International security pacts vital, but trust needed
Cross-border security pacts are increasingly relevant as these can help fight cybercrime, allow governments to share threat information and open channels for communication, say security observers. The challenge will be in fostering trust among traditional rival countries and enforcing the agreements, though.
Phyllis Schneck, vice president and CTO of McAfee's public sector arm, noted that such agreements between governments are necessary due to the global nature of cybercrime.
Additionally, these provide the structure and context for partner countries to share information on threats, and enable governments and companies to collaborate in ways to effectively fight cybercrime while ensuring privacy for their citizens are protected, she added.
Ashar Aziz, founder and CEO of FireEye, added that the allies can now open up communication channels to avoid unintended consequences. This is important in the online arena as it helps avoid possible escalation of tension due to miscalculated attacks, for example, he explained.
This point was reiterated by the U.S. defense secretary Leon Panetta, who said in May that because the United States and China have been subjected to cyberattacks in the past, both countries have developed technological capabilities in this arena. However, he stated that it's "extremely important" that they worked together to develop ways to avoid any miscalculation or misperception that could lead to crisis.
Aziz went on to warn that online threats have changed radically in just a few years while cybercriminals have also evolved from engaging in the "broad, scattershot approach" of mass market malware to developing customizable malware to "steal sensitive and insider information. They can do so using commercial toolkits to build malware effective at penetrating secure corporate networks, he added.
With the changing security landscape, cross-border agreements take on additional importance in preventing social and economic fallouts from cyberattacks, he surmised.
Real-time intelligence needed
To ensure that the pact is effective though, the CEO said relevant technologies to provide real-time, situational awareness is vital. He explained that real-time malware analysis, continuous threat monitoring, and geo-attribution capabilities need to be deployed to augment the agreements and prevent tensions from rising should any of the state partners suffer a cyberattack.
The collated information from these systems can also be shared to facilitate the prosecution of online crimes, he added.
Schneck added that with the global interconnected structure of the Internet, a key challenge would be to correlate real-time intelligence from multiple sources and countries. This is why international cooperation is needed to facilitate this and fend off online threats.
"This degree of situational awareness is crucial in being able to address the real-time cyber challenges governments and private sectors confront today," she said.
An example of this is the agreement U.S. currently enjoys with its European Union counterparts, the CTO pointed out, adding that it was well thought out and working well. Both parties have good incentives to collaborate and take an active role in information sharing, cybersecurity exercises, and policy developments, Schneck highlighted.
Overcome trust issues
However, such international security agreements may be difficult to enforce should there be a lack of trust among ally governments, said the McAfee executive.
In order to engender trust, she suggested countries create initial confidence-building measures during the process of negotiating the terms of the pact. There should also be strong incentives to cooperate included in the treaty, she added.
Enforcing the treaty and accurate accounting of their actions will be challenges too, Aziz noted. For example, the policing of allies' actions to see if they comply to the agreement can create disputes unless there is a set of technologies in place to mitigate this and protect against violations.