If you'll give me the opportunity very briefly, I agree that one of the key things is to re-establish red lines. I honestly believe, in my personal view, that the reason chemical weapons were used in the U.K. is that we didn't do more to stop their use in Syria. We didn't follow our own red lines and therefore we've allowed the Chemical Weapons Convention to fritter away.
You've spoken a lot about nuclear, and we cannot allow nuclear norms to fritter away. If we don't respond energetically to cyber-attacks, particularly for really destructive things like WannaCry and NotPetya, we then communicate a message that this is now acceptable, that it's high gain and low risk, if you like. We need to turn it around and once again make these violations of international norms, not just in a genocide area but the use of these new weapons, high risk in terms of the response—it's going to be counter-productive, you're going to lose more than you gain, and low gain. That's going to take time, but I think that's key.
I think the second area—and I agree with Mr. Rohozinski here—is that when new things come along, like artificial intelligence or autonomous weapons systems, we need to be all over them early, and much more quickly. That means asking if there are advanced uses in these issues that we could develop to make our defence better. For example, quantum computing can provide a lot of the solutions to cyber defence, so it could be a good thing.
We know from experience that these new technologies have their good side, like the Internet, and their dark side, and we need to be quicker at how we try to stop the dark side.
Mr. Rohozinski, I think, is totally right to point out that, with autonomous weapons systems that could be used totally outside of the human decision-making loop, we need to now start thinking what kind of arms control norms and what kind of standards we need and how to get people on board, so that we establish a red line against the illegitimate use of these things.
Finally, I don't believe there is going to be a new domain as such, but I think one thing we need to think about is how the existing domains and people who work in those domains can help with cyber defence, and how the cyber people can help to reinforce our ability in the existing domains.
Mr. Rohozinski, I think, quite rightly pointed to the problem of more and more weapon systems now running on Windows 2.0, and the vulnerabilities that could come from that.
Those are the three points I'd like to make in response to an extremely interesting question.