September 9 – 10, 2015
Agenda #EWIcyber
1
The EastWest Institute is proudly hosting the 2015 Global Cyberspace Cooperation Summit in New York City.
EWI’s Global Cooperation in Cyberspace Initiative is convening policymakers, business leaders, technical experts and civil society with the objective to reduce conflict, crime and other disruptions in cyberspace and promote stability, innovation and inclusion. This invitation-‐only meeting of international actors aims to coordinate and consolidate the initiative’s progress, showcase results and promote collective action. The annual cyber summits provide a crucial forum for building international, private-‐public action to foster international cooperation in cyberspace. Breakthrough groups, aligned with the initiative’s objectives of economic and political development, digital security and stability, and sound governance and management, carry the program forward.
Global Cyberspace Cooperation Summit VI New York 2015 September 9-‐10, 2015 The Westin New York at Times Square 270 West 43rd Street New York, NY 10036
2
#EWIcyber
Dear Colleagues, Welcome to the EastWest Institute’s Global Cyberspace Cooperation Summit VI, the first that I have the privilege of supporting as EWI’s CEO and president. It marks a historic moment for EWI as well, as we celebrate our 35th year. The summit brings together cyber leaders from more than 40 countries to showcase progress, discuss issues and coordinate steps on the path towards a safer, more secure Internet. Through its informative plenary and hands-‐on breakthrough sessions, it provides a forum to foster cooperation in cyberspace. Participants will work on issues that have direct impact on economic and political development, digital security and stability and sound governance and management. Threats to cyberspace’s proper functioning—including cyber-‐enabled crime, insecure technology and the proliferation of cyber weapons—must be addressed by cooperative action. Our Global Cooperation in Cyberspace Initiative, which you are taking part in today, seeks to catalyze this action by building trust and seeking creative and effective solutions. Past successes helped shorten repair time for damaged undersea cables, reduce spam, and combat hackers globally. This summit is the latest in a series that began in 2010 in Dallas and continued in London, New Delhi, Silicon Valley and Berlin. Thank you all for being with us. We are excited for the progress to be made, with your help, over the days, months and years to come. Sincerely, Cameron Munter President and CEO
#EWIcyber
3
September 9, 2015
08:00-‐09:00
Majestic Ballroom 5th floor
Registration
09:00-‐09:10
Welcome
Manhattan Melville 5th floor Belasco Booth 3rd floor
Cameron Munter, President and CEO, EastWest Institute
09:10-‐09:30
Keynote Address
Chair: Speaker:
Sadie Creese, Professor of Cybersecurity, University of Oxford Suzanne E. Spaulding, Under Secretary, National Protection and Programs Directorate, U.S. Department of Homeland Security
09:30-‐09:50
Breakthrough Group Progress Update
Bruce W. McConnell, Senior Vice President, EastWest Institute
09:50-‐11:20
Plenary Panel I: Is Cooperation Possible in Cyberspace?
As the scope and depth of our dependence on cyberspace increase, so do the risks posed to the confidentiality, integrity and availability of electronic information and services. Nations and corporations strive to protect their most critical information assets in the face of actual and potential criminal, terrorist and military attacks from every side. How is cooperation possible in this increasingly tense environment? Representatives of major cyber powers will discuss what they can do in concert to calm the waters and help cyberspace realize its full potential for economic and social benefit.
Chair:
4
Joseph S. Nye, Distinguished Service Professor, Kennedy School of Government, Harvard University
#EWIcyber
Speakers:
Thomas Fitschen, Director for the United Nations, International Cyber Policy and Counter-‐Terrorism, Federal Foreign Office of Germany Udo Helmbrecht, Executive Director, European Agency for Network and Information Security (ENISA) Ryuichi Hirano, Counsellor, International Strategy Group, National Center of Incident Readiness and Strategy for Cybersecurity, Cabinet Secretary of Japan Mikhail Kalugin, Counselor and Head of Economic Office, Embassy of the Russian Federation to the U.S. Nicolas Niemtchinow, Coordinator for Cyber Security and Open Data to the Secretary General of the Ministry of Foreign Affairs of France Christopher Painter, Coordinator for Cyber Issues, U.S. Department of State
11:20-‐11:50
Networking Break
11:50-‐12:50 Chair: Speakers:
12:50-‐14:00
14:00-‐15:30
Keynote Conversation Matt Bross, Chairman and CEO, Compass Networks; Member, Board of Directors, EastWest Institute Katherine Getao, ICT Secretary, Ministry of Information, Communications and Technology of Kenya Robert Shlegel, Deputy, State Duma of the Russian Federation Zhao Zeliang, Director-‐General, Cyber Security Coordination Department, Cyberspace Administration of China
Lunch Breakthrough and Special Interest Groups -‐ Session I
Belasco, 3rd floor
Promoting Measures of Restraint in Cyber Armaments
The cyber arms race among major powers has a destabilizing effect on international order. The United Nations Group of Governmental Experts (GGE) and others are examining how international humanitarian law applies in cyberspace. This breakthrough group is developing recommendations that would stimulate the creation of a standing forum involving private sector and civil society for norms research and advocacy. It is examining areas of emerging consensus on norms of state behavior across governments and intergovernmental organizations. Finally, it is developing a “mutual cyber assistance request” protocol to enhance state-‐to-‐state cooperation on cyber incidents, as a confidence building measure.
