Global Conference on CyberSpace 2015

Opening session

Mark Rutte, Prime Minister of the Netherlands, will open the conference, followed by an introduction by Bert Koenders, Minister of Foreign Affairs of the Netherlands, host of the GCCS. The conference will start with a strategic discussion among representatives of all stakeholders on the most important current developments in cyberspace. A panel consisting of high-level government officials and private sector and civil society leaders will sketch the main opportunities, dilemmas and challenges facing the further evolution of the internet. All main issues of the conference will be touched upon: internet governance and multistakeholder cooperation, freedom and privacy online, the digital divide, the internet as enabler for social and economic development, cyber security and cybercrime. The panel will address questions such as:

• How should we balance freedom, security and economic development and innovation in cyberspace?

• How do we guarantee an open, free and secure internet?

• What are the responsibilities of the various stakeholders in cyberspace, e.g.: what  role should governments vis a vis the private sector play in protecting privacy online?

• How can we improve cooperation between governments, private sector and civil society in cyber-related matters?

• How can we maintain and improve trust by consumers in the internet?

• How can we stimulate research and development, and interdisciplinary academic cooperation in order to strengthen cyberspace?

The panel will be followed by ministerial statements.

Moderator: Riz Kahn, Founder and CEO of Global Media Productions

Panellists:

• Mireille Ballestrazzi, President of Interpol

• Vint Cerf, Vice-President of Google

• Nnenna Nwakanma, World Wide Web Foundation

• Fadi Chehadé, CEO ICANN

• Yurie Ito, Director of Global Coordination Division for the JPCERT/CC

• 12:30 to 13:15 None

Side Event: Lunch panel on 'Cyber warfare and jus in bello'

The International Committee of the Red Cross, with the support of the Netherlands Ministry of Foreign Affairs, will organise a short side-event on 'Cyber warfare and jus in bello' during the Thursday lunch break of the conference. This panel will focus on the use of cyber operations as means and methods of warfare during armed conflict, namely cyber warfare. It will give participants insights into the challenges that cyber warfare creates for the application and interpretation of international humanitarian law (IHL). The panel will touch upon issues such as the potential human cost of cyber warfare; the protection that IHL affords to infrastructure essential to the civilian population against cyber attacks; the challenges that the dual use of cyberspace creates for the principle of distinction; or the legal review of cyber weapons.

The panel should support participants in gaining a better understanding on whether the relevant IHL norms, in particular the rules governing the conduct of hostilities, appear to be sufficiently clear in light of the specific characteristics and foreseeable human cost of cyber warfare.

• 13:15 to 14:45 Livestream available

Scenario-based Policy Discussion

An interactive discussion ensures all participants are aware of the urgency of the challenges we face in cyberspace. The discussion is based on a fictitious but realistic scenario which presents dilemmas we face in cyberspace. See the teaser on youtube. Panellists representing governments, private sector and civil society will be asked to come up with concrete solutions to the issues posed in several short film clips. The entire audience will be able to react to the scenario and to the proposed solutions.

Moderator:

• Riz Kahn, Founder and CEO of Global Media Productions

Panellists-VIP Panel:

• Klaas Dijkhoff, State Secretary for Security and Justice of the Netherlands

• Robert Nicholson, Minister of Foreign Affairs of Canada

• Pedro Huichalaf, Vice Minister for Telecommunications of Chile

• Michèle Coninsx, President of Eurojust

• Eelco Blok, CEO of KPN

• Cheri McGuire, Vice President, Global Government Affairs & Cybersecurity Policy of Symantec Corporation

• Sunil Abraham, Executive Director of the Centre for Internet and Society

Panellists - CyberSpace Perspective Panel:

• Giuseppe Targia, Vice President Security of Nokia

• Gerard Hartsink, Vice-Chair of the Digital Economy Commission of the International Chamber of Commerce (ICC)

• Guillaume Poupard, Director General of the Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI)

• Coen Vermeulen, Division Director Cash and Payment Systems of the Dutch Central Bank

• 15:00 to 16:15 Livestream available

Prolonged Opening Session

Ministerial statements.

