Securing cyberspace is a global challenge—one that cannot be solved by a single company or country alone. That is why the EastWest Institute launched the Worldwide Cybersecurity Initiative in 2009, bringing together government and corporate partners to protect our world’s digital infrastructure.
Drawing on a 30-year history of building trust, EWI formed the Cyber40, a coalition of representatives from the world’s most digitally-advanced countries. Its goal: to shape “rules of the road” for cyber conflict and fighting cyber crime through international cooperation. EWI is also helping to build innovative private-public partnerships on cybersecurity.
In 2013, The New York Times
recognized EWI’s work on developing ground rules for protecting the digital infrastructure and fighting spam as a model for U.S.-China cooperation. In an editorial, it urged Presidents Barack Obama and Xi Jinping to consider the high cost of hacking, and noted that new measures, such as those proposed by EWI’s cybersecurity initiative, are needed to help counter this threat.
Since 2010, over 1,000 businesses, government and technical leaders have been involved in EWI’s ongoing cybersecurity initiative. Our government partners include Russia, China, the United States, France, Germany, India and Japan. Our corporate partners and supporters have included Akin Gump Strauss Hauer & Feld LLP, American Airlines, AT&T, BAE Systems, the Chertoff Group, Dell, Deloitte, Financial Times, Goldman Sachs, Huawei, Juniper Networks, Knightsbridge Cybersystems, Microsoft, Motorola, Palantir, PayPal, Stroz Friedberg, Symantec, Technology Crossover Ventures, Unisys, VeriSign, Vodafone and the William and Flora Hewlett Foundation. The IEEE Communications Society is co-sponsor for EWI’s worldwide cybersecurity summits. This year’s summit is in partnership with the Stanford Institute for Economic Policy Research (SIEPR). Scientific American and the MIT Technology Review are media partners.
EWI’s annual cybersecurity summits provide a crucial forum for building international, private-public partnerships and for shaping the agreements, standards, policies and regulations (ASPR) we need to protect cyberspace.
Highlighting the success of the New Delhi Summit, EWI released Building Trust in Cyberspace
, a report illustrating how the summit helped spur the process of producing concrete recommendations for industry and government. If implemented, those recommendations will help make cyberspace and the real world more stable and secure.
The 4th Worldwide Cybersecurity Trustbuilding Summit
will be held in Silicon Valley, on November 5 and 6, 2013. The forum promises to address acts of aggression in cyberspace; international critical infrastructure protection; emergency preparedness for the financial services sector; political action promoting international cybersecurity; economic espionage; and policies for secure cloud enablement.
> EWI’s Global Effort
EWI’s cybersecurity initiative is distinguished by our truly global scope—our ability to bring experts from different countries and sectors together to forge solutions. In our capacity as an experienced Track 2 convener, EWI has launched cutting-edge cybersecurity collaborations between the U.S. and Russia, the U.S. and China, and continues its collaboration with India, a rising cyber power.
In India, EWI is working to help the government form partnerships with the private sector on cybersecurity. EWI, along with leading Indian organizations and others co-hosted the 3rd Worldwide Cybersecurity Summit in 2012, and conducted seminars, consultations and other activities throughout the year to help build momentum for the summit. The choice of New Delhi as the venue for the summit was a testament to India’s growing role as an essential player on the global cyber stage. Participants came from over 22 countries. The summit provided an opportunity for experts, stakeholders and decision-makers from industry, government and academia to review 13 papers on the international policy-related aspects of cybersecurity. In preparation for the summit, EWI worked in close partnership with the Federation of Indian Chambers of Commerce and Industry (FICCI), the National Association of Software and Service Companies (NASSCOM), and the Data Security Council of India (DSCI).
