cscss isc (international strategy for cyberspace)

CSCSS AND ISC:A COORDINATEDSTRATEGY FRAMEWORK

ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE

CSCSS

The Centre for Strategic Cyberspace + Security Sciencehas created this International Strategy for Cyberspace (ISC)as a strategic-level policy document offering a practical,comprehensive, and clear vision for the future of cyberspace.It sets an agenda for partnering on cybersecurity andassociated initiatives at an international level, and highlightsthe importance of international cooperation in advancingcyberspace as a foreign policy priority.

A CSCSS STRATEGIC APPROACH TO INTERNATIONALCYBERSECURITY

The Centre for Strategic Cyberspace + Security Science (CSCSS)has developed its International Strategy for Cyberspace (ISC). In support of this strategy, CSCSS will continue to promote cyberinnovation, initiatives, research, and education in its approach tointernational cyberspace issues and policies. CSCSS identifiesthe challenges to, and enhances, national, international, andeconomic security, focusing on cyber-environments that ardefined as being:

n OPEN to innovation n INTEROPERABLE the world over n SECURE enough to earn people’s trust n RELIABLE enough to support their work

These characteristics provide a basic framework for internationalobligations in cyberspace. They reflect the responsibility andobligations of states that apply regardless of context. The principles that should support cyberspace norms include:

n Economic Engagementn Protecting Networksn Law Enforcementn Protection from Crimen Military Cooperationn Multi-Stakeholder Internet Governancen International Cybersecurity Developmentn Internet Freedomn Valuing Privacyn Upholding Fundamental Human Rights and Freedomsand the Right to Self Defense

n International Cybersecurity Awareness and Workforce Education

Driving Security and Technical Capacity throughCybersecurity Capacity BuildingCooperation, partnership, and credibility are critical tocultivating a dynamic, international research community able totake on the development of technologies required to face next-generation challenges to cybersecurity. It is imperative that weacknowledge cybersecurity as a global issue that must beaddressed through strategic pan-national efforts on the part of all countries focused on cybersecurity capacity building. Inrecognition of this, CSCSS will expand and regularize initiativesfocused on cybersecurity capacity building and cyber technologydevelopment through:

n High-level bilateral, multilateral, and internationalpartnerships

n Collaboration with public-private sector and academian Enhancement of national-level cybersecurity n Ongoing promotion of cyber technology development, whileaddressing cybercrime and counterintelligence

CSCSS, as part of its vision and mission, and in support of itsInternational Strategy for Cyberspace, will work in collaborationwith the public-private sector leveraging relationships withindustry, academia, government agencies, and internationalcyber-counterintelligence community partners to establish anenvironment in which the norms of responsible behavior guideactions, sustain partnerships, and support the rule of law.

These norms include: n Global (Cyber) Interoperability n Cybersecurity Due Diligence n Multi-Stakeholder Governance n Upholding Fundamental Freedoms n Respect for Property n Valuing Privacy n Protection from Crime n Right of Self-Defense n Network Stability n Reliable Access

Development: Building Prosperity and Cybersecurity We believe the benefits of a connected globe are collective.Through our international relationships, partnerships, andassociations, CSCSS will continue to support strategies thatensure as many nation-states as possible recognize the virtuesof an open, interoperable, secure, and reliable cyber-environment,and become responsible stakeholders in cyberspace.

All trademarks or registered trademarks are properties of their respective owners. Copyright © 2013 The Centre for Strategic Cyberspace + Security Science. All rights reserved

International Policy Priorities The International Strategy for Cyberspace is an invitation toother nations and peoples to unite in a vision of prosperity,security, and openness through a digitally interconnected world;to coordinate their roles in international cyberspace policy, andto define and execute a specific way forward on the internationalcyber-stage.

CSCSS advances its activities across inter-reliant areas ofoperation relating to cybersecurity research, development, and education. Each area demands collaboration with thepublic-private sector, academia, and international cyber-counter-intelligence community partners. Taken as a whole, they formthe action lines of an international strategic framework throughwhich CSCSS will:

Promote International Standards, TechnologicalInnovation, and Open Markets Supporting the Economyand Economic Growthn Endorse free-trade environmentsn Encourage technological innovation on accessible and secureglobally-linked networks

n Protect intellectual propertyn Ensure the confidentiality, integrity, and availability of interoperable and secure technical standards

Protecting Critical InfrastructureIn coordination with industry partners, CSCSS will create a set of risk-based standards related to industry-criticalinfrastructure verticals, and will drive the development of cybersecurity plans to meet these standards

Promote Cyber-Collaboration and the Rule of Law n Act as voice for international cybercrime and policydevelopment

n Work to define and harmonize cybercrime laws, internationally, through the expansion and adoption of the Budapest Convention

n Focus, leverage, expand, and endorse cybercrime laws to fight illegal activities, not to restrict access to the internet

n Deny terrorists and cyber-criminals the means with which to exploit the internet and cyber technologies for planning,financing, or attacks