• 15:00 to 16:15 Livestream available

FOCUS SESSION : International peace and security in cyberspace

The use of cyber operations has become a new challenge in the field of international peace and security. How can international political cooperation be reinforced and international law applied in order to avoid conflicts and maintain a stable cyberdomain?

It is likely that cyber capabilities will be part of future conflicts and, below the threshold of armed conflict, there is a growing risk of cyber attacks by state and non-state actors. The use of this tool is incentivized by low entry costs, high potential gains and low political and legal risks in case of discovery. Given the unique attributes of this tool and the difficulty of verifying behavior, there is the potential for mistaken attribution, miscalculation and unintended escalation in a time of crisis. The threats and risks must not be exaggerated, but the increasing use of cyber operations potentially creates instability and mistrust in international relations. Uncertainty and insecurity raise the spectre of a cyber arms race, which would be even more destabilizing.

The need for international cooperation to reduce these risks is clear. This is a strategic challenge for states that transcends the technical and operational level. It is also a challenge in which the private sector must be a part of any solution, given its ownership over most of the global cyber infrastructure.  Although sometimes described as “wild West” characterized by normative ambiguity, cyberspace is not sui generis. Much work has been done to affirm the applicability in cyberspace of existing international law and norms for State conduct, in which especially the 2013 the report of the Group of Governmental Experts stands out as a landmark achievement.

Against this background, the fundamental challenge is to further develop a sustainable international cyber stability “regime”, both between states and non-state actors, and to work out how this connects into the overarching regime complex for managing global cyber activities. This focus is relevant for all countries and companies, not just for the ‘cyber great powers’.

1. How to develop international security and stability within the regime complex for managing global cyber activities
2. What are the responsibilities of States towards other States that follow from the application of international law and the principle of State sovereignty to State activities in cyberspace? 
3. What norms or additional measures of self-restraint or mutual assistance can States and companies implement to create a more stable cyberspace?

Speakers:

• The Hon. Julie Bishop MP, Minister for Foreign Affairs, Australia

• Mr. Christopher Painter,  Coördinator for State Department United States of America

• Chen Xu H.E. Ambassador Ministry of Foreign Affairs People’s Republic of China

• Arvind Gupta H.E. Deputy National Security Adviser India

• Minister for Foreign Affairs, Estonia (to be confirmed)

• Mr. Matt Thomlinson, Vice President of Security Microsoft United States of America

• H.E. Mrs. Amina Mohamed, Cabinet Secretary for Foreign Affairs, Kenya

Moderator:

Joseph S.  Nye, Professor University Distinguished Service Professor Harvard Kennedy School of Government United States of America

Professor Joseph S. Nye is the author of The Regime Complex for Managing Global Cyber Activities, which was written as part of his participation in the Global Commission on Internet Governance.

15:00 to 16:15 Livestream available

Parallel Session : The Ethics of Algorithms - From Offensive Content to Self-Driving Cars

From search engine results to predictive policing, algorithms are determining and shaping ever more parts of our lives. This new type of governance has a name: algorithmic regulation. What are the ethical responsibilities of those architecting algorithms and for us as a society?

Algorithms are used to decide who should be hired, or who should be flagged as a suspect; which news gets highlighted and which stories disappear from social media feeds. The subjective decisions by institutions and companies who design computer algorithms to process information, also known as ‘algorithmic regulation’, may directly interfere with freedom of speech. Ensuring that such algorithms are in line with human rights standards will be a challenge for governments and companies in the coming years.

This is why this session brings together leading experts from academia, technology and civil society to discuss the ethical dimensions for those architecting algorithms and for us as a society.

