Q1/2019 - Microsoft - Tech Accord

March 2019

Microsoft drew a positive balance of the political digital agenda it has been operating since 2015 and announced that it was going to found a Cyber Peace Institute in cooperation with other partners from the private sector (Hewlett Foundation, Mastercard) in May 2019. The new institute shall help state and non-state players to better protect themselves against cyber attacks. Microsoft informed that the new initiative built on the experience from the TechAccord (with by now more than 90 member companies[1]) and the “Digital Peace Campaign” (with more than 100,000 signatures from 140 countries[2]) and also took into account the criticism that had been uttered, in particular with regard to the 2016 proposals of a Digital Geneva Convention and a so-called “Attribution Organisation”. The new institute was planned to be organised as an NGO seated in Switzerland or The Netherlands.

Mehr zum Thema
  1. [1] See: Tech Accord, in: https://cybertechaccord.org/. On 27 March, the Tech Accord signed a “Technical Specification for IOT Security” that had been adopted by the European Telecommunications and Standardization Institut (ETSI). “The Code sets out thirteen security guidelines that manufacturers of IoT consumer devices are encouraged to implement, including: 1. No default passwords; 2. Implement a vulnerability disclosure policy; 3. Keep software updated; 4. Securely store credentials and security-sensitive data; 5. Communicate securely; 6. Minimize exposed attack surfaces; 7. Ensure software integrity; 8. Ensure that personal data is protected; 9. Make systems resilient to outages; 10. Monitor system telemetry data; 11. Make it easy for consumers to delete personal data; 12. Make installation and maintenance of devices easy; and 13. Validate input data.” See: Cybersecurity Tech Accord Signatories Endorse ETSI Technical Specification for IoT Security, 27 March 2019; in: https://cybertechaccord.org/cybersecurity-tech-accord-signatories-endorse-etsi-technical-specification-for-iot-security/
  2. [2] See: Digital Peace Now; in: https://digitalpeace.microsoft.com/