First, let me be clear. I’m Canadian. I don’t have a direct stake in US politics other than how it impacts Canada. That said, I’m not a big fan of President Trump and all he stands for. But I have to admit, he actually may have a good idea regarding a cybersecurity unit. Just not with Russia.
In one of last week’s blogs, I talked about how there were two ways to deal with situations like Kaspersky Labs – either ban the products or have an agreement to not use cyber activities against each other. Trump is talking along the lines of agreement. He just went too far in propose a partnership with Russia. If he talked about a bilateral agreement not to use cyber means against each other, that may have gone over better.
But let’s talk about the concept of a cybersecurity unit for a moment. I think this concept has merit. If you were to combine the expertise of the US, Canada, Israel, Japan, and one or two other countries, and give them the mandate to monitor and interfere with malicious activities on the Internet, you could have a very powerful unit.
Think about the unit countries included. The communication expertise is very strong in those countries. Also, you currently have a situation were today’s technical infrastructure is located across international borders (think Cloud Services) so you HAVE to have countries working together to deal with criminal activities.
And, finally, you already have similar agreements with organizations like NATO and NORAD for mutual defence. The single biggest attack vector is no longer physical, its virtual. And this aplroach could deal with this attack vector.
Look, you will always have politics get in the way, naturally. Who leads this and who is second in command? Where will it be located? How do they interact with the world’s telecommunication companies? How do they deal with the differing Privacy legislation?
All that would have to be worked out. But you are now seeing Nation States using cyber attack mechanisms and that has to be dealt with in a multinational way. It can’t be a “one country” approach because the attack vectors come from multiple nation’s infrastructure, whether intentional or not. Not unless you want to be causing an incident with friendly nations.
I’ve seen this in action with the Olympics where the best in the World worked together to get phenomenal things done. Trust me, taking the best the world has to offer is impressive. And it helps to understand the cultural differences each country brings to the Internet.
A multinational cyber unit is a very worthwhile activity. Don’t discount it just because of the source. And make sure you trust the member nations included. It’s time to take the “wild west” aspects of the Internet.
Hope this helps…