Background information: Ethics of Algorithms

Panellists:

• Ben Wagner, director Centre for Internet & Human Rights (moderator)

• Jillan York, Policy Director freedom of expression Electronic Frontier Foundation

• Richard Allan, Director of Policy in Europe, Facebook

• Frank LaRue, Director of European Operation, Robert F. Kennedy Human Rights

• Kave Salamatian, Professor of computer Science, University of Savoie

• Joe McNamee, Executive Director, European Digital Rights

• Frank Pasquale, Professor of law, University of Maryland, Francis King Carey School of Law

15:00 to 16:15

Parallel Session : CSIRT Maturity

The cyber threat landscape is constantly changing and the responsibility to prevent, detect and respond to incidents is ever more challenging. To remain effective and to be able to meet these rapidly evolving challenges, Computer Security Incident Response Teams (CSIRTs) must evolve continuously. The cyber domain is not limited by political borders and most cyber threats cannot be adequately addressed by any single CSIRT. Therefore international cooperation with a view to reaching higher levels of CSIRT maturity is essential. During this session (among other things) the “Quick Scan CSIRT Maturity” as well as the “Toolkit CSIRT Maturity” will be demonstrated.

Moderator:

• Wout de Natris, Consultant, De Natris Consult/MKB Cyber Advies Nederland

Speakers:

• Baiba Kaskina, General manager CERT Latvia

• Aart Jochem, Head of Monitoring and Response, National Cyber Security Center - NL

• Jordana Siegel, Director, International Affairs, Office of Cybersecurity and Communications, US Department of Homeland Security

Panellists:

• Maarten van Horenbeeck, Chairman, Forum of Incident Response and Security Teams (FIRST)

• Steve Purser, Head of Core Operations Department ENISA

• Jean Robert Hountomey, CEO AfricaCERT

15:00 to 16:15

Parallel Session : Cybercrime, jurisdiction and hosting

Cybercrime is a growing problem for people, business and the economy. This parallel session will focus on the problem of cybercrime and the specific problems that law enforcement organisations encounter in addressing it. For cybercriminals, the rewards can be substantial, while the risk of being caught is limited. The risk can further be decreased by using the complex nature of the internet and by spreading criminal activity across different jurisdictions. The reselling of hosting services can hamper the efficient acquisition of digital evidence and other relevant data. Furthermore, criminals often know which countries have limited legal possibilities or technical capacity for effective law enforcement.

In this parallel session the participants will discuss possible options to prevent criminal safe havens. How can we prevent criminals from abusing the complex and international nature of the internet  to avoid law enforcement? How do criminals use the complex and international nature of the internet, cloud services and bad hosting for their criminal activity? Considering the loss of location of data and services, what policies could help overcome the problems connected to the territory-based concept of jurisdiction?  In a multistakeholder cyber environment, how can hosting providers, cloud services and other private organisations help to prevent criminal safe havens from emerging?

Moderator:

• Jamie Saunders, Director, National Cyber Crime Unit, United Kingdom

Speakers:

• Sergey Lozhkin, researcher Kaspersky Labs

• Zahid Jamil, Barrister-at-law, Jamil & Jamil, Pakistan

• Angela McKay, Director of Cybersecurity Policy and Strategy, Microsoft

• Bert-Jaap Koops, Professor of Regulation & Technology at the Tilburg Institute for Law, Technology, and Society (TILT), the Netherlands

• Koen Hermans, Public Prosecutor, Eurojust

• 16:45 to 18:00 Livestream available

FOCUS SESSION : A secure place for business and people

To help fight the abuse of the internet, cooperation between different international stakeholders is key. This cooperation is explored by discussing the various roles and responsibilities of businesses, governments and citizens/consumers.

Even after 30 years, the internet is still unlocking extraordinary potential within societies. Unfortunately, along with this extraordinary potential are equally unbelievable threats. The rise of consumer broadband has greatly increased the power of botnets to launch crippling denial of service (DoS) attacks on servers, infect millions of computers with malware, steal identity data, send out vast quantities of spam, and engage in click fraud and extortion. As a result, botnets are considered a primary security threat of the internet today, threatening businesses and people worldwide.

