Cybersecurity Tech Accord

Microsoft, Cisco, Facebook, HP, Nokia, Oracle and others vow to move cybersecurity forward and defend all of their customers worldwide against cyber warfare. Overall, the Tech Accord covers four core areas— stronger defense, no offense,  capacity building, and collective action as described below.

The Cybersecurity Tech Accord website, companies held their first meeting during the security-focused RSA Conference taking place in San Francisco. It also makes it clear the Accord remains open to new private sector companies, regardless of size and sector, as long as they are trusted and have high cybersecurity standards.

The Cybersecurity Tech Accord sets forth four principles:

First Core: Protect all of our users and customers everywhere. Whether they be individuals, organizations or governments and irrespective of their technical acumen, culture, location or the motives of the attacker, whether criminal or geopolitical. As an industry, we have pledged today that we will design, develop and deliver products and services that prioritize security, privacy, integrity and reliability, and in turn reduce the likelihood, frequency, exploitability and severity of vulnerabilities. This includes stronger protections of democratic institutions and processes around the world.

Second Core: Oppose cyber-attacks on innocent citizens and enterprises from anywhere. As we have stated in the Tech Accord, we will protect against tampering with and exploitation of technology products and services during their development, design, distribution and use. We will not help governments launch cyberattacks against innocent citizens and enterprises.

Third Core: Empower users, customers and developers to strengthen cybersecurity protection. One of the conclusions that has emerged over the last year is, not surprisingly, that within any security scenario, you’re only as strong as the weakest link. Securing the world’s computer network requires all of us to recognize the need to increase the capability and resilience of the world’s computer networks. We’ll do this by providing our users, customers and the wider developer ecosystem with more information and better tools that enable them to understand current and future threats and protect themselves against them. We will also support civil society, governments and international organizations in their efforts to advance security in cyberspace and build cybersecurity capacity in developed and emerging economies alike.

Third Core: Partner with each other and with like-minded groups to enhance cybersecurity. We’ll work with one another to establish formal and informal partnerships with industry, civil society and security researchers, across proprietary and open source technologies to improve technical collaboration, coordinated vulnerability disclosure and threat sharing, as well as to minimize the levels of malicious code being introduced into cyberspace. In addition, we will encourage global information sharing and civilian efforts to identify, prevent, detect, respond to and recover from cyberattacks and ensure flexible responses to security of the wider global technology ecosystem.


Three Laws of Computers

In 2012, I published my three laws of computers:

         Law #1: Computers must not, or allow other computers to, harm humans or other sentient life forms as they complete their series of commands (program) given to it.

 Law #2: Computers must first positively authenticate the user, determine that user’s rights and privileges, and leave an accountability record before executing its programs.

 Law #3: Computers must automatically learn, configure and remember how each human wants it to behave and then instantly recall that configuration every time that human accesses it.

Computer hardware and software security can no longer afford to be treated as an afterthought. Nor can it be implemented using Silo Security Components.

About Access Smart:

Founded in 2005 and headquartered in Ladera Ranch, California, Access Smart, LLC (a certified CA Small Business) is dedicated to empowering businesses, agencies and institutions to regain control over their computers and networks at the point of entry. Authentication, authorization and non-repudiation do not have to be cumbersome to be effective. For more information, visit https://www.access-smart.com/.