Reasonable Regs vs Red Tape: How Should Governments Tackle the Cyber Intrusion Market

Reasonable Regs vs Red Tape: How Should Governments Tackle the Cyber Intrusion Market

MediaVideo
Yanac

Following recent public revelations about the thriving market in advanced spyware, many governments have wrestled with the question of how to respond to its global spread, and the software supply chain that sits around it. Cyber intrusion companies offer state-level capabilities available to anyone with the means to pay – transforming the cyber threat to us all and posing serious concerns for human rights, national security and the stability of cyberspace. There are clear and legitimate uses for many of these tools. However, the UK and other governments are concerned that, too often, capabilities can be developed, sold and used without the necessary oversight or safeguards in place. How can governments collaborate with industry partners to make the commercial cyber intrusion sector work better for security and society, without tying the market up in ineffective red tape?

In February 2024 the UK and French governments launched the Pall Mall Process, an international initiative between states, industry and civil society that looks to find a way through this and establish a framework to foster responsible behaviour in the developers building these tools, the companies selling them, and the states exporting, buying or using them. Over the past few months, the UK and French governments have been consulting widely among relevant industry, as well as other governments, academics and civil society representatives about what they think good practice looks like when it comes to ‘responsible activity’ across the commercial cyber intrusion market. In this briefing we will share the outcomes of that consultation, explain what the Pall Mall Process’ next steps might mean for you, and how you can get involved.

By:
Benjamin Walden | Head of Proliferation Policy, Cyber Policy Department, UK Foreign, Commonwealth & Development Office

Full Abstract Available:
https://www.blackhat.com/eu-24/briefings/schedule/#reasonable-regs-vs-red-tape-how-should-governments-tackle-the-cyber-intrusion-market-42652Black HatRead More