Working together to ensure trust in and the security of cyberspace: our contribution to the Paris Call consultation

Anastasiya Kazakova, Public Affairs Manager

Arnaud Dechoux, Public Affairs Manager Europe

The French Ministry of Europe and Foreign Affairs has released the results of the Community consultation launched within the Paris Call for Trust and Security in Cyberspace. Kaspersky, an early signatory and strong supporter of the Paris Call, was among the 100+ stakeholders to participate in this consultation aimed at learning more about the practices, concerns and expectations of private sector entities, civil society organizations, the technical community, and public or local authorities in the field of cybersecurity, cyberdiplomacy and capacity building.

In our contribution, we shared our vision on the upcoming developments in cybersecurity and our cyber-immunity approach to tackle them, as well as concrete proposals to secure the digital world.

Some insights on the key takeaways from the Paris Call consultation (source):

• Acting responsibly to protect internet users and advancing product security. Over 70% of respondents firmly believe that providers of digital services and products should have a duty of care to protect their users from online risks. This is also our strong belief, and it is what we are addressing today with our Global Transparency Initiative (GTI), namely, our data care measures, Transparency Centers, Vulnerability Management program, and others measures to enhance the security and integrity of software. Another concrete example is the recently published Ethical Principles for Responsible Vulnerability Disclosure, laying out how we work with researchers and the broader security community to manage security flaws in software products and thus ensure the security for users.
• Time to invest in cyber capacity building. Over a quarter of respondents mention training of employees and practitioners as the main capacity building need of their organization or country. We also identified this need on a worldwide level, and announced in May 2020 the Cyber Capacity Building Program, a dedicated training program on product security evaluation to help businesses, government organizations and academic institutions develop skills for assessing their supply chain cyber-resilience. To be a part of it, please click here.
• Multi-stakeholder cooperation is the only way: the consultation confirms that governments, the private sector and civil society are sometimes seen as having diverging priorities and objectives, which can impede multi-stakeholder cooperation. Nevertheless, cooperation involving all parties is more necessary than ever as today’s cyberspace knows no borders and broad expertise is needed to make it safer. The Paris call is one such platform that allows dialogue for all.

We are proud to renew our support to the Principles of the Paris Call as well as the UN Open-Ended Working Group (OEWG) – both fundamental for the maintaining of peace and security in the digital sphere. Within both tracks we strongly support further multi-stakeholder efforts to operationalize rules, norms, and principles that contribute to security of cyberspace through, in particular, strengthening critical infrastructure protection and ICT supply chain resilience. In this regard we continuously support and call for the development of concrete tools – including security baseline requirements, best practices, and certification processes – together with cybersecurity experts both from technical community and the private sector.

Please click here to download our contribution to the Paris Call consultation. The French Ministry of Foreign Affairs’ analysis of replies to the consultation is available here, while the original survey data can be accessed at data.gouv.fr.