Estonian ex-foreign sec urges governments: Get cosy with the private sector on cybersecurity

Marina Kaljurand thinks the days of going it alone are over


Black Hat Governments need to "turn from public private partnership slogans to real partnerships" on cybersecurity, former Estonian foreign minister Marina Kaljurand told the Black Hat infosec conference in London this morning.

In a wide-ranging speech where she talked about everything from diplomacy to the relationship between states, laws and the private sector's ability to help deliver cybersecurity policies online, Kaljurand emphasised that a nation is just one actor among many when it comes to online mischief.

"Cyber is so wide that states alone cannot be sufficient in providing security," she said. "It is a space where the private sector owns nearly all digital and physical assets and has the best experts. It's the sphere where civil society can produce norms, recommendations for responsible state behaviour, it is a space where civil society is also the watchdog of civil rights."

Kaljurand, a member of Estonia's social democratic party, drew on her experiences as foreign minister to call for closer relations between governments and the private sector on cybersecurity – a bold thing to say in the UK, where the approach until relatively recently was to look after itself and let the private sector sink or swim. Even now, the British state prefers growing its own cybersecurity talent.

"I would argue that states and governments have a unique role in ensuring cybersecurity. But for the first time in the history of my planet, states alone cannot be sufficient. It is very different from what we're used to seeing today with weapons of mass destruction, nuclear weapons weapons and so on."

The former Estonian minister also addressed the eternal question of attributing nation-state-backed cyber attacks to their originators. Though she praised the UK for attributing NotPetya to Russia; she was forthright in condemning EU countries' largely equivocal response at the same time. "That immediately raised the question, where is Germany, where's France, where is Italy? Where are others?... The [EU] statement was really poor and weak."

Kaljurand concluded by repeating her call for greater cooperation between states and the private sector, something Estonia has pioneered – to the point where the Baltic nation now hosts the NATO Cooperative Cyber Defence Centre of Excellence, building on Estonia's long history of facing down Russian cyber-naughtiness.

"State practice creates the norms by which cyber is governed. Nobody argues that international laws don't apply to cyber; the question is how." ®

Similar topics

Broader topics


Other stories you might like

  • IBM buys Randori to address multicloud security messes
    Big Blue joins the hot market for infosec investment

    RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.

    Big Blue announced the Randori buy on the first day of the 2022 RSA Conference on Monday. Its plan is to give the computing behemoth's customers a tool to manage their security posture by looking at their infrastructure from a threat actor's point-of-view – a position IBM hopes will allow users to identify unseen weaknesses.

    IBM intends to integrate Randori's software with its QRadar extended detection and response (XDR) capabilities to provide real-time attack surface insights for tasks including threat hunting and incident response. That approach will reduce the quantity of manual work needed for monitoring new applications and to quickly address emerging threats, according to IBM.

    Continue reading
  • OMIGOD: Cloud providers still using secret middleware
    All the news you may have missed from RSA this week

    RSA Conference in brief Researchers from Wiz, who previously found a series of four serious flaws in Azure's Open Management Infrastructure (OMI) agent dubbed "OMIGOD," presented some related news at RSA: Pretty much every cloud provider is installing similar software "without customer's awareness or explicit consent."

    In a blog post accompanying the presentation, Wiz's Nir Ohfeld and Shir Tamari say that the agents are middleware that bridge customer VMs and the provider's other managed services. The agents are necessary to enable advanced VM features like log collection, automatic updating and configuration syncing, but they also add new potential attack surfaces that, because customers don't know about them, can't be defended against.

    In the case of OMIGOD, that included a bug with a 9.8/10 CVSS score that would let an attacker escalate to root and remotely execute code. Microsoft patched the vulnerabilities, but most had to be applied manually.

    Continue reading
  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading

Biting the hand that feeds IT © 1998–2022