Moderator: Riz Khan, Founder and CEO of Global Media Productions

Panellists:

• Mr. Hiromichi Shinohara, Senior Executive VP and CTO of NTT

• Mr. Christian Rivierre, VP International Development Thales

• Mrs. Kathryn Brown, President and CEO of Internet Society

• Mr. Rob Wainwright, director Europol

• Jan Kleijssen, Director Information Society and Action Against Crime, Council of Europe

• Mr. Thorbjørn Jagland, Secretary General Council of Europe

• Mr. Han Moraal, Chairman of the GPEN Committee (Global Prosecutors E-crime Network) at International Association of Prosecutors (IAP)

• Mr.  Raphael Koffi, Head of Telecommunication/ICT Division, Ecowas, Nigeria

• Mr. Peter Lord, Director of Technology Policy of Oracle, special advisor to Commission on the Digital Economy of the International Chamber of Commerce

16:45 to 18:00 Livestream available

Parallel Session : Rethinking the social impact of new cyber technologies

As in the recent past, the coming months will be characterized by exciting new technological developments in the cyber domain becoming adopted in our everyday lives. Many of these innovations have great potential in improving and enhancing matters in areas such as healthcare, education or business. Just think of the enormous potential being unlocked by wearable computers, drone technology or brain-computer interface!

Policymakers, however, often lag behind in estimating the social impact of these innovations, both in validating their potential and their disadvantages. At the GCCS2015 various stakeholders will therefore sit down to discuss the impact of today’s and tomorrow’s technological developments in the cyber domain, thereby looking for fitting policy answers to the social issues (security, privacy, ethics) raised.

Speakers:

• Erik Huizer, Chief Technology Officer at SURFnet, part-time professor Internet Applications University of Utrecht

• Philip Brey, professor of philosophy of technology and chair of the department of philosophy, University of Twente

• Gry Hasselbalch, founder of Mediamocracy

Demo's:

• Wladimir Mufty, product manager at SURFnet

• Joost Damen, IT Engineer and Young Talent Program participant at SURFnet.

16:45 to 18:00 Livestream available

Parallel Session : Clarifying the application of existing international law in cyberspace

This panel discussion will put forward a range of perspectives on the future progressive development of the application of international law in cyberspace. This panel will bring together legal specialists from academia or think tanks from key cyber states and other stakeholders.

Objectives:

• To promote in-depth discussion on a number of questions related to the application of existing international law, both above and below the threshold of armed conflict.

• To facilitate an airing of views, not to resolve these issues or to reach consensus.

• To inform the thinking of the international community as they continue to discuss the specifics of applying international law to the cyber domain.

Participants:

• Ben Baseley-Walker, Programme Lead, Emerging Security Threats program, United Nations Institute for Disarmament Research (moderator)

• Professor Michael N. Schmitt, Professor of Public International Law, Exeter University

• Mr. Laurent Gisel, Legal Adviser, International Committee for the Red Cross

• Professor Tang Lan, Deputy Director, Insitute of Information and Social Development, China Institutes for Contemporary International Relations

• Mr Kriangsak Kittichaisaree, United Nations, member of the International Law Commission

16:45 to 18:00

Parallel Session : Towards 21st century internet standards

While modern internet standards are of crucial importance to protect cyberspace, the limited uptake of security related internet standards seems systemic. The structural inability to shed troublesome legacy internet technology, and upgrade to more secure and reliable 21st century alternatives, is by now seriously affecting the usability, robustness and scalability of the internet. This in turn significantly affects growth opportunities as well as hollowing out user trust.

Why is it so hard to migrate the internet to more modern internet standards? What are the underlying economic factors that come into play, and what are the possibilities for e.g. governments to positively influence market externalities? What can we do to create and leverage awareness of suppliers and users? How can we raise the bar to a cybersecurity level which is better in line with the global business and societal importance of the internet?

This parallel session is centred around the issue of spurring adoption of modern internet standards in cyberspace, and highlighting some interesting approaches and best practices - including the initiative internet.nl which will be launched during the GCCS.

It will be an interactive session, delving deep into the issue together with renowned speakers and panellists representing governments, civil society, academia, business, and the internet technical community. We will discuss the role of different stakeholders with regard to the adoption, promotion and implementation of modern internet standards - and discuss approaches to finally start moving the needle.

