At the Seoul International Cyberspace Conference last week, I was listening out for the big advances—if there were any—which had occurred since the previous conference in Budapest. (For what the International Cyberspace Conference process is all about, my first post on The Strategist outlines the details.)
The most notable change in Seoul was the degree of participation from developing nations, who were absent from previous years. This time some 87 nations were represented at the conference, from all corners of the globe. This is welcome, as unlike many of the more developed economies of Europe, China, and North America, many of these nations are still in the process of understanding how they exploit the digital economy to their advantage, building their own capabilities and working out where exactly they stand on the question of internet governance and security.
Ministers from Indonesia, Sri Lanka, Kenya, Lao, Egypt and Jamaica spoke in the two opening sessions. In fact, 43 Ministers and Vice-Ministers were present at the conference. While a very impressive figure, there was a sense that it detracted from the ability to generate the practical outcomes from the meeting that the South Korean Government hoped for, as many of the Ministerial speeches didn’t contain tangible suggestions for work. An additional criticism is that despite this being a multi-stakeholder conference, i.e. inclusive of the private sector and civil society, there was a distinct lack of world leading industry figures alongside the Government representatives, meaning that it was a largely state-led focus for the headline panels—something that needs to be rectified if this process is to succeed.
An additional focus of the conference was an examination of practical ways to enhance global confidence building measures and capacity building. There was violent agreement on this being important, and consensus that it’d be useful to collect data on projects that are already underway. This is potentially an opportunity, being an area Australia’s already active in, and where there are some clear areas of work that could be built upon to demonstrate the art of the possible. For example, despite limited budgets, Australia is working hard on CERT to CERT collaboration and support in the region, both bilaterally and through groups such as APEC-Tel. The AFP is an active player as well; its hi-tech crime unit is reaching out into the region and beyond to assist in capacity building for nations developing their own cyber security structures.
There were big messages for Australia from the Seoul meeting. Firstly, although it could’ve been my increasingly sensitised ears to these issues, Australia received a great deal of praise from many speakers, including the US and Russia, for the role played in chairing the UN Group of Government Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. Despite the stupefyingly unwieldy title, it’s a useful body, which agreed that international law applies in cyberspace, that capacity building for developing nations is important, and that norms of behaviour should be identified in cyberspace. Secondly, continuing the theme of praise, there was mention from a number of speakers of ASD’s top four mitigation strategies for reducing 85% of targeted intrusions, demonstrating Australia’s ‘best practice’ credentials to a global audience.
Third, and most important, was the fact that Julie Bishop, the Minister for Foreign Affairs, attended the conference and gave a speech outlining Australia’s perspectives on the issue. She’s the first minister in the new government to talk about cyber issues, and she’s the first ever Australian Minister to give a speech addressing the international aspects of cyberspace. The impact of this is two-fold. It firstly sends a clear message to international governments that Australia is prioritising the international dimensions of cyberspace, and secondly brings the issue into the Cabinet of Australia. In her speech she made it clear that Australia’s approach to cyberspace was being developed across portfolios, explicitly mentioning Communications Minister Malcolm Turnbull in this context.
Hopefully this will provide the impetus for the topic to be aired at the Cabinet level, which is the level of prioritisation that this issue requires. Actions need to take place at the correct level, and to be coordinated and driven strongly by those Ministers who have aspects of cyber under their jurisdiction. And herein lies the strange irony of attending a global conference on cyberspace where the Minister for Foreign Affairs spoke; the greatest take-away from the meeting was the impact it could have for the prioritisation of the Australian national level discussion on cyber, an impact I’d strongly encourage, but didn’t expect to hear in Seoul.
Tobias Feakin is a senior analyst at ASPI and Director of the International Cyber Policy Centre.