'Digital Geneva Convention’ On the Cards?

Cyber Security Investing

Microsoft are raising the issue of digital warfare and championing web safety.

The US Federal cybersecurity market is estimated to grow from $18 billion in 2017 to $22 billion by 2022. Cyberattacks have recently been occurring at the highest levels of global governments, and possibly stemming from the very same sources. This affects the whole world, not just leaders and politicians. This issue is the crux of Microsoft (NASDAQ:MSFT) president Brad Smith’s speech, “Protecting and Defending against Cyberthreats in Uncertain Times”. He presented at RSA Conference, whose mission is to connect and empower the world with expert advice on staying ahead of cyber threats.
A blog post accompanied the talk and here he outlines the need for a ‘Digital Geneva Convention’, in response to the rise in state-sponsored cyber attacks. The Fourth Geneva Convention protects civilians in times of war and Smith is clearly drawing parallels with a war fought on a new, virtual front. In this analogy, technology companies are now the Red Cross, “the internet’s first responders”.

The problem

In 2015 government experts at the United Nations recommended cybersecurity norms “aimed at promoting an open, secure, stable, accessible and peaceful ICT environment”. These, however, haven’t been in effect and Smith calls on leaders to implement these measures. Smith points to the following examples as acts of aggression occurring within a vacuum of international policy.

In 2014, Sony (NYSE:SNE) was hacked and this was attributed to North Korea, because of the film The Interview. Embarrassing private details like company emails, personal employee information and executive salaries, were made public.
In 2016, the US election email hacks were attributed to Russia, who were politically motivated to see a Trump presidency. The hacking of Democratic Party emails harmed Clinton’s campaign. Nation-state attacks are growing in number and size and this incident was a demonstration that no person is too big, or visible, to target.

The proposal

No targeting of tech companies, private sector, or critical infrastructure
Assist private sector efforts against cyber attacks
Report vulnerabilities to vendors, instead of leaking them to the press or selling them online
Exercise restraint in developing cyber weapons
Commit to nonproliferation activities
Limit offensive operation and do not aid governments in such activity

Microsoft are spending $1 billion every year in the security field and Smith hopes that others will follow suit. He wants to protect customers on the internet, and by extension, investors. Companies and investments can be undone by a cyber attack so investors would do well to invest in cybersecurity companies, as well as investing in other technology companies, who hopefully have big security budgets.
Don’t forget to follow us @INN_Technology for real-time news updates!
Securities Disclosure: I, Emma Harwood, hold no direct investment interest in any company mentioned in this article.