As cyberspace has increasingly become a site of conflict, there has been a rise in cyber mercenaries, or private sector actors that wage offensive operations in cyberspace on behalf of governments or private actors. Cyber mercenaries hoard and sell exploits and surveillance tools, undermining everyone’s security. The technology industry must come together to address global challenges, including by taking steps to combat the threat of cyber mercenaries.
To quote the White House National Cybersecurity Strategy: “We must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organizations that are most capable and best-positioned to reduce risks for all of us.”
GitHub is proud to join 40 companies endorsing the Cybersecurity Tech Accord principles limiting offensive operations in cyberspace. Building on the Cybersecurity Tech Accord’s founding commitments, these principles charge companies to:
At GitHub, we take action through providing the best tools and practices for secure software development, helping fund open source security projects, adhering to principles that increase trust and security in cyberspace, and protecting legitimate security researchers. We leverage law and policy to defend the software ecosystem; in 2020, GitHub joined an amicus brief in NSO v. WhatsApp opposing the expansion of foreign sovereign immunity to private cyber-surveillance companies that act on behalf of foreign governments. And we’re committed to working with like-minded organizations, governments, and civil society to make digital technologies work for democracy and human rights.
We encourage fellow companies to endorse these principles and join the collective fight against cyber mercenaries.
We’re asking for feedback on a proposed Acceptable Use Policy update to address the use of synthetic and manipulated media tools for non-consensual intimate imagery and disinformation while protecting valuable research.
GitHub enables developer collaboration on innovative software projects, and we’re committed to ensuring policymakers understand developer needs when crafting AI regulation.
Discover the latest trends and insights on public software development activity on GitHub with the release of Q4 2023 data for the Innovation Graph.