Four key challenges for cybersecurity leaders

cybersecurity_

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Ken Xie, Founder, Chairman of the Board and Chief Executive Officer, Fortinet


  • Cybersecurity must be built-in to every product and system.
  • Achieving this will pose four challenges for business leaders.
  • By overcoming them, we can create a truly protected digital world.

In business and society today, we are too often focused on bolting on cybersecurity in a hyphenated manner. We want “security-enabled” this, “security-enhanced” that. But cybersecurity cannot be an add-on. Rather it must be built into every product and system from the moment it is conceived. To achieve such integration, we need to address four fundamental leadership challenges:

1) Real-time information sharing

The pace of the digital world continues to increase exponentially. To keep up, security professionals have to address threats and security weaknesses rapidly, before cybercriminals strike. Speed is fundamental to an effective cybersecurity strategy; cybersecurity systems must keep up with the increasing speed and volume of internet traffic. Speed of reaction is vital as well. Too often, there are long lag times in addressing cybersecurity problems. Criminals can – and do – take advantage of this.

But speed requires visibility. To act fast, we must share threat information in near real-time. Cybercrime has no borders. In a world that is so deeply interconnected by digital technology, cybersecurity and global security are the same thing. No single organization, public or private, can have a complete view of the entire cyber landscape. Senior leadership must insist organizations share information to put the pieces of the puzzle together. Otherwise, we will be flying blind.

 

2) Widespread collaboration in cybersecurity

Effective cybersecurity must be deeply and widely collaborative. Collaboration enables the good guys to create a hive mind, to learn rapidly, constantly expanding our competency and capacity. If organizations or states do not learn from one another, the same attacks will needlessly take down countless entities.

Wide collaboration means including everyone in a broader conversation about cybersecurity. Deep collaboration means making everyone smarter and creating knowledge repositories that are part of our operational systems. It means collaborating on threat intelligence sharing and it means collaborating on education.

The more we talk about the importance of cybersecurity and its fundamental role, and the more education is shared, the more we will educate and nurture the future generations of cybersecurity professionals we very much need. The estimated cost of damage caused by hackers, malware and data breaches is projected to reach $6 trillion by 2021. To empower leadership to meet these challenges, technological experts and top-level decision-makers across the public and private sectors must work together. This takes time. Senior leaders should make it clear that such collaboration is time well-spent.

Working together, we could see tangible results very fast. More than 92% of malware is delivered via email. With the right awareness campaigns and policies, as well as diligence in practice, we could eliminate more than 90% of malware simply by teaching new skills that overcome ingrained behaviours.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust aims to spearhead global cooperation and collective responses to growing cyber challenges, ultimately to harness and safeguard the full benefits of the Fourth Industrial Revolution. The platform seeks to deliver impact through facilitating the creation of security-by-design and security-by-default solutions across industry sectors, developing policy frameworks where needed; encouraging broader cooperative arrangements and shaping global governance; building communities to successfully tackle cyber challenges across the public and private sectors; and impacting agenda setting, to elevate some of the most pressing issues.

Platform activities focus on three main challenges:

Strengthening Global Cooperation for Digital Trust and Security – to increase global cooperation between the public and private sectors in addressing key challenges to security and trust posed by a digital landscape currently lacking effective cooperation at legal and policy levels, effective market incentives, and cooperation between stakeholders at the operational level across the ecosystem.Securing Future Digital Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies and accelerate solutions and incentives to ensure digital trust in the Fourth Industrial Revolution.Building Skills and Capabilities for the Digital Future – to coordinate and promote initiatives to address the global deficit in professional skills, effective leadership and adequate capabilities in the cyber domain.

The platform is working on a number of ongoing activities to meet these challenges. Current initiatives include our successful work with a range of public- and private-sector partners to develop a clear and coherent cybersecurity vision for the electricity industry in the form of Board Principles for managing cyber risk in the electricity ecosystem and a complete framework, created in collaboration with the Forum’s investment community, enabling investors to assess the security preparedness of target companies, contributing to raising internal cybersecurity awareness.

For more information, please contact info@c4c-weforum.org.

3) Creating and promoting a common vision for integrated cybersecurity

Public and private sector leaders must commit to creating a common vision for integrated cybersecurity – something akin to NATO, which is based on clearly defined fundamental principles.

This vision for integrated cybersecurity must be comprehensive and inclusive, anticipating the next actions of cybercriminals rather than solely reacting to them. Just like NATO has well-trained armies and constantly evolving battlefield strategies, the common vision must be operational and must look at how best to address the technical challenges of effective cybersecurity, including the skills gaps I focused on in a previous piece.

Cybersecurity competency must be embraced by individuals and organizations. Cybersecurity education and training should be part of everyone’s educational development. Without such efforts, we will not have enough experienced soldiers to fight this war.

Cybercrime is high on business' agenda
Cybercrime is high on business’ agenda
Image: World Economic Forum 2019 Regional Risks for Doing Business report

4) Promoting the technology platform we need to make this work

Cybersecurity was not part of the design of most of the world’s current infrastructure. This must change.

Making cybersecurity work requires computing power. From now on, most products, devices and infrastructure should have this additional computing power designed in. Furthermore, the cybersecurity capabilities inside the devices must fit into an integrated platform that distributes workloads over the layers of a system.

An example of such a larger vision for cybersecurity where all parts of the network participate together is security-driven networking, which changes traditional assumptions of networking. Instead of looking only for the fastest path, security-driven networking takes the risk of each path into account and moves traffic over the fastest safe path. To make this work, the networking devices all need to share information about the speed and the risk of each network path.

