This year’s RSA Conference in San Francisco brings the world’s security professionals together to discuss cybersecurity at a critical time. The past year has witnessed not just the growth of cybercrime, but a proliferation in cyberattacks that is both new and disconcerting. This has included not only cyber-attacks mounted for financial gain, but new nation-state attacks as well. As engineers and other employees across the tech sector meet in San Francisco, we need to ask ourselves what our response should be.
We should start by acknowledging that no single step by itself will be sufficient to address this problem. Of course, each of our companies needs to continue to do more to protect and defend our customers around the world, and at Microsoft we’re focused on doing precisely that. So are others across the industry. But in addition, the time has arrived to call on the world’s governments to implement international rules to protect the civilian use of the internet.
Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace. And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies. The tech sector plays a unique role as the internet’s first responders, and we therefore should commit ourselves to collective action that will make the internet a safer place, affirming a role as a neutral Digital Switzerland that assists customers everywhere and retains the world’s trust.