#EWIcyber
Co-‐Chairs: Greg Austin, Professorial Fellow, EastWest Institute Jan Neutze, Director of Cybersecurity Policy, Europe, Middle East and Africa (EMEA), Microsoft
5
Discussants: Maurizio Martellini, Scientific Director, Insubria Center on International Security (ICIS) Shen Yi, Associate Professor, Fudan University Chief Editor: John E. Savage, Professorial Fellow, EastWest Institute; An Wang Professor of Computer Science, Brown University
Melville, 5th floor
Booth, 3rd floor
Modernizing International Procedures against Cyber-‐enabled Crimes
Global losses from cyber-‐enabled crimes likely exceed $400 billion annually. Progress on identifying, prosecuting and punishing cyber criminals across borders is slow. In particular, better cooperation is essential between law enforcement and the private sector on a global basis. This group is focusing on: (i) increasing the transparency of corporate response policies; (ii) developing a standard format for information requests under mutual legal assistance procedures. This session will review progress on these initiatives and plan for future success. Co-‐Chairs: Cody Monk, Special Agent, Federal Bureau of Investigation (FBI) Michael O’Reirdan, Senior Fellow, EastWest Institute; Engineering Fellow, Comcast Discussant: Jason D. Reichelt, Senior Adviser, Crime Prevention and Criminal Justice, UN Office on Drugs and Crime (UNODC) Chief Editor: Anthony Moyegun, Graduate Research Assistant, University of Houston Strengthening Critical Infrastructure Resilience and Preparedness The growing digitization and interconnection of society, and in particular critical infrastructures, increase the risk of accidental or deliberate cyber disruptions. This group is focused on the development of an action-‐oriented, interactive, community-‐based platform where critical infrastructure owners and operators can share stories related to cyber incidents. The platform will serve as an awareness and education resource. This session will present and refine the concept, provide feedback and roll out the work program.
Chair: Tom Patterson, Vice President and General Manager, Global Security Solutions, Unisys
6
#EWIcyber
Discussants: Gib Godwin, Senior Fellow, EastWest Institute; Managing Director, PricewaterhouseCoopers Public Sector Royal I. Hansen, Managing Director, Technology Risk, Goldman Sachs Tobby Simon, President, Synergia Foundation Chief Editor: Merritt Baer, Fellow, EastWest Institute
Manhattan, 5th floor
Two-‐Factor Authentication While most would agree it is time to “kill the password dead,” adoption of two-‐factor authentication is slow. How can EWI help accelerate this improvement? This session will review the work of the FIDO (Fast IDentity Online) Alliance and explore alternatives for accelerating progress on a global scale. Co-‐Chairs: Aaron Kleiner, Director, Cybersecurity Assurance and Advocacy, Microsoft Sami Nassar, Vice President and General Manager, Cyber Security Solutions, NXP Semiconductors Chief Editor: Jonah Force Hill, Internet Policy Specialist, National Telecommunications and Information Administration (NTIA), U.S. Department of Commerce
15:30-‐16:00
Networking Break
16:00-‐17:30 Booth, 3rd floor
Breakthrough and Special Interest Groups -‐ Session II Increasing the Global Availability and Use of Secure ICT Products and Services Governments and enterprises globally are increasingly concerned about the availability of ICT products and services that have sufficient integrity to support critical business and mission functions. One major challenge derives from the nature of the ICT marketplace, which thrives on technological innovation and development that leverages resources from all over the world. This group’s objective is to enable the availability and use of more secure ICT products and services. For providers in the ICT supply chain, the group promotes the use of recognized and proven international standards and best practices that improve product and service integrity. For buyers of ICT, the group fosters procurement practices founded on those same standards and best practices. It also works to prevent and, where necessary, break down trade barriers so that buyers can identify and utilize trusted providers regardless of their locale. The session will present the results of a survey of ICT vendors and buyers and discuss the action plan going forward. Co-‐Chairs: Sally Long, Director, The Open Group Trusted Technology Forum Angela McKay, Director, Cybersecurity Policy and Strategy, Microsoft Donald (Andy) Purdy, Chief Security Officer, Huawei Technologies USA
