PARIS – Monday, 9AM at the 13th Internet Governance Forum we join OECD and a panel of esteemed experts to present an Open Forum on the technical and regulatory frontier of private sector hacking and cyber-countermeasures:
Private sector hack-back: Where's the limit? Join us at #IGF2018 Paris, Monday 9AM Room IX for a deep dive into the future of active cyber defence with @OECDhttps://t.co/ADxlr4xvks pic.twitter.com/Q3zPkoLNNN
— NetBlocks.org (@netblocks) November 11, 2018
Key questions to be discussed by speakers and participants on site and online include:
- What renders a digital security measure as “active” rather than “passive”? What are concrete measures that might fall into each category? Is this categorisation necessary? What is a technology neutral description of “active cyber defense”? Where are the boundaries between “hacking back” and “active cyber defense”?
- What is the prerogative of governments in responding to an attack and where does the scope of action of a business start and ends? Could anyone use proactive defence measures or should only “qualified” players be allowed to enter this space? Should there be any oversight?
- What are the limits of “active cyber defense”? How would what is acceptable and what is not be determined? • What are the risks of hacking back, including to the Internet and other users? Is there any way to mitigate those risks? Who would be responsible in case of damages to a third party?
- Is there a need for internationally agreed rules and principles in this area? And more generally: has the time come for new rules and guiding principles to clarify businesses’ scope of action, and to allow them to pursue a proactive defence approach of their systems and data in an ever increasingly digital and data-driven world?
To discuss this issue, this Open Forum will bring together 5 speakers, with gender, regional, and stakeholder balance. Discussions will feed the preparation of the inaugural event of the OECD Global Forum on Digital Security for Prosperity (13-14 December 2018, Paris) which will focus on the roles and responsibilities of actors for digital security.
- Laurent Bernat – OECD (moderator)
- Karine Bannelier – Associate Professor of Int. Law, Dep. Director Cyber-Security Institute, University Grenoble Alpes, France
- Angela McKay – Microsoft
- Alp Toker – Technical Community, Netblocks.org
- Leandro Ucciferri -Asociación por los Derechos Civiles, Argentina
- Yves Verhoeven – French National Cybersecurity Agency (Agence Nationale de la Sécurité des Systèmes d’Information – ANSSI)