Microsoft has a clear view on cybersecurity norms: global information and communications technology (ICT) companies, like nation-states, must also adhere to some agreed-upon norms.
In a report headed up by Scott Charney, Microsoft’s corporate vice president for trustworthy computing, the company says that before international cybersecurity laws can be enacted, nation-states and global ICT companies must agree upon a set of norms. The report maintains that it’s very risky for the world to enact cybersecurity laws because it lacks scenario experience.
“This is really a new area,” says Bruce McConnell, global vice president of the EastWest Institute. “And as we move to the Internet of Things, it really doesn’t help to continue talking about doomsday scenarios. I understand why people might be skeptical about cybersecurity norms, but it’s certainly a good place to start.”