#EWIcyber
7
Belasco, 3rd floor
Manhattan, 5th floor
8
Discussant: Jonathan King, Vice President, Platform Strategy and Business Development, CenturyLink Chief Editor: Jonah Force Hill, Internet Policy Specialist, National Telecommunications and Information Administration (NTIA), U.S. Department of Commerce
Governing and Managing the Internet The Internet provides a new medium for communication, computation and storage that is insufficiently secure and robust. It expands opportunities for crime, fraud, theft and abuse. Governance mechanisms to deal with such a broad range of issues are often slow, weak or isolated, and need to be improved. In addition, existing governance models encounter questions regarding their legitimacy, culturally and politically, in part because of concerns about their composition and degree of accountability. This breakthrough group analyzes emerging approaches for improving potential effectiveness and proposes models that demonstrate agility, transparency, predictability, inclusivity and accountability. Chair: John E. Savage, Professorial Fellow, EastWest Institute; An Wang Professor of Computer Science, Brown University Discussants: Oleg Demidov, Consultant, PIR Center Nathalia Foditsch, Researcher, Center for Technology and Society, Fundação Getúlio Vargas Latha Reddy, Distinguished Fellow, EastWest Institute; Former Deputy National Security Advisor of India Chief Editor: Astrid Stuth Cevallos, Research Assistant, RAND Corporation
Managing Objectionable Electronic Content Across National Borders
Security concerns about Internet content are causing government entities to block or filter access to locally objectionable content and the websites it appears on. While states have the obligation for public safety, such concerns need to be balanced with the Internet’s potential for economic growth and prosperity; for the flourishing of imagination; for social interaction among people from different countries; and for people’s right of freedom of expression as stated in the United Nations Declaration of Human Rights.
#EWIcyber
Exercise of this right carries with it special duties and responsibilities and may be subject to certain restrictions, as provided by law and as necessary to respect for the rights and reputation of others, and the protection of national security, public order, or of public health or morals. This session will explore ways of increasing cooperation between private sector Internet platforms and law enforcement officials to better enable local laws and customs to be respected. Co-‐Chairs: Bertrand de La Chapelle, Director, Internet & Jurisdiction Project Jean-‐Yves Latournerie, Prefect, Government Special Advisor for the Fight against Cyber Threats, Ministry of the Interior of France Discussant: Pavel Karasev, Researcher, Institute of Information Security Issues, Moscow State University Chief Editor: Paul Fehlinger Manager, Internet & Jurisdiction Project Melville, 5th floor
17:30-‐18:30
#EWIcyber
Government Access to Plaintext Information This session will explore the tradeoffs associated with mechanisms to provide authorized government agencies with access to the plaintext version of encrypted information. It will examine the context in which decisions about such mechanisms would be made and identify and characterize possible mechanisms and means of obtaining information sought by the government for law enforcement or intelligence investigations. It will discuss ways to characterize risks so that they could be weighed against the potential law enforcement or intelligence benefits. Co-‐Chairs: Jon Eisenberg, Director, Computer Science and Telecommunications Board, National Academies of Sciences, Engineering, and Medicine Bruce W. McConnell, Senior Vice President, EastWest Institute Chief Editor: Erin English, Senior Security Strategist, Trustworthy Computing, Microsoft
Reception
9
September 10, 2015
08:30-‐09:00
Majestic Ballroom 5th floor
Registration
09:00-‐09:10
Welcome and Report Back from Day I
Bruce W. McConnell, Senior Vice President, EastWest Institute
09:10-‐09:30
Keynote Address
Chair: Speaker:
Robert N. Campbell, Founder and CEO, Campbell Global Services; Member, Board of Directors, EastWest Institute
09:30-‐10:40
Plenary Panel II: Global Encryption – Will It Make Us Safer?
