Shaping the Future of Cybersecurity Standards
As the next Chair of ITU-T’s SG17, I’m relieved that delegates from 82 countries placed progress over politics
October was a milestone month for Broadcom and for me personally and professionally. But I also believe it was a milestone for the international standards community and for the global cybersecurity and larger tech industry itself. Here’s why.
On Oct. 18, at the World Telecommunication Standardization Assembly 2024 in New Delhi, representatives from 82 countries elected me Chair of Study Group 17 (SG17) on Security. I attended the assembly as a delegate for the United Kingdom. As I explained back in August, SG17 operates under the auspices of the International Telecommunications Union (ITU), the United Nations agency specializing in digital technology. Numerous standards that underpin core cybersecurity technologies–including public key infrastructure (PKI)–have resulted from the work of ITU’s standardization sector, known as ITU-T. The cybersecurity industry owes much to those efforts.
Why this matters
As a working group within ITU-T, SG17 essentially coordinates security related work across all ITU-T Study Groups, often working in cooperation with other standards development organizations and various fora within the communications and information technology space.
I’m proud and honored to serve as the next chair of SG17 because the work we do is so important not just to innovators like Broadcom, but to technology users the world over and the governments dedicated to protecting the digital lives of their citizens. I am especially excited to hold this position because we expect SG17 to tackle numerous essential topics in the coming four years, including security models and frameworks designed to protect modern technology and communications systems, as well as new and emerging security technologies. That list of technologies is long and involved, including AI, Generative AI, quantum-based security, and a rejuvenated focus on identity as a broad topic that incorporates a vast range of new challenges and opportunities, such as digital wallets and Digital Public Infrastructure.
Everyone reading this blog knows the reality of technology innovation: It has never been this fast, and it will never be this slow again.Meanwhile, our adversaries are getting increasingly skilled at leveraging that pace of change in large part because of what’s at stake: Cybercrime is a $6 trillion industry and is on track to reach $10.5 trillion by 2025. Without standards, digital devices, networks and services would all struggle to work across a patchwork of disparate technologies that don’t interoperate well or even at all. And from a security perspective, that disunited patchwork could leave everyone from users and enterprises to providers dangerously vulnerable to even more threats than we face today.
An unexpected twist in the proceedings
What was unique about the Oct. 18 vote was how it all progressed–or more precisely, how it almost didn’t.
A series of nerve-wracking procedural delays arose from arguments and objections lodged by two groups of countries over the current drama of today's geopolitics. This resulted in a so-called "hostage list" of delegates whose candidacy was rejected by at least some members of the Union (the U in ITU-T).
Because I was a candidate representing the UK, my name was on that list.
A commitment to standards prevailed
These motions provoked a double vote: the first to stop the back-and-forth admonishments and the second to secretly vote on the list of candidates. The secret ballot was taken, and fortunately, the results were decisive. In a quorum of 92 countries out of 116, I received votes from 82 countries vs. 10 voting against me.
In our technological and business world, which tends to be more genial and cooperative in settings where participants generally seek to arrive at consensus, these situations never happen, and this moment proved sobering.
The good news is that in this case, politics and posturing gave way to progress. More than 90% of countries voted to approve the list–a clear indication that this global group remains committed to establishing security standards that benefit all of us.
That’s the key message after all. I am not a political animal. I work hard to demonstrate integrity, impartiality and neutrality, and my experience as an international mediator across academia, business, government and civil society has given me opportunities to display those traits. To represent the United Kingdom within this global consortium as a French and Swiss European who works for a U.S.-based multinational company seems to echo the broad shared interests of all members of SG17.
Part of my responsibility as chair is to ensure constituents of all countries are welcome in SG17. My objective is to improve its relevance to the market, the regulators and the industry while helping to provide a more inclusive and encouraging experience to all its members–and particularly the next generation of delegates.
As a result, I am proudly taking my seat as Chair of SG17 with an amazing team of 12 young and engaged elected SG17 Vice Chairs from a vast array of countries. I look forward to representing technology innovation throughout the world, and helping guide this essential group in work that is urgently needed in a world of breakneck change.
I hope this is the last time a vote is held up in this way, especially for reasons like this. But the truth is, the work of SG17 requires many things, cooperation chief among them. We’re all after the same thing, and to achieve it we must work together.
We encourage you to share your thoughts on your favorite social platform.