Moderator

• Gerben Klein Baltink, Chairman of Platform Internet Standards and co-owner SME Cyber Advise Netherlands

Panellists

• Olaf Kolkman, Chief Internet Technology Officer at Internet Society International

• Melissa Hathaway, Senior Advisor Project on Technology, Security, and Conflict in the Cyber Age at Belfer Center, Harvard University

• Jonne Soininen, Head of Software Industry Initiatives at Nokia Networks

• Demi Getschko, Chief Executive Officer at Brazilian Network Information Center

• Ramsés Gallego, Security Strategist & Evangelist at Dell Software

• Michiel Leenaars, Director at Internet Society Netherlands

16:45 to 18:00

Parallel Session : Building Public Private Cooperation in Cyber Security

For a more secure cyberspace, partnerships are essential for the security and resilience of our infrastructures. Sharing good practices in public private partnerships can help managing the collaborative cyber risks in a domain where the threat landscape is continuously changing.

Main goals of the session:

• Inform: Showing the importance of (international) public-private partnerships

• Practice: Sharing international good practices in public private partnerships (incl conditions, issues, lessons learned and the next steps)

• Activate: Sharing information to create an international community on cooperation

Moderator:

• Roderik van Grieken, founder and director of the Dutch Debate Institute

Speakers:

• Hans Henseler, Managing Director Tracks Inspector

• Mari Ichikawa, counsellor, National center of Incident readiness and Strategy for Cybersecurity (NISC) Japan

• Joanne Trimble,  Head of International Engagement | CERT-UK

• Igor van Gemert – Senior Business Consultant , Alliander

• Fernando Sanchez, Director National Centre for Critical Infrastructure Protection, Ministry of the Interior, Spain.

• Auke Huistra, International Corporation

Documents:

• Cyber Security of Industrial Control Systems
  Crucial processes in most critical infrastructures, and in many other organisations, rely on the correct and undisturbed functioning of Industrial Control Systems (ICS). A failure of ICS may both cause service disruptions, and result in safety risks to people and or the environment. Therefore, the cyber security and resilience of ICS is of utmost importance to society as a whole, to utilities and other critical infrastructure operators, and to organisations which use ICS. This document first and foremost, provides private and public sector executives with an Executive Summary outlining the ICS risk and challenges. This document appeals to the executive leadership of organisations to address the clear and present cyber security danger to their organisations and our societies as a whole.

• From Awareness to Action: Bridging the gap in 10 steps
  This interactive website presents the results from The Grand Conference 2014, “Building a Resilient Digital Society”. The website captures the most salient points that have been raised by the high-level stakeholders from the private, public, and knowledge domains during the interactive debates about necessary steps to enhance cyber resilience across all levels of society.

• Sharing Cyber Security Information
  When discussing cyber security in an international context, information sharing in a public-private-participation context is one of the most heard suggested solutions for increasing cyber resilience. However, there is a world, if not a universe, between the concept of information sharing and the practice of doing it. This Good Practice booklet contains the Dutch experiences, knowledge and lessons learned concerning information sharing.

• Summary Report of the Meridian Conference 2014
  The Meridian Conference 2014, a conference for government officials responsible for Critical Information Infrastructure Protection (CIIP), was held from 12 to 14 November, 2014, in Tokyo, Japan.
  As a deliverable of the Meridian Conference 2014, the Summary Report of the Meridian Conference 2014 was developed to present key findings for CIIP.

• 18:15 to 19:00 Livestream available

Global Forum on Cyber Expertise

Founding partners will launch the Global Forum on Cyber Expertise: a global platform that contributes to cyber capacity building. The GFCE stimulates new funding streams and the sharing of expertise and experiences in the field of cyber security, cyber crime, data regulation and e-development. By matching supply and demand, countries that lack knowledge in certain cyber areas can benefit from the knowledge and expertise that will be provided by countries and companies with more experience in cyber matters. The GFCE will be launched officially with the adoption of a political declaration that emphasises the need for more capacity building, exchanges of best practices and strengthened international cooperation.

Moderator: Riz Khan, Founder and CEO of Global Media Productions