The MIT ECIR  workshop was featured on theCUBE all week long.  The Explorations in Cyber International Relations is an important event designed to elevate knowledge of the numerous issues in the world of international cyber relations from various disciplines, but focusing quite a bit on governance and cyber security.  What the average person may not consider is that the internet is not static, it’s always changing and as explored throughout the event, there is quite a bit that is going on in the background that will define how the internet works in the future.

If you zoom out to the big picture, the internet is still in its infancy in terms of governance.  There are only but a handful of bodies in place to govern the net, and a lot of that to date has been very U.S.-centric.  If you put your ear to the ground you can pick up the transition of this model to a multi-state model.  Any time you bring in multiple entities into the picture, we’re talking about a lot of competing interests, concerns and positions that need to be considered.  The ramifications – significant and with an incoherent strategy it could mean a fractured internet, standards and control all over the place.

Notably, Brazil has been helpful in the multilateral discussion as they are representative of a country in the middle of a range of countries, and they have managed their own internet for close to 20 years with a body that has many stakeholders.  This could be the model for a kind of blueprint for the cooperation needed to making progress in governance.

The drive for democratizing these bodies like ICANN is to create a more inclusive governance that has a more global perspective.  The key through all this is to try and ensure that the internet does not fragment or splinter, something that is a real threat given the current climate of affairs throughout the world.  The impact could be financially significant and ultimately, the growth of the internet to the internet population of the world would be significantly affected.  The overall takeaway here is that the time to fix this and sort this out needs to start now.  It’s an interesting line of freedom versus politics versus economic pressures that played out throughout the coverage.

Security as a global concern

Security was another big topic.  We’re in a time of high adventure in the age of Snowden, cyber espionage, state-sponsored hacking and cybercrime.  The overwhelming tone at the event was that emerging security solutions were certainly welcome to the scene including tools like analytics, open source solutions and the global companies that are helping drive those security efforts.  Technology however is not the final answer however and that is a big part of why these discussions are taking place.  On the whole, changes need to take place as there is an opportunity to build better security not only in products, but in policy as well.  It is too often the case that getting by with the minimal of security with the inclusion of products, but missing on the points of policy like user behavior, governance and so forth.  Data-focused security is another welcome development where by protecting data at every stage possible, the posture of security is enhanced.  That kind of focus has some ways to go however as it needs to be incorporated into standards, products and policy.  Still there’s a lot of visionary companies and groups driving this and with such movements like the “Internet of Things” and the continued proliferation of mobile devices, it will be a critical tactical approach to security that will benefit users.

The scale and global nature of the internet means big security challenges and this is a foundation of these important discussions.  In the private sector, corporations must certainly be tuned to the developments, but wrestle with their own security approach.  The role of Chief Data Officer is one that many organizations are considering for their own business goals and needs.  It’s a role that incorporates a number of disciplines including security, risk and business continuity among others.  The big news is that especially if organizations are international, they need to consider these developments and whether a Chief Data Officer is critical.  The state of the internet and security is one where a single party can affect an organization or wide group of people.  Reducing threats on one side, while encouraging use and growth on the other is the challenge of the day and the shadow it casts affects individuals and organizations alike.

The threat of fracturing

If you look at some of the efforts to self-manage like German groups are proposing and even China proposing its own root servers, it is very clear that these are events that are clearly real and happening right now.   A big challenge in getting this straightened out will be trust.  There’s a lot of cyber-espionage issues, a lot of mistrust in what the eventual goals of certain countries may be with increased roles, there are human rights and freedom issues, the list just goes on.  The hope is that some level of openness can be maintained and it starts by rebuilding trust.  One prevailing thought is that not only would this create stability and a steadier future for the internet, but by keeping the nature of the governing structure distributed, the security of the internet would also be increased.  Fragmentation has another very stark effect and it is financial in that if the internet were to significantly fragment, there would be an incredible increase in costs in the world of commerce and information exchange.

Will the end come in 18 months or will the research being done by ICANN and ongoing developments result in a stable and secure internet?  Time will tell, opinions are all over the place, but there it is clearly a contentious point in time in the story of the internet.