Computer Security Law EnforcementCSCSS will work globally to clarify and synchronize the fund-amental legislative elements of cybercrimes and cyber-law andto create standardized penalties for violations of the law

Data Breach NotificationCSCSS will actively promote provisions that would establish a national data breach reporting system. The provisions areaimed at standardizing the requirements for reporting securitybreaches by, among other things, establishing statutorydefinitions of a ‘security breach’ and ‘sensitive personallyidentifiable information’

Promote National Security: Facing Emerging Security Challenges n Collectively and internationally defend our national andeconomic interests, citizens, and allies everywhere they mightbe threatened

n Recognize, distinguish, and adapt to national securityrequirements for increasingly reliable, resilient, and secure networks

n Build-on, enhance, and expand cooperation existing betweennational, international, intelligence, and military alliances toconfront potential threats in cyberspace and to increasecollective cybersecurity

Promote Effective Internet Governance and Frameworks n Promote internet governance structures that effectively servethe needs of all global internet users

n Drive openness, ethical competition, and innovation on the internet

n Protect global internet security and stability n Endorse and enhance a multi-stakeholder stage in a globaltheater for the discussion of internet governance issues andchallenges relating to cybersecurity, spotlighting cooperationand collaboration

Coordination of Information Security PoliciesCSCSS will work at a global level to establish a coordinatedapproach to information security policies relating to existingcyber-efforts as well as established international polices such asthe Convention on Cybercrime of the Council of Europe (alsoknown as the Budapest Convention on Cybercrime), the leadingtreaty to combat cybercrime internationally

International Cybersecurity Awareness and Workforce EducationAs part of its mandate, CSCSS will focus on building aresponsible and competent workforce through cybersecurityawareness and education research programs.


International Development: Building Capacity, Security, and Prosperity n Provide the essential and required knowledge, awareness,training, and resources to effectively build comprehensivetechnical and cybersecurity capacity, globally

n Develop and disseminate effective and practical internationalcybersecurity best practices on an on-going basis

n Improve the ability, through international-national law, to fight cybercrime on a global level

n Define, focus, and develop critical relationships with policy-makers to enhance technical capacity building through regularand ongoing contact with industry experts and partners

Support Fundamental Freedoms and Privacy in Cyberspace n Support the goals of achieving reliable, secure, and safeplatforms for freedoms of expression and association

n Collaborate with civil society and non-governmentorganizations to establish safeguards protecting their internetactivity from unlawful digital intrusions

n Encourage international collaboration and cooperation foreffective data, information platforms, and systems privacyprotections

n Ensure the end-to-end interoperability of an internetaccessible to all

Cybersecurity Information SharingCSCSS will strive to encourage, incentivize, and protect globalcollaboration and sharing of cybersecurity research and cyber-incident information with government agencies, public-privateindustry, and academia

Privacy and Civil LibertiesCSCSS will promote cybersecurity reforms that define andimplement cybersecurity laws in accordance with privacystandards and globally defined cyber-civil liberties


About CSCSSThe Centre for Strategic Cyberspace + Security Science / CSCSSis a multilateral, international not-for-profit organization thatconducts independent cyber-centric research, development,analysis, and training in the areas of cyberspace, defenceintelligence, cyber security, and science while addressing thethreats, trends, and opportunities shaping international securitypolicies and national cyberspace cyber security initiatives.

CSCSS, as a strategic leader in cyberspace, works jointly withkey partners to address, develop, and define cyber technologies, cyber defence force capabilities, information dominance, andconcept operations. We deliver practical recommendations andinnovative solutions and strategies to advance a securecyberspace domain.

Internationally, CSCSS operates in the United Kingdom, Europe,United States, South America, Australia, and Canada.

CSCSS Collaborative PartnersThe Centre for Strategic Cyberspace + Security Science operatesin a collaborative partnership with agencies and organizationsthat share our commitment to the advancement of Cybersecurity,National + International Security, Cyber Education andAwareness, and Cybersecurity Research and Initiatives.

Contact UsFor more information on the C3i Group, the Centre for StrategicCyberspace + Security Science, its programmes or to find outhow we can help you please contact us.

CSCSS / Centre for Strategic Cyberspace + SecurityC3i GroupWashington D.C + 571.451.0312London, United Kingdom +44 2035141784North America +877.436.6746Middle East +855.237.8767Australia +61 2.8003.7553Email [email protected]

CSCSS.org

The Centre for Strategic Cyberspace + Security Sciencewill continue to engage with industry and nationalpartners in our work to build collaboration on cyberspace issues. This is essential in order to supportinternational and multi-national stakeholder efforts toenhance national-level cybersecurity, build confidence in globally inter-connected networks, and collaborateacross borders to fight the criminal exploitation ofinformation technologies.

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE CSCSS

cscss isc (international strategy for cyberspace)

Technology