Joseph S. Nye of The Daily Star on world governments finally nearing the moment of developing international cyber norms:
Until recently, cybersecurity was largely the domain of a small community of computer experts. When the Internet was created in the 1970s, its members formed a virtual village; everyone knew one another, and together they designed an open system, paying little attention to security.
Then, in the early 1990s, the World Wide Web emerged, growing from a few million users then to more than 3 billion today. In little more than a generation, the Internet has become the substrate of the global economy and governance worldwide. Several billion more human users will be added in the next decade, as will tens of billions of devices, ranging from thermostats to industrial control systems (the “Internet of Things”).
All of this burgeoning interdependence implies vulnerabilities that governments and nongovernmental actors can exploit. At the same time, we are only beginning to come to terms with the national-security implications of this. Strategic studies of the cyber domain resemble nuclear strategy in the 1950s: Analysts are still not clear about the meaning of offense, defense, deterrence, escalation, norms and arms control.
While this is primarily commentary and does not contain anything substantive, it is still well worth reading. Development of international cyber norms is increasingly becoming more important as cyberspace is adopted as a warfare domain around the world.
It will be interesting to see what norms are adopted and whether or not world governments actually adhere to their obligations. Considering how difficult attribution is, and how easy it is to pin a cyber attack on an unsuspecting nation, I find it hard to believe the more rogue countries like China and Russia will actually follow-through on such deals.
They will look at you eye-to-eye and with a smile, shake your hand in agreement, all the while their cyber attack squadrons are conducting computer network operations against you and fingerprinting the attack so its signature appears to be from a completely different actor.