YPFP NY: A Conversation with Franz-Stefan Gady

Posted on January 23, 2014

On November 11, 2013, Mr. Franz-Stefan Gady spoke to a group of YPFP NY members and New York Law School alums at the New York Law School Center for International Law. The event, titled “Threats to U.S. Cybersecurity: A Discussion with Franz-Stefan Gady” addressed current cybersecurity climate and steps the United States could take to improve it. Mr. Gady is a senior fellow at the EastWest Institute and a founding member of the institute’s Worldwide Cybersecurity Initiative. A native Austrian he served for several years in the nation’s military before he earned an M.A. in Strategic Studies/International Economics from the School of Advanced International Studies, Johns Hopkins University. After the lecture, Mr. Gady sat down for a more in-depth interview to discuss issues related to cybersecurity, his career path and what career recommendations he would give to young professionals interested in foreign policy.  

 

At the YPFP lecture, Mr. Gady presented four recommendations to the United States to improve the cybersecurity climate, while displaying a distinctive approach to cybersecurity at the start of the lecture with his reaction to the title. “I don’t like the phrase cyber threat. It’s too one-sided. If I could leave you with one thing tonight it would be the phrase ‘cyber-risk,’” Mr. Gady said.

 

Mr. Gady began by discussing the only international convention on cybercrime: the Budapest Convention on Cybercrime in 2001, drawn up and signed by the Council of Europe in 2001. The United States signed on to the original convention but not the Additional Protocol, with the view that making online racist and xenophobic acts criminal was not compatible with the U.S. constitution. Mr. Gady said that the United States must work to strengthen the convention to effectively fight cybercrime. In order to start building trust, major actors like the United States, China, and Russia could compile a list of ‘most wanted’ cybercriminals and then pool resources to arrest and try them.

 

Mr. Gady’s second recommendation was for the United States and China to create a joint cybersecurity threat assessment. Not only would this build trust (as with the joint ‘most wanted’ list) but also the assessment would better inform the private sector.

 

The third recommendation was short but to the point: email spam. Hackers can use spam to introduce malicious code into companies and so the United States must work to reduce it.

 

Mr. Gady’s fourth recommendation was a proposal for a cyber weapons test, similar to the nuclear weapons tests conducted during the Cold War. This test, Gady said, would improve diplomacy by placing capabilities out in the open.

 

Mr. Gady became interested in cybersecurity after a search for a topic in security he could delve into.

“Five years ago I was looking at future trends that were going to stay around for a while,” Mr. Gady said to YPFP after the lecture. “Cyber is this new emerging field that hasn’t hit the mainstream yet and I thought it would be one of the most pressing foreign policy challenges in our future.”

 

He came across the book, Inside Cyber Warfare by Jeffrey Carr, read it and then read the cited sources. Mr. Gady was drawn to the broad implications of cybersecurity issues. “It’s one of few sectors in foreign policy where the decisions you make affect the private sector immediately, affect the population immediately,” Mr. Gady said.

   

At the time of his emerging interest in cybersecurity, Mr. Gady was working at the EastWest Institute on other projects. He spent his free time researching cybersecurity issues. “I started writing on the side,” Mr. Gady said. “How I got recognition was that I got published. The first article was in Foreign Policy on Africa and cybersecurity. Then I was writing an article every other week.” Mr. Gady applied his background in history to the topic, “I’m not a technical expert. I apply historical analogies.”

 

Currently he is researching strategic stability in cyberspace. “A famous constructivist said ‘Anarchy is what you make it,” Mr. Gady said in response to a question at the end of the YPFP lecture. “Similarly, cyberspace is what you make it.”

 

For the YPFP members still feeling lost or those eager to learn more about cybersecurity issues, Mr. Gady offered the following reading recommendations:

·      Jason Healey at the Atlantic Council

·      Jim Lewis at the Center for Strategic and International Studies

·      Bruce Schneier, author of the blog On Security

·      Jeffrey Carr, author of Inside Cyber Warfare

 

Eve Ahearn is Associate Director of Communications for YPFP New York.