Geneva Cybersecurity Law & Policy Conference – Notes

My notes during the afternoon session of the Geneva Cybersecurity Law & Policy Conference – June 21, 2018. Views are my own and posted for recollection purposes.

The Geneva Cybersecurity Law & Policy Conference, organized in the framework of a research project between the University of Geneva and the Hebrew University of Jerusalem, aimed at presenting selected legal and policy aspects of cybersecurity in a crosscutting approach.

Here are some of my main takeaways from the afternoon session on “The Future of Cybersecurity: Artificial Intelligence and other Challenges”.

    • There are still many known unknowns with regards to potential new threats in the Global Cybersecurity landscape with the advent of AI (and other related trends in Big Data and IoTs)
    • There is an understanding of the apparent dual-use of AI (i.e. used toward beneficial and harmful ends) What unique legal, ethical and other challenges, if any, does AI pose as a dual-use technology?
    • There is still lack/absence of data to conduct evidence based academic research and policy making relating to AI and Cybersecurity. Assessment of AI-based attacks/threats and their impact on Cybersecurity is still work in progress. As of today, there is no publicly documented evidence of AI-based attacks.
    • Novel type of attacks (e.g. causing autonomous vehicles to crash, swarm of micro-drones) could lead to fatal casualties taking away human lives unlike the ‘traditional’ Cybersecurity threats known today with limited or no vital consequences.
    • There are concerns about policy choices made today with regards to AI that may affect future generations (analogous to the Climate Change).
    • There is a need to examine what is working and what is not in the various models of ‘multiskaholderism’ and how multi-disciplinary competencies could be built very early in education of the digital natives. (e.g. the need to have legal and ethics modules in Computer Sciences and Engineering curricula and vice-versa)
    • Civil Liability for Cyberattacks may face additional complexities with increased anonymity and difficulty to attribute attacks that are based on AI. New challenges in the legal aspects could emerge as malicious actors may exploit vulnerabilities of AI systems through new dimensions such as data poisoning, machine learning and related algorithms etcetera.

Y. Kitaw
PhD Fellow in Governance and Policy Analysis at UNU-MERIT Maastricht University
Personal website: kitaw.info | LinkedIn  | Twitter