With this statement, we want to recognise all those who form the first line of defence in making our digital world safer. This is the purpose of the theme for FIC 2020: “Putting human beings at the heart of cybersecurity.” This statement is for you if:
- At home, you enjoy the benefits of digital life, the immediate access to unlimited content, sharing information with friends and families anytime, anywhere;
- At work, you are responsible for information security, you develop new solutions to make the digital community safer, you contribute to the fight against online crime.
Together we the members of the Advisory Board of the FIC Forum, together with CISOs, CIOs, analysts, researchers, developers, trainers and teachers from all over Europe, need to work on the cybersecurity of our respective organisations, countries and of the European Union. Together we must work to meet our challenges, finding solutions to protect what we hold dear. There is much at stake for us: an open, free and prosperous society with our own standards and values.
Humans are (still) at the core of the digital world
Nowadays, people and technology are closely connected. Digital technologies have been the source of many improvements and developments in the world around us, including expanding access to knowledge, increasing our ability to communicate and revolutionising the ways in which information can be spread and shared with others. In many ways, technology is so interwoven into society that it can be difficult to separate the good from the bad. But whilst we may sometimes feel that technology has taken control of our lives, ultimately humans are still in charge. After all, artificial intelligence, algorithms, robotics and privacy and security-by-design are – for the time being – human inventions. Humans are still at the core of our digital world: as citizens, consumers, developers, victims or criminals. We are the architects of it all.
In cyberspace, our best option is to trust but verify
Those with the ability to harness the power of digital technologies seem to rule our digital world. As recent events have shown, the equilibrium between stakeholders in cyberspace is being altered significantly. For many governments, policy and rules aimed at protecting the citizens they seek to govern do not have the intended effect or reach. The private sector owns and maintains most of the physical infrastructure on which the continued functioning of cyberspace depends, thus increasing their role in the governance process, yet there is concern at the way that current industry practices are becoming so far removed from the individual. Large companies manage the servers and clouds that contain ever-increasing and diverse data sets, they drive the innovations in concepts such as smart cities that are changing our everyday lives with developments in sensors, robots, self-driving cars and digital services, and many business models rely on the processing of personal or sensitive information through non-transparent algorithms.
Yet for all the socio-economic benefits that digital technologies bring, we also become more susceptible to malicious actors and those seeking to subvert or manipulate technology for their own motives. A powerful example of the harm caused by such actions includes Internet shutdowns, as Iranians experienced to their detriment when the country was disconnected from the Internet for a week on 15th November 2019 amid protests against the rise of fuel prices. Instances of sensitive data harvested by multinational corporations being lost or stolen also highlight the risk of digital technologies to the privacy of individuals. Similarly, digital technologies can be weaponised and used in cyberattacks that are difficult to detect and trace. There is also therefore a strong need to make sure that those with the power to act are doing so responsibly and can in some way be held accountable.
The question is: are we still in control of our sovereignty, independence and data? No individual, no government or company has full control. There must come a point where we place our trust in others to act with due respect to our rules and values. Trust cannot be given based solely on good words and promises - it is earned based on the capacity to make verifications of others’ behaviour. Citizens have to trust the government to be able to adapt the surveillance architecture to the new realities; governments have to trust their citizens with increasingly powerful tools, such as encryption, whilst both citizens and governments have to trust that private industry will act in the interest of their shareholders whilst causing as little harm as possible.
We need you – we need each other!
To those who work in information security or against cybercrime: you are the first line of defence in protecting our community, at work and at home. Your voices need to be heard, your role properly valued and supported by your management, whilst you must also to be able to pursue a career. It is our duty to invest in the human factor of cybersecurity. Empowered people are the most critical weapon in our battle against cybercrime and instability in cyberspace.
Recognising and empowering people is essential. It is about common sense – and it starts with putting human beings at the top of the agenda, as FIC does this year. It is continued by developing relevant outcomes such as publications and white papers, recognising existing best practices, rewarding motivated people, all the while keeping social values in mind.
The future of cybersecurity belongs to initiatives that enable and empower people to protect themselves from attackers, empower each of us to report what we perceive is of concern, and for defenders to track down criminals. Our first line of defence must be strong and resilient.
During the three days, be prepared to put the human being at the heart of cybersecurity.
FIC2020 board member – personal statement
As member of the FIC Advisory board I was asked to publish my own conference statement and I drafted this text: New technologies like the cloud increase the number of hazard sources since these systems themselves can be used as bases for attacks. We have not yet witnessed any catastrophic failures in the energy, transport or financial sectors, but this is more down to good fortune than to functioning security measures. Every company has the need – and the right – to evaluate their cloud services in depth. Appropriate processes, competencies and financial means are still often lacking, but CISOs will need to get the cloud back under their control. Better sooner than later.
Welcome to FIC 2020. The French International Cybersecurity Forum 2020 which will take place in Lille (France) from 28-30th of January.
Read the full Mission Statement of the FIC2020 Advisory Board:
See the forum FIC2020: https://www.forum-fic.com/en/home.htm
Article provided by: Dr. Tobias Höllwarth (member of the FIC Advisory Board), CEO of Sourcing International and President of EuroCloud Europe