Scott Charney, Corporate Vice President, Trustworthy Computing, Microsoft
Chair: Speakers:
10
Many cloud service providers and device manufacturers are enabling the encryption of user data to protect themselves and their users. This development raises significant concerns among law enforcement and intelligence officials that the spread of strong encryption will reduce their ability to anticipate, prevent or investigate serious crimes, terrorist activities and military threats. The panel will examine the tradeoffs between information security and legitimate government access. Bruce W. McConnell, Senior Vice President, EastWest Institute Robert Anderson Jr., Executive Assistant Director, Criminal, Cyber, Response and Services Branch, Federal Bureau of Investigation (FBI) Allan S. Cabanlong, Chief, Web Services and Cyber Security Division, Philippine National Police Susan Landau, Professor, Cybersecurity Policy, Worcester Polytechnic Institute; Visiting Professor, Computer Science, University College London Paul Nicholas, Senior Director of Global Security Strategy and Diplomacy, Microsoft
#EWIcyber
10:40-‐11:10 11:10-‐12:20
Networking Break Plenary Panel III: The Internet and the State
Chair: Speakers:
The interplay between state sovereignty, national and international law, and the boundary-‐ crossing nature of the Internet challenges the state’s autonomy within national borders. Meanwhile, Internet governance conversations seek an elusive middle ground between multi-‐lateral and multi-‐stakeholder models. The panel will examine the limits of the state and will explore other models that are effective, accountable and aligned with constituent values. Cameron Munter, President and CEO, EastWest Institute Dr. Chris C. Demchak, RADM Grace M. Hopper Professor of Cyber Security, U.S. Naval War College Sorin Ducaru, Assistant Secretary General, Emerging Security Challenges, NATO Preetam Maloor, Strategy and Policy Advisor, Corporate Strategy Division, International Telecommunication Union (ITU) Veni Markovski, Vice-‐President, UN Engagement, Internet Corporation for Assigned Names and Numbers (ICANN) Frédérick Douzet, Professor, French Institute of Geopolitics, University of Paris 8; Chairwoman, Castex Chair of Cyberstrategy
12:20-‐12:40 Chair:
Keynote Address Jerry Upton, Executive Director, Messaging, Malware and Mobile Anti-‐Abuse Working Group 3 (M AAWG)
Speaker:
Rick Howard, Chief Security Officer, Palo Alto Networks
12:40-‐13:40
Lunch
13:40-‐14:00 Chair: Speaker:
#EWIcyber
Keynote Address Fred Teng, President, America China Public Affairs Institute Donald (Andy) Purdy, Chief Security Officer, Huawei Technologies USA
11
14:00-‐14:50
Plenary Panel IV: Young Cyber Leaders Look Ahead
Chair: Speakers:
14:50-‐15:20
15:20-‐15:40 Chair:
This panel will feature young professionals working on critical cyberspace issues. Panelists will share their reflections on the summit and its relevance to the most pressing problems facing cyberspace today and in the future. Davis Hake, Director of Cybersecurity Strategy, Palo Alto Networks Astrid Stuth Cevallos, Research Assistant, RAND Corporation Oleg Demidov, Consultant, PIR Center Lu Chuanying, Research Fellow, Shanghai Institute for International Studies Joanna Świątkowska, Programme Director of CYBERSEC and Senior Research Fellow, Cybersecurity, Kosciuszko Institute
Networking Break Keynote Address Lt. General (ret.) Harry D. Raduege, Jr., Chairman, Center for Cyber Innovation, Deloitte; Senior Advisor, Deloitte & Touche LLP
Speaker:
Admiral (ret.) William A. Owens, Chairman, Red Bison Advisory Group LLC; Chairman, Board of Directors, CenturyLink; Member, Board of Directors, EastWest Institute
15:40-‐16:25
Plenary Panel V: Privacy in the Age of Surveillance
Chair: Speakers:
12
The unexpected scope of personal data collection by governments and companies is fracturing longstanding partnerships among international players. This panel will focus on ways to enhance individual privacy while recognizing the continued need of governments and corporations to collect and use personal data. Samir Saran, Senior Fellow and Vice President, Observer Research Foundation Kamlesh Bajaj, Distinguished Fellow, EastWest Institute Rogier Creemers, Lecturer, University of Oxford Matthias Gebauer, Chief Correspondent, Der Spiegel Gregory T. Nojeim, Director, Project on Freedom, Security and Technology, Center for Democracy and Technology
#EWIcyber
16:25-‐17:45
Plenary Panel VI: Breakthrough Group Outcomes and Next Steps
Chair: Speakers:
Breakthrough group representatives will report on the results from summit sessions and work done throughout the year, focusing on proposed next steps. They will be followed by reflections from a distinguished panel. Latha Reddy, Distinguished Fellow, EastWest Institute; Former Deputy National Security Advisor of India Greg Austin, Professorial Fellow, EastWest Institute Karsten Geier, Head, Cyber Policy Coordination Staff, Federal Foreign Office of Germany
17:45-‐18:00
Closing Remarks and Farewell
Cameron Munter, President and CEO, EastWest Institute
#EWIcyber
13
Network: WestinMeetingRooms Access code: summit
Floor Plan 5th Floor
3rd Floor
PLENARIES, KEYNOTES BREAKTHROUGHS GROUPS
14
#EWIcyber
#EWIcyber
15
EastWest Institute Global Cooperation in Cyberspace Initiative SUPPORTERS Microsoft Huawei Technologies
Palo Alto Networks NXP Semiconductors Qihoo 360 Unisys CenturyLink The William and Flora Hewlett Foundation PARTNERS IEEE Communications Society Munich Security Conference The Open Group The University of New South Wales
New York Brussels Moscow Washington, D.C. 16
ewi.info @EWInstitute #EWIcyber #EWIcyber