This week, on the eve of the Council of Europe’s annual Cybercrime conference, Microsoft and the Council of Europe signed a cooperation agreement on the new Cybercrime@Octopus project. Through this project, the Council of Europe will assist countries across the world in implementing its Convention on Cybercrime, while strengthening data protection and rule of law safeguards.
The renewed focus of the project on rule of law and data protection safeguards is welcome, as we believe those are essential to enhance both security and the privacy of citizens’ data, and ultimately to ensure the trust of our customers. We strive for an active contribution to the ongoing dialogue in this space and are thrilled to continue this great partnership with the Council of Europe, which traces back almost a decade.
I have also been given the opportunity to speak at the Octopus conference, where I focused my remarks on major trends impacting companies and citizens, on Microsoft’s approach to privacy and security, as well as on our efforts to advance in the global fight against cybercrime. I shared a panel with three experts in this field: Yun Byung-se, Minister of Foreign Affairs of South Korea, where this year’s conference on cyberspace took place, Dmitry Alexandrovich Volkov, Group IB, Russian Federation, who spoke about trends in cybercrime as well as Eduardo Azeredo, Brazilian Chamber of Deputies, where the government has initiated a debate on how to increase national security measures. The panellists shared a common view: fighting cybercrime is of a global nature. Europe, Asia and Latin America are and need to be part of the global dialogue on privacy, security and the fight against cybercrime, taking into account current regulatory safeguards as well as jurisdictional challenges.
The awareness on these issues is growing in the light of an increasingly connected society with exponential growth and travel of data around the world. Headlines on cyber security attacks and recent surveillance revelations, notably unfolded by Edward Snowden, support this trend.
Citizens of democratic countries around the world should be able to trust that governments will effectively fight cybercrime and defend national security, whilst at the same time respect fundamental rights, including the privacy of the individual. It is crucial that our customers are able to trust us when they are using our services and products. Consequently, we are committed to secure the privacy of our customers’ data, as well ensuring that their personal information is managed and transferred in a secure way.
Defending against cybercrime also entails partnering with others. Governments, industries, users and civil society need to collaborate to strengthen the resilience of our network.
Take the example of the so-called Bring-Your-Own-Device dilemma (BYOD). Users and employees are increasingly mobile and demand using personal devices to access business networks. IT departments may not have total control over the choice of devices, which leads to potential vulnerabilities of networks. Thus, users and IT departments have to work hand in hand, applying appropriate corporate access controls to containment and procurement policies.
In addition, last month we have been reinforcing our engagement through the establishment of a Cybercrime Center at our headquarters in Redmond. The objective is to eliminate cyber threats to Microsoft’s business, customers and the full digital ecosystem. Today we are able to offer a Cyber threat Intelligence program to share the insight gained from taking down 7 Botnets within the last 3 years (most recently Citadel Botnet.) We took them down in real time while collaborating with Internet Service providers and the Computer emergency response teams (CERTs.)
Finally, Microsoft supports consistent international legal frameworks, for both protection of personal data as well as prosecution of cyber-criminal activity. Our renewed partnership with the Council of Europe will continue to build on previous efforts to increase international cooperation and standards.