This tension sits at the heart of the Pall Mall Process, an initiative launched by the UK and France in 2024. The Pall Mall Process is an international multistakeholder approach dedicated to tackling the proliferation and irresponsible use of commercial cyber intrusion capabilities (CCICs). It brings together a wide range of organisations and perspectives – from governments, technology companies, civil society, academia, the cyber security community and investors, to commercial offensive cyber intrusion companies themselves – to define the problem, and explore how we tackle it together.
The National Cyber Security Centre (NCSC) is contributing our technical expertise to help develop a process that supports responsible actors, (the UK’s approach to responsible cyber power published on gov.uk) whilst addressing the risks posed by those operating without appropriate safeguards. We, our Foreign, Commonwealth & Development Office (FCDO) colleagues, and their French counterparts are engaging widely across society, but due to the discreet nature of this market we are seeking additional insights from people working in vulnerability research, exploit development, and the wider offensive cyber industry to get this right.
