The launch of the Pall Mall Process by the UK and France to address concerns around commercial cyber intrusion tools marks a significant step forward in this area – but can it deliver concrete change?