COLLABORATIVE SECURITY An approach to tackling Internet security issues Introduction Internet security depends not only on how well you manage your own security risks, but also how you manage security risks that you may pose to others. If you act independently and solely in your own self-interest, the security of the Internet be impacted, and the overall pool of social and economic potential that the Internet offers the global community could be diminished. “Collaborative Security” is thus an approach to tackling Internet security issues that involves voluntary, multistakeholder cross- border cooperation and collaboration. It is premised on an understanding of the fundamental properties of the Internet as well as an appreciation of the complexity of the cybersecurity landscape. The Internet is a network of networks without centralized control. As such, the security of the Internet cannot be maintained by one entity. All stakeholders must thus collaborate and share the responsibility for addressing Internet security issues. The challenge is in how to achieve cybersecurity strategies while respecting fundamental human rights, properties, and values (i.e. privacy). The Internet is for everyone and we must work together to realize it’s full potential.

Elements of the Collaborative Security Approach Fostering confidence and protecting opportunities Collective responsibility Fundamental properties and values Evolution and consensus Think globally, act locally Elements of the Collaborative Security Approach 1 2 3 4 Elements of a “Collaborative Security” framework: The Internet enables opportunities for economic and social prosperity globally. The starting point for Internet security should be what solutions are need to preserve those opportunities and foster confidence in the Internet. The security of the Internet is a shared responsibility. We will all be secure only when we are protecting ourselves – and our neighbors. Security solutions must preserve the fundamental, open nature of the Internet as well as fundamental human rights, values, and expectations (such as privacy and freedom of expression). Achieving security objectives, while preserving these fundamental properties, rights and values is the real challenge. We must find solutions that build on lessons learned, which are developed by consensus, and which will evolve to meet whatever new threats emerge. Commercial competition, politics and personal motivation play a role in how well collaboration happens. But differences can be overcome to cooperate against a threat. Solutions should be implemented by people at the closest point where they can have the most impact. This is called the subsidiarity principle. Think globally, but act locally. 5

1 2 An Internet security paradigm should: Foster confidence globally, Protect social and economic opportunities, and Advance objectives in design and in practice. 2 Internet participants have: A common interest in the management of the Internet to ensure its sustainability, and A collective responsibility to care for the Internet for the benefit of everyone. Fostering confidence and protecting opportunities: The Internet enables opportunities for human, social and economic development on a global scale. These opportunities will only be realized if Internet participants have confidence that they can use the Internet securely, reliably, and privately. Security solutions must, in design and in practice, foster confidence in the Internet and protect opportunities for economic and social prosperity. Otherwise, security solutions may go too far, thereby jeopardizing the very infrastructure that ties together the global economy and provides the engine for its growth. EXAMPLE: An ISP locking down a firewall may provide better security but would stifle innovation, because some applications won't be accessible without prior configuration. Collective responsibility: The Internet is a global interconnected network of networks. Participation on the Internet means global interdependency. In an interconnected interdependent system, no one participant can achieve absolute security. No security solutions exist in isolation. Internet security depends on how well participants manage both their own security risks and the outward security risks that they may pose to others (whether through their action or inaction). These factors mean that Internet participants have: a common interest in the management of the Internet to ensure its sustainability; and a collective responsibility to care for the Internet for the benefit of everyone. If Internet participants act independently and only in their own self-interest, the security of the Internet will be impacted. In addition, the overall pool of social and economic potential that the Internet offers the global community will be diminished. As such, Internet participants must see cybersecurity as a long-term investment for the benefit of everyone. It is not enough to ask that participants take responsibility just for their part of the Internet ecosystem. Collective responsibility extends to the system as a whole, and requires a common understanding of the problem, shared solutions, common benefits, and open communication channels. Multistakeholder cross-border collaboration is an important component of collective responsibility. Its success depends on trustful relationships – between nations, between citizens and their government, between operators, service providers, and across all stakeholder groups. EXAMPLE: Mutually Agreed Norms for Routing Security (MANRS) demonstrates how industry players have been able to turn to the principles of collective responsibility to voluntarily address issues of resilience and security in the Internet’s global routing system. Traditional, government-led regulatory approaches are not effective and agile enough for the global Internet.

3 4 Security solutions should be integrated to preserve the: Internet Invariants, and Fundamental human rights, values, and expectations. 4 Agree on the problem and then find the solution. Security solutions need to be: Flexible enough to evolve over time, Responsive to new challenges, Resilient against change and threats, and Take an open, consensus-based participatory approach. Fundamental properties and values: The Internet Invariants are the fundamental properties of the Internet. They include: open standards, voluntary collaboration, reusable building blocks, integrity, permission-free innovation, and global reach. Security solutions must preserve these fundamental properties of the Internet and fundamental human rights, values and expectations. All security solutions are likely to have an effect on the Internet’s operation and development, as well as on the rights and expectations of Internet end-users. Such effects may be positive or negative. EXAMPLE: If we weaken cryptography, we hurt only the well-meaning and law-abiding citizens who rely on companies to protect their data. Criminals and bad actors will still encrypt their data, using the tools that are readily available to them, but consumers might loose trust in the technology. Removing bad parts can also kill good parts. Evolution and consensus: Technology is going to change. Security threats will adapt to take advantage of new platforms and protocols. Therefore, security solutions need to be responsive to new challenges. Solutions that build on “lessons learned” make the Internet more resilient to threats. Solutions can be incremental. Even if a problem can not be solved completely, you might be able to make the vulnerability less attractive to malicious actors. Be open to testing disruptive or non-traditional ideas. Experience suggests that an open, consensus-based participatory approach is the most robust, flexible and agile. Processes which draw upon the interests and expertise of a broad set of stakeholders are more likely to lead to success. EXAMPLE: Encryption keys that are strong enough today will not be strong enough in the future. Technology and practices should be flexible and evolve over time to maintain the security and stability of the global Internet.

5 Security solutions should involve communities: Of different players taking action closest to where issues occur, That are the smallest, lowest, or least centralized link in the chain, Formed in a bottom-up, self-organizing fashion, and That effectively and efficiently define and implement solutions based on interoperable building blocks. Think globally, act locally: The security of the Internet cannot be maintained by any one entity or organization. Creating security and trust in the Internet requires different players (with different roles and responsibilities) to take action. Solutions should be implemented by the smallest, lowest or least centralized competent community at the point in the system where they can have the most impact. Communities often form spontaneously in a bottom-up, self-organizing fashion around specific issues (i.e. spam, or routing security) or a locality (i.e. protection of critical national infrastructure or security of an Internet exchange). Solutions should be based on interoperable building blocks – i.e. industry-accepted standards, best practices and approaches. Solutions must not undermine the global architecture of the Internet or curtail human rights, because the Internet is for everyone. EXAMPLE: RIPE works with diverse technical actors, in an output-orientated multistakeholder approach, to make fast policy decisions. The smooth running of the Internet depends on the involvement of those who give their input where they can help and implement changes on a voluntary basis.

Download the Briefing Paper Questions? Conclusion: People are what ultimately hold the Internet together, so we have to work together in order for the Internet to realize its full potential. We must have an Internet that is both secure and open, and where participants trust it is a tool for empowerment and prosperity. We need greater collaboration on security issues, and to work faster at getting things right, so that the Internet can grow and flourish. Download the Briefing Paper