society requires efficient means to counter threats to stable operation and safe use of the global information infrastructure which is based on the Internet. It is of vital importance to combat the threats of turning the Internet into a theatre of war or ideological hostilities while preserving information security of each nation.

The agenda of the round-table discussion at the Forum includes the issues related to the preservation of the Internet as “the space of freedom”, as well as the discussion of major trends in the use of the Internet as a means of exerting pressure onto the nations in conflict. We understand that maintaining the positive impact of the global information infrastructure onto the mankind development is an issue of extreme importance and deserves a close attention from the panelists. We hope by way of our discussions to identify the borderline beyond which the freedom of exchange of ideas between people on the Internet becomes an act of the state which must be regarded as interference in the internal affairs of other nations. Perhaps we can find ways of solving this problem.

Finding ways to internationalize control over the Internet is another important item on the Forum’s agenda. Development of the Internet as a publicly available global tool makes the control of its use one of the key elements of the now forming global information society. It appears that internationalization of control mechanisms over the use of the Internet will help maintain a high level of confidence in this unique tool of interpersonal communication; it will facilitate participation of national governments, the private sector, civil society, and international organizations. Internationalization must promote fair access to Internet resources and provide easier Internet access for everybody and ensure stable and secure operation of the Internet. We expect to reach a high level of understanding between the round- table participants that would facilitate the development of efficient mechanisms to internationalize the control over the Internet while preserving the balance of interests and powers of national authorities, the business world and civil society.

One of the Forum’s round-tables will be devoted to the discussion of a range of approaches and best national practices exercised by different nations to ensure security of the national infrastructure. The relevance of this issue is largely determined by the fact that achievement of practical results in building national information security requires involvement of a large masses of populace, civil organizations, political and economic forces. Only by a joint effort we can hope to achieve fair and secure access to information and communication technologies for all the nations of the world.

The problem of filtering Internet content is another very important issue on the Forum’s agenda. The urgency of this problem is dictated by the urge to neutralize negative effects of abuse of freedom of information to the detriment of public morality, social stability and health of the younger generation. Some experts may consider such practices to be a form of censorship, which is probably correct from a formal perspective. At the same time, the reality of the present day is such that many nations apply varying degrees of Internet content filtering, even the nations who otherwise consider themselves to be very democratic. We are of the opinion that formal definitions should not prevent us from the search for proper legal and organizational mechanisms to reinforce international cooperation to preserve public morality, social stability and health of our children.

One of the major problems of the present moment in forming national systems of information and cyber security and ensuring international information security, is to establish mutually beneficial cooperation in this area between business organizations and the public authorities responsible for national security. Many economic assets have now become critically important elements of the national information infrastructure. Ensuring security of such assets without efficient interaction between business organizations and public authorities is not deemed possible. At the same time, really efficient mechanisms of such interaction yet remain to be found. We can hope that constructive discussions at the Forum will help us find an answer to this question.

It is hard to overestimate the importance of the mechanisms of international legal regulation in ensuring international information security. Law is a powerful means of coordinating and streamlining the efforts of all world nations in countering the threats of computer crime, computer terrorism and abuse of information and communication technologies. One of the round-tables at the Forum will be devoted to the discussion of the problem of international legal regulation of relations arising from information-related conflicts. As you well know, The Tallinn Guidelines on Applicability of International Law to Cyber Conflicts was quite recently submitted to the expert community. It would be the right thing to do if we commenced discussions of the above document at our Forum and any further work required to be done in the area. An example of the latter may be the development of recommendations regarding adaptation of international law to regulating information conflicts.

Modeling of information conflicts is an emerging, and very important, area of research in counteracting hostile use of information and communication technologies. This problem and possible solutions will be discussed at the Forum at a separate round-table.

In conclusion, I would like to express my hope that together we can move forward in promoting further fruitful international cooperation in realizing the true potential of information technology to improve the lives of people and securing sustainable social development.

 

 

The speech was delivered at the 7th Scientific conference of the International Research Consortium on Information Security, as part of the International Forum on «Partnership of state authorities, civil society and business community in ensuring international information security», held on 22-25 April 2013 in Garmisch-Partenkirchen, Germany. It is published on Digital.Report with an explicit permission from the conference organizers.