Digital Geneva Convention | Whitepaper
The global dialogue on cybersecurity norms is evolving from a conceptual discussion about nation-states’ rights and responsibilities, toward an articulation of norms of state and industry behavior. These proposals vary in their prescriptions and subject areas.
In this Whitepaper, Microsoft examines the current discussions and:
- Puts forward an organizing model for developing cybersecurity norms, built around three categories of proposed norms: offensive norms, defensive norms, and industry norms.
- Outlines the key elements necessary for further refinement of these proposals, using our four-part framework of actors, objectives, actions, and impacts.
- Turns to the problem of implementation of cybersecurity norms, outlining proposals on how to verify compliance with agreed-upon norms and finding new ways to deal with the challenges related to attribution.