Wars don’t just take place on a physical battlefield any longer, and Microsoft is urging for a set of rules that will help govern behavior when it comes to cyber warfare. The company is calling for other tech companies and nations around the world to join in creating a “Digital Geneva Convention.”

The announcement from Microsoft expressing its belief in such an agreement came during the information security-focused RSA Conference held in San Francisco, Calif. Brad Smith, the president and chief legal officer of Microsoft, penned a blog post explaining the company’s belief that there needs to be ground rules for cyber attacks, specifically to safeguard civilians.

“Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace,” Smith wrote.

As evidence for the urgent need for agreed upon protections, Smith pointed to the North Korean hack of Sony in 2014 and the meddling of Russian hackers during the 2016 U.S. Presidential election. He noted this type of state-sponsored malicious behavior was becoming more common, and the potential for digital conflict is only continuing to grow.

Given that, Smith and Microsoft believe it’s time to set framework for attacks in cyberspace, first on a country-to-country basis—similar to the agreement made between the United States and China in 2015 that helped place a ban on the cyber theft of intellectual property —and then on a global one.

“The United States and Russia can hammer out a future agreement to ban the nation-state hacking of all the civilian aspects of our economic and political infrastructures,” Smith suggested.

Smith also noted the importance for companies like Microsoft and other major players in the world of technology to be involved in shaping such an agreement, because the primary target for many cyber attacks is user data housed in private servers.

The stakes for companies is clear: 74 percent of the world’s businesses expect to be hacked each year, according to research conducted by the Information Systems Audit and Control Association (ISACA) and cybercrime is estimated to cost companies as much as $3 trillion by 2020.

Smith suggested tech companies should operate as a “neutral Digital Switzerland,” offering assistance and protection to customers everywhere while refusing to aid in attacks on customers anywhere.

Microsoft’s plan to serve as a digital Red Cross in the middle of virtual combat zones will require a considerable amount of support, both throughout the tech industry and from nations around the world.

Some framework has been put in place already. The United Nations began exploring the idea in 2015, when experts from 20 countries issued recommendations for cybersecurity norms for nation-states. There are many nations still yet to sign on, but it does present a starting place for the conversation.

RELATED STORIES
China Cybercrime Security Microsoft