The ability to offer robust security across the network with low latency and high performance is a critical functionality that organizations are seeking, especially with the deployment of 5G networks. A centralized approach is no longer tenable.

An integrated, optimized platform won’t emerge in a perfect form, but it won’t emerge at all unless we realize that it is needed. Organizations like the World Economic Forum’s Centre for Cybersecurity must continue to educate product designers around the world about the need to build cybersecurity into their products, and and best practices in doing so. In some cases, this may lead to a product refresh while in others it will lead to a redesigned ecosystem. In many cases, both changes will be required. We also need more widely accepted standards and protocols and public discussion about the topic to encourage trust.

A way forward

Given these four challenges, it is only once we have true integration, both across national and geographic borders, and also within our own businesses, that cybersecurity will achieve its full potential of creating a truly protected world.

Regardless of industry, vertical market, and geography, industry and government leaders have a responsibility to guide us toward a safer world. In a climate permeated by lack of trust and poor cooperation between established industry leaders, the only winners are cybercriminals. As leaders of important global organizations, members of the WEF and its Centre for Cybersecurity, and as an individual deeply aware of the importance of this imperative, I believe that cybersecurity is a responsibility we must all take on.

Advertising

Advertising

Advertising

Advertising

Advertising

Advertising

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Why Trump’s tariffs are good news for US garlic farmers

North-east Nigeria displacement crisis continues amid ‘increased sophistication’ of attackers, warns UN

GSMA Announces New Speakers for Mobile 360 Series – MENA, in association with The European Sting

Major UN aid operation for 650,000 gets underway across Syria-Jordan border

How painful is the Greek tragedy for the Germans?

Mali peace process in a ‘critical phase’, says head of UN Mission

New SDG Advocates sign up for ‘peace, prosperity, people’ and planet, on the road to 2030

Tobacco-free public space – how is the European law executed in my country?

To Bing or Not to Bing? That is the question

Back to the Basics: Primary Healthcare

Libya stands at a ‘critical juncture’, UN mission head tells Security Council

New round of bargaining for the 2014 EU budget late in autumn

EU Budget 2020 conciliation talks suspended

Half the world’s refugee children not in school, UN agency finds

Italy’s rescue operation Mare Nostrum shuts down with no real replacement. EU’s Triton instead might put lives at risk

Unity, regional cooperation and international support needed for Horn of Africa to develop sustainably

This is what is still holding social entrepreneurs back

MWC 2016 LIVE: The top 5 themes of this year’s Mobile World Congress

Me and China

‘Open, cordial, and frank discussions’ held over future Somalia-UN relationship

A dangerously hot climate, simmering political tensions: ‘This is not the summer of our youth,’ UN chief warns

A common fight against Antimicrobial Resistance: how can we react and what should we do

The European Commission and EU consumer authorities publish final assessment of dialogue with Volkswagen

Ukraine takes EU money and runs to sign with Russia

Disease slashing global meat output, cereals boom, bananas under watch: FAO

The essence of care is cosmopolitan

The Eurogroup protects Germany and blames others

ECB settles the bank resolution issue, makes banking union tangible

EU report: Implementation of reforms continues to bring EU and Ukraine closer together

A young student discusses the determinants of migration in the European Union

ILO: Unemployment to increase by 8.1 million in 2013-2014

Bold, innovative measures for refugees and their hosts sought, at first ever Global Forum

Parliament adopts new rules for short-stay visas

Whale populations are slowly recovering – this is why

Mergers: Commission prohibits Siemens’ proposed acquisition of Alstom

Six steps that can help us to tackle homelessness

Syrian Constitutional Committee a ‘sign of hope’: UN envoy tells Security Council

What’s going on in Chernobyl today?

G20 LIVE: World Leaders in Turkey for G20 Summit. Global Economy will be discussed in Antalya

Countries must invest at least 1% more of GDP on primary healthcare to eliminate glaring coverage gaps

Syria: A bloody tracer of Trump – Putin rapprochement

iSting: Change Europe with your Writing

German banks suffer of nausea amidst rough seas

It’s time to strengthen global digital cooperation

Unlock the value proposition for Connected Insurance

The implications of Brexit on European business, youth entrepreneurship and junior enterprises.

Taxes on polluting fuels are too low to encourage a shift to low-carbon alternatives

‘Ground Zero’: Report from the former Semipalatinsk Test Site in Kazakhstan

Forget GDP – for the 21st century we need a modern growth measure

Four ways Europe can become a global innovation leader

Inclusion and diversity isn’t just good for employees – it’s good for the bottom line

Humans account for only 0.01% of life on Earth – but our impact has been immense

Here’s what you need to know about Bangladesh’s rocketing economy

Peace operations benefit from improved cooperation between the UN and troop-providing countries, says peacekeeping chief

Art, mental health and suicide: different strategies for increasing access to health services

North Koreans trapped in ‘vicious cycle of deprivation, corruption, repression’ and endemic bribery: UN human rights office

Over 80 per cent of schools in anglophone Cameroon shut down, as conflict worsens

Wednesday’s Daily Brief: Women boost work profits, saving biodiversity, UK loses Chagos Islands vote, Gaza funding, malaria-free in Argentina, Algeria

Launch of Pact for Youth: European Youth Forum calls for real business engagement

How tech is helping the agriculture sector curb carbon emissions

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s