Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

7/5/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Global Commission on the Stability of Cyberspace Holds First Full Commission Meeting

THE HAGUE, NETHERLANDS - The Global Commission on the Stability of Cyberspace (GCSC) convened in Tallinn, Estonia on June 2-3. Marina Kaljurand, GCSC Chair and former Foreign Minister of Estonia, presided over the meeting, together with the two co-chairs, Michael Chertoff, former Secretary of the U.S. Department of Homeland Security, and Latha Reddy, former Deputy National Security Adviser of India. The meeting was hosted by the Ministry of Foreign Affairs of Estonia and coincided with the 9th iteration of CyCon. The Chairs, several Commissioners, and other GCSC members, spoke at CyCon at the invitation of the NATO Cooperative Cyber Defence Centre of Excellence.

"The Tallinn meeting was the first full Commission gathering, marking a critical step towards confirming the GCSC’s approach and direction over the next years of its three-year mandate," said Marina Kaljurand, GCSC Chair. "Based on extensive deliberation, the Commissioners confirmed the group’s core themes to be addressed, operating agenda, research capacity and timelines."

The meetings began on June 2 with sessions on cyberstability. Ten experts were invited to provide analysis on the critical developments and initiatives in the field of international cyberspace stability and present on the most pressing research and policy proposals that emerged from the GCSC Inaugural Meeting in Munich, in February of this year. The Hearings were moderated by the Chairs of the Research Advisory Group and helped to inform the deliberations of the Commissioners the following day.

On June 3, the Commissioners convened in a closed session to decide on the work program for the coming year, centered on developing proposals for norms and policies to enhance international and stability and guide responsible state and non-state behavior in cyberspace. The prioritized topics for 2017 include the "public core of the Internet" and "critical infrastructures," and the protection thereof. As a first step the GCSC will focus on a working definition of critical infrastructure that serves the Commission’s needs. To this end, it will set out to distinguish between the public core of the Internet, critical infrastructures of the Internet, and IT-aspects of non-Internet critical infrastructures. By means of a mapping exercise, the Commission seeks to get a better understanding of the public core and critical infrastructures, as well as the protective measures and state practices in this context.

The Commission also touched upon other topics, such as the protection of electoral infrastructures, the application of sovereignty, secure access for the next billion users, rules for offensive actions in cyberspace, attribution and compliance to norms and private sector responsibilities, amongst others. The Commission is continuing its deliberations in these areas as well, and expects to build on the substantial contributions made by multilateral expert groups to the collective understanding of the challenges and approaches to increasing stability in cyberspace.

In addition, the GCSC announced the launch of the Research Advisory Group (RAG), and its Chairs were introduced to the Commissioners. The RAG will help execute and implement the Commission’s research agenda, particularly on international cybersecurity, law, Internet governance, and technology & information security practice. More information on how to join the Research Advisory Group can be found here.

The GCSC will convene a smaller scale Commission meeting on July 27 on the margins of Black Hat in Las Vegas, U.S. In the run-up to the meeting, the GCSC Secretariat and the Chairs of the Research Advisory Group will publish the Requests for Proposals (RFPs) on the email platform of the Research Advisory Group. Researchers and institutions that are a member of the Research Advisory Group can respond to these RFPs with proposals. The subscription procedure for the Research Advisory Group is explained here. The RFPs provide additional details on the immediate research priorities of the Commission and will be published before today.

The Hague Centre for Strategic Studies, the EastWest Institute, the Chairs and Commissioners would like to thank the government of Estonia for hosting the Tallinn meeting, as well as the GCSC partners, the government of The Netherlands and Singapore, Microsoft, the Internet Society (ISOC), and the other funders for supporting the work of the Commission.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...