Lunch over IP

This week I spent a few hours at the headquarters of a UN agency in Geneva with an interesting group of about 30 people from all over the world discussing global security threats. Security in the broadest sense - physical, national, social; risks and safety; public health problems and developmental issues and vulnerabilities of critical infrastructures; "hard" power and "soft" power.

The meeting was convened under Chatham House rules, which state that the content of a discussion can be reported but not namely attributed. So, in using the blog as a notepad, here are just a few running notes/quotes:

An Asian geopolitical expert talking about likely developments in global security: "the US as a superpower (values, moral authority, "soft power", share of world economy) will decline, while their "superforce" (money, tech, military) will get strengthened; terrorism will decline and extremism will grow; there will be a strong demand for multipolarity, for a redistribution of global power, driven by China, Russia and Iran; access to resources, energy but especially water, will be key grounds for conflicts".

A North-American public health expert: "We are witnessing the emergence of drug-resistant strains of tuberculosis, and there are no antibiotics for tuberculosis in the pipeline right now, and it's growing; and we could also talk about malaria and its relationship to climate change, and mutating and everchanging strains of influenza, all this is known by experts but ignored at large".

The same expert: "In Canada the reproductive rate of native Canadians is 1.6. Which means that Canadians are not replacing themselves. It's safe to say that in 5-10 years 100 percent of the growth in workforce will come from outside. In France the reproductive rate is 1.2, in Italy 1.1. No human group has ever come back from such a low reproduction rate. Which basically means that Italians will be replaced".

A European IT expert: "Hackers are getting more targeted and sophisticated. They are not at it for the "beauté du geste", for glory anymore, but for money. We're seeing a shift from hackers to attackers: they not only steal data, but they want to blackmail, to destroy your brand, your credibility, your company".

A North-American IT expert: "We're now in an era of network-centric warfare, getting inside critical network systems to steal data or manipulate them, or take the networks down. And these threats exist, are actual, are being used, you have every day countries network-attacking each other. Defenses are also getting more sophisticated, but attackers will always have the advantage".

A European cryptologist: "We should never forget two things: security is a trade-off, it is never absolute; and you cannot un-invent technologies".

A European IT expert: "The biggest problems is so-called social engineering: people are not careful, they behave wrongly or stupidly. A few USB keys containing a virus were dropped around a company's parking lot: people picked them up and plugged into their computers and it took 15 minutes for the authors to get control of the company's network".

A European academic: "Responses to security threats used to be mostly about containing, patrolling or sealing off borders, etc. Now we're engaged in the monitoring of flows of people, goods, data".

A European crisis specialist: "There is too much fragmentation in the way security threats are assessed and responses are developed. Interconnectedness is growing, but governments have organizations devoted to different sides of security that don't talk to each other, and of course those focusing on "policing" responses don't talk to those focusing on "developmental" responses don't talk to those focusing on prevention, and things are made worse by the lack of standards even for basic things like being able to communicate".

A North-American consultant: "In terms of public perception, often security issues are ultimately parochial. It's about the "beaver problem" in Montana, that of the farmer telling how beavers "are building more dams, and flooding my land: security to me is the beaver problem, and the government is not doing enough".

Someone also mentioned that next week in Athens, at the UN's Internet Governance Forum (see this previous post), the adoption of a "Global Cybersecurity Charter" may be put on the table, possibly (am not making this up) by China.