Partnering with the Internet Society of China, EWI regularly brings together Chinese and U.S. experts to confront some of the toughest threats to cyberspace. In June 2011, EWI released the first joint U.S.-China report to address a major cybersecurity challenge, Fighting Spam to Build Trust
The report that makes strong joint recommendations for decreasing spam, which comprises as much as 90% of all email messages and carries the malicious codes used by hackers for crime. In October 2012, EWI published Cyber Detente Between the United States and China: Shaping the Agenda,
brings to light shared cybersecurity concerns between the U.S. and China. Diplomatic efforts to address these common concerns could bring the two countries together. Finally, during the 3rd Wordwide Cybersecurity Summit, the Computer Emergency Response Teams (CERT) of India and China agreed to work together to combat the threats of cybersecurity. During this meeting, representatives from both countries pledged to cooperate on spam and botnets with each other as well as with other nations. EWI’s China-U.S. team will continue its collaboration in the months ahead, seeking innovative solutions to cybersecurity threats and building trust between the U.S. and China – person by person.
In February of 2011, EWI released the first ever joint U.S.-Russia publication on cyberspace, Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace
. Produced by a team of U.S. and Russian experts, the report explores how to extend the humanitarian principles that govern war to cyberspace. This groundbreaking report grabbed attention at the 2011 Munich Security Conference, in part because it modeled the kind of international cooperation that is possible, and necessary, in cyberspace.
In April 2011, another group of U.S.-Russia experts convened by EWI released a joint report that defined 20 critical terms for cyber and information security, laying the foundation for wording multilateral agreements on cyberspace. This report, Russia-U.S. Bilateral on Cybersecurity: Critical Terminology Foundations,
takes a fundamental step forward in achieving cooperation on the issue of cybersecurity.
EWI will continue to carry forward the work of both groups in the months leading up to the 4th Worldwide Cybersecurity Trustbuilding Summit.
Throughout the year, EWI regularly convenes “breakthrough groups”—small groups of international experts and stakeholders committed to solving a specific cybersecurity problem. These include:
Undersea Cables at Risk
To protect the vital undersea cables that carry over 99 percent of intercontinental Internet messages, EWI has partnered with IEEE to begin a program of advocacy and mobilization called the Reliability of Global Undersea Cable Communications Infrastructure.
Following EWI’s cybersecurity summit in New Delhi, India’s Telecommunications Ministry proposed to cut cable repair time to three to five days, where it previously took two months. EWI’s Chief Technology Officer Karl Rauscher called this correction “a top priority for improving the stability of the Internet at the global level.”
A free, constant stream of information is essential to realizing the full potential of the Internet. Since government and private institutions increasingly rely on networked technology, this technology poses increasingly difficult security issues. This group works to address the issue of data protection in the face of continually changing Internet use and access.
Priority International Communications
During crises like the earthquakes that devastated Haiti and Japan, communications networks become so congested that critical calls are not able to be completed, which contributes to loss of life and property. This group is working to help ensure that cell phone calls of authorized users are fast-tracked during times of crisis. See EWI's Priority International Communications
report for lastest developments in this area.
Cyber Conflict Policy and Rules of Engagement
EWI has established Track 2 bilateral processes with the experts from the United States, Russia and other key countries to develop “rules of the road” for cyber conflict.
Measuring the Cybersecurity Problem
If compromised organizations and companies could share information about online security breaches without fear of losing business, we would be better able to measure and counter cyber attacks. This group is working to create a trusted environment for stakeholders to report such information.
ICT Development Supply Chain Integrity
Reliance on cyber products is growing, but it’s difficult for governments and businesses to assess the security of these products. This group is working to define the problem and develop best practices to keep consumers safe.
International Cooperation to Fight Spam
Working with the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), this group is working to put 46 best practices for countering spam developed by an EWI-led joint U.S.-China team into action. See EWI's report Fighting Spam to Build Trust
Collective Action to Improve Global Internet Health
This group is exploring how a public health model might be used to imagine new approaches to protecting billions of Internet users. EWI convened a team of experts and in 2012, released the report, The Internet Health Model for Cybersecurity
, which examines how the model of international public health can inform efforts to track and block malware and other malicious actors.
Emergency Preparedness for the Financial Services Sector
To protect the financial services sector in emergencies, this group is working to develop an organization that allows members to share crucial information, among other actions.