Cyber Security: how could we turn this issue into an opportunity? Part I

23 January 2013

I was in Paris a few weeks ago, and found out in my room an issue of the L’Express magazine which captured my attention.

 

The journalist was claiming a foreign super-power had penetrated the French President's Information Systems, and obtained classified information.

Most importantly, he was pointing out that the risks of cyberwar are becoming real, and this is now priority one for many Heads of States.  Apparently, according to a United Nations workgroup, the chances of a massive cyber attack in five to ten years are second just to terrorist attacks.

I started to pay more attention to this, and the topic of cybersecurity and /or cyberwar is actually becoming hotter.   The Wall Street Journal had an interesting story on The New Year's Biggest Cyberthreats I recommend.  Al Jazeera also ran a great reportage on the topic.

 

Last but not least, I've recently had the opportunity to meet Mellissa Hathaway - a cyber security expert, President of Hathaway Global Strategies, and former Acting Senior Director for Cyberspace at the U.S. National Security Council -, whose insights have further opened my eyes on this emerging issue.

ICT security has always been a well known topic, and many companies have been working hard at tackling - more than preventing - this issue.

However, the experts are now talking about taking these well known challenges to a higher and dramatic level: cyberwar.

Nothing one should be really surprised about, if you considered the pervasiveness of the Information Technologies in our today's lives.

Internet started in 1969, and it's now impacting all of the societies and economies.

There are approximately 2.5 billion Internet users around the world of which nearly half are below the age of twenty-five.

The proliferation of mobile internet devices is under our eyes: the analysts are talking about nine billion devices connected to the internet now, and by 2020 that’s headed to fifty billion devices, which will be generating more and more data, as well as increasing security challenges.

We have certainly adapted to the Internet and the technology that underpins it.  In fact, we have made it an integral part of just about everything in our lives.  And somehow we take it for granted that it will always work twenty-four hours a day, seven days a week.

ICT is estimated to drive 4% of the GDP growth in Western economies, and up to 10-15% of the GDP growth in emerging markets.

However, this very technology that contributes to nearly 40 percent of the productivity growth of the global economy also facilitates an equally robust underground economy.

The media headlines announce frequently that bank accounts are being robbed, intellectual property is at risk of piracy, and key infrastructures are penetrated and could stop working at any moment.

The increasing technological sophistication of hackers and organized criminal groups has turned the use of cyberspace seriously risky for many corporations and banks.

Which risks are we talking about?  They are ranging from the attacks to the information systems of large corporations and governments, to our daily lives.  As an example, it's easy to observe that the continuous shift to e-commerce will be driving the physical stores' shutdown.  And the new virtual stores, built entirely upon ICT, will be facing threats similar to the physical ones, and should be conceived in a way that it is making them resilient.

What are the next viruses which we'll be facing?  As we cannot know them, security must be conceived upfront, as embedded in the ICT solutions, rather than as a reaction to unpredictable attacks.

What's at stake for enterprises and/or governments?  We could list a number of items, however, definitely, and not necessarily in this order of priority:

1) reputation;

2) quality of services;

3) lives/moral.

Still, we may take a different perspective.  If we appropriately tackled these issues, we would be finally able to unleash the ICT power to its maximum extent, overcoming the natural diffidence which is slowing down its penetration in several cultures or markets.

I guess we have only two options: living under the anxiety for these unknown threats - while maybe getting ready to step back - or facing them.

Personally, I am convinced that we should stop fearing the effects of pervasive ICT adoption, and instead raise the right level of awareness.  All the key players should then mobilize to drive a consistent set of actions, and tackle this enormous challenge .  However, this is easier said than done, and we shouldn't underestimate the task at stake, and the difficulty in freeing up resources to fund also this necessary innovation under the current economic challenges...