China and India Pledge to Work Together on Cybersecurity
On the second day of EastWest Institute’s 3rd Worldwide Cybersecurity Summit in New Delhi, leading Indian and Chinese cyber experts declared their commitment to increased cooperation between their two countries, particularly between their Computer Emergency Readiness Teams (CERT).
“CERTs have to drive nations to international cooperation,” said Gulshan Rai, Director General of CERT India. “India and China will be cooperating with each other to secure cyberspace.” Zhou Yonglin, Director of the Internet Society of China, added: “We had very good talks with Dr. Rai on how to improve cooperation between China and India CERTs. We can help each other to stop the threats.” Both representatives also pledged greater cooperation with other nations.
As demonstrated by a poll of the more than 300 participants from 22 countries who are taking part in the summit, the need for such cooperation is greater than ever. Ninety-three percent of those surveyed believe that the cybersecurity risk is higher than a year ago.
Other results include: 47% believe that corporate boards grossly underestimate the cybersecurity problem and 19% believe that those boards are so confused that they don’t know what to think; 63% believe that their governments are only in the early stage of understanding and committing themselves to international cooperation in cybersecurity; 45% believe their country can defend itself against cyber attacks; and 40% believe that their privacy is not protected online while 32% believe it is protected.
While acknowledging some progress in efforts to combat global cyber crime, former U.S. Secretary of Homeland Security Michael Chertoff assessed the current level of international cooperation on cybersecurity as “fair to middling.” Pointing to major differences on such issues as intellectual property and data protection, he added: “We haven’t accomplished what we need to accomplish.”
Vartan Sarkissian, CEO of Knightsbridge Cybersystems, also stressed the need for international cooperation, but he maintained that the process must begin at the local level. “The challenge is further complicated by the fact that companies are ignorant of their own vulnerabilities,” he said. “They don’t know the specific protocols of their own systems.”
Erin Nealy Cox, Executive Managing Director at Stroz Friedberg, concurred that private companies often are lacking basic information on the cybersecurity problems they face. “CEOs need more metrics in this area,” she said, arguing that without such information much of the spending on cybersecurity measures could prove ineffective. She pointed to a forthcoming EastWest Institute study that will seek to fill this void by providing clearer guidelines for measuring the problem. “EWI’s work in this area will be very significant,” she added.
In his concluding keynote address, Deloitte’s Indian-born Chairman of the Board Punit Renjen commended the EastWest Institute’s decision to hold the summit in New Delhi. “India has a cyber vision that is grand and it is bold,” he said, pointing to the way the Internet has lifted millions from poverty. But he also noted that most of the population still lacks connectivity, and cyber crime is already taking a heavy toll, with an estimated $6 billion in annual losses in India and $400 billion worldwide. “Right now it seems that the bad guys are winning,” he said.
“This is a great, great challenge; that’s why these summits are so important,” Renjen continued. “EWI has certainly provided leadership by serving as a catalyst for collective transnational action.”
The recommendations of the New Delhi summit will be pursued over the course of the next year, forming the basis for discussions at the 4th Worldwide Cybersecurity Summit that will be held in Silicon Valley in 2013.