The growing threat of advanced cyber-attacks on critical infrastructure and industrial systems presents a unique challenge for businesses and countries alike. Increasingly, governments are being called on to respond to cyberattacks and provide a secure cyber environment, despite the fact that cybersecurity infrastructure has so far been in the hands of the private sector, not under state control. Cybersecurity has become one of the pillars of national security, and partial solutions by individual organisations are no longer sufficient to counter cyber threats. Going forward, it will be imperative to build more comprehensive and, above all, inclusive systems for ensuring cybersecurity.
- What should the respective roles of government institutions, security agencies, business and end-users be in building a resilient cybersecurity environment?
- How can a culture of basic digital hygiene be fostered regarding our online lives, both in the government and business sector, as well as among everyday users?
- How can the lack of a skilled workforce be overcome, and what forms should co-operation between the public and the private sectors take in this case?
- How can we adapt our institutional, legal and operational frameworks to the disappearing division between defensive and offensive action in cyberspace?
Key Policy Takeaways
Cross-sectoral co-operation: Given that 90% of all cyberspace is owned by private entities, actions to ensure cybersecurity should be harmonised across all relevant sectors. This will require improved communication and coordination structures. When dealing with skilled workforce shortages, some governments have embraced the fact that the private sector will poach experts from the public sector. In their view, the only way to proceed is by training them, letting them go, and then offering them incentives to provide their expertise voluntarily.
Change of culture: The trend of digitalisation is all-encompassing, with even traditionally analogue devices becoming part of an expanding Internet of Things. To ensure even a basic level of security of all stakeholders, including everyday users, we need to drastically improve the users’ digital hygiene. Everyone should be educated on the functioning of cyberspace and how to ensure their own security online.
Blurred lines: In cyberspace, defence and offence are only one step away from one another. We should take this into consideration when devising both policy and technical solutions, with the application of AI serving as a prime example. While useful in detecting anomalies on a macro scale, AI has been noted by military planners to display escalatory behaviour when applied in a more active format.
Trust: In cyberspace, the integral role of trust is amplified. Whether state agencies are exchanging information or private firms are considering the risks of investing in an environment with a substandard cybersecurity environment, trust plays a pivotal role. Equally important is the relationship between citizens and their respective governments, as people remain wary of most government institutions, even if the objective is to protect them. One way of addressing this divide is by ensuring better data integrity.
Cyber Security System: Achieving Resilience
In partnership with Siemens.
Tuesday, 11 September 2018, 11.00–12.30 @Rikli Balance Hotel, Arnold II Hall
- Dobran Božič, Director of the Office of the Government of the Republic of Slovenia for the Protection of Classified Information
- Jerry Chappee, Deputy Director Joint Cyber Center at European Command, United States of America
- Kai Hermsen, Global Coordinator for the Charter of Trust at Siemens AG, Germany
- Mitja Jermol, Head of Center for Knowledge Transport at Jožef Stefan Institute, Slovenia
- Antonio Missiroli, Assistant Secretary General for Emerging Security Challenges at North Atlantic Treaty Organization
- Uzi Moscovici, Major General (ret.), Vice-President of Missile Division at Israel Aerospace Industries, Israel
- Gregor Pipan, CEO of XLAB d.o.o., Slovenia Tanel Sepp, Deputy Director of the Cyber Policy and IT Department at the Ministry of Defence of the Republic of Estonia
- Guy De Launey, Correspondent and Presenter at BBC News and Monocle, United Kingdom