The G7 Ise-Shima Leaders’
Declaration
The formal communiqué of the meeting5 contains an
introductory paragraph under the heading of Cyber. It
is essentially a declaration of principles and contains
the following statement: “We strongly support an
accessible, open, interoperable, reliable and secure
cyberspace as one essential foundation for economic
growth and prosperity.” Like many readers of this
journal, I have spent my entire career trying to build
accessible, open, interoperable, reliable and secure
information systems, so I found this acknowledgment
by world leaders to be especially gratifying.
The fact that this issue reached the G7 agenda6
is recognition that cyberspace is not secure; it is
insecure enough that their individual and collective
interests are imperiled. To put this in context, the
other topics addressed in the communiqué are
the world economy, migration and refugees, trade,
infrastructure, health, women, anticorruption,
climate, and energy. Cyber security, as a global
concern, has reached quite a high level indeed.
State Behavior
The expanded section of the communiqué7 elaborates
on the theme and contains the following sentence:
We commit to promote a strategic framework
of international cyber stability consisting of
the applicability of existing international law to
state behavior in cyberspace, the promotion of
voluntary norms of responsible state behavior
during peacetime, and the development and the
implementation of practical cyber confidence
building measures between states. 8
I have italicized the phrase in the quote because it
is so laden with meaning. It calls for “norms,” which
I understand to mean standards. I have previously
bemoaned the lack of standards for cyber security, 9
so I found this call to be very heartening. These
norms will necessarily be “voluntary” because
there is no international body to enforce them. But,
much as with other supranational declarations
securityinformation
matters The G7 and Cyber Security
Do you have
something
to say about
this article?
Visit the Journal
pages of the ISACA®
web site ( www.isaca.
org/journal), find the
article and click on
the Comments link to
share your thoughts.
Steven J. Ross, CISA, CISSP, MBCP
Is executive principal of Risk Masters International LLC. Ross has been
writing one of the Journal’s most popular columns since 1998. He can be
reached at stross@riskmastersintl.com.
I first learned the term MEGO in a column by the
great conservative pundit, William Safire. 1 In his
Safire’s Political Dictionary, 2 he defines the term as
an acronym for “my eyes glaze over” and “something
that is undeniably important and paralyzingly dull.” 3
There are few topics so MEGO as G7 meetings, the
gatherings of the leaders of the world’s industrialized
democracies. You know they happen; you know
they are important. But can you name all seven G7
nations,4 much less their leaders? Do you have any
idea what they talk about or accomplish?
With this stirring introduction, your eyes are probably
starting to mist and you have your hand on the
corner of the page, about to turn. Please stay
awhile for a MEGO you should know about. In May
2016, the G7 leaders met in Ise-Shima, Japan, and
produced a document that has real meaning for all of
us who care about cyber security.
