One of PCH’s long-term efforts has been to encourage governments to restrict their use of offensive cyber attacks against civilian networks. We've successfully gotten that effort out of the U.N., where it was floundering, and into a well-supported stand-alone commission. It’s being taken seriously by governments, and will be one of the main topics under discussion at the Global Conference on Cyberspace in Delhi next week.
The work has been divided into two working-groups: one is addressing the question of what a norm should say (i.e. “Governments shouldn’t cyber-attack X”). The other is addressing the question of what infrastructures should be protected (i.e. what is the X that shouldn’t be attacked). I’m chairing that second working group. The main thing we’re delivering in Delhi is the result of a survey of what infrastructure people think should be protected. That survey is still open, and we’d like as many people to respond as possible. So, please consider doing so. It’ll only take a couple of minutes, and it’s a critical part of an admittedly very lengthy process to make your life easier.
https://www.surveymonkey.com/r/criticalinfrastructure
Much appreciated,
-Bill
Links in case you want to pursue further reading on the things I’ve mentioned above:
https://en.wikipedia.org/wiki/Eligible_Receiver_97
https://lawfareblog.com/un-gge-failed-international-law-cyberspace-doomed-we...
https://cyberstability.org/about/
https://en.wikipedia.org/wiki/Global_Conference_on_CyberSpace
-Bill