How COVID-19 shows the urgent need to address the cyber poverty gap

cyber security

(Philipp Katzenberger, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: William Dixon, Head of Operations, Centre for Cybersecurity, World Economic Forum & David Balson, Director of Intelligence, Ripjar


  • Responding to the COVID-19 pandemic requires secure vital services, networks and capabilities.
  • Yet recent cyberattacks against organizations including the World Health Organization reveal a cyber poverty gap between those that are prepared and those that are not.
  • Solutions include adopting next-generation technology and focusing on skills development.

The need for vital services, networks and national capabilities to continue to function without interruption has never been more stark. The global response to the COVID-19 pandemic is without precedent and is testing the limits of our ability to communicate, understand the situation and react appropriately.

One such vital piece of our global response, the World Health Organization (WHO), was widely reported to have been the target of a malicious cyberattack at the very time when it is critical to the global response and a key component of our collective resilience.

Especially during a crisis, it is paramount to maintain the underlying digital infrastructure of our social fabric. However, globally we are now at risk of being exposed to a cybersecurity poverty gap, in which the essential security capabilities, skills and services are priced beyond the means of those who need it in the key industries and services we are collectively reliant on.

What is the World Economic Forum doing about the coronavirus outbreak?

A new strain of Coronavirus, COVID 19, is spreading around the world, causing deaths and major disruption to the global economy.

Responding to this crisis requires global cooperation among governments, international organizations and the business community, which is at the centre of the World Economic Forum’s mission as the International Organization for Public-Private Cooperation.

The Forum has created the COVID Action Platform, a global platform to convene the business community for collective action, protect people’s livelihoods and facilitate business continuity, and mobilize support for the COVID-19 response. The platform is created with the support of the World Health Organization and is open to all businesses and industry groups, as well as other stakeholders, aiming to integrate and inform joint action.

As an organization, the Forum has a track record of supporting efforts to contain epidemics. In 2017, at our Annual Meeting, the Coalition for Epidemic Preparedness Innovations (CEPI) was launched – bringing together experts from government, business, health, academia and civil society to accelerate the development of vaccines. CEPI is currently supporting the race to develop a vaccine against this strand of the coronavirus.

The cyber poverty gap

The attack on the WHO is just one example of a major spike in cyber activity impacting critical services. In the Czech Republic, a cyberattack against one of the COVID-19 testing hospitals has taken it offline, forcing all the patients to be relocated and disrupting testing at a critical time. It is also alleged that cybercriminals recently launched an attack on the US Department of Health and Human Services in an attempt to slow down its response.

At this time of unprecedented reliance on digital services, infrastructure and the need for reliable information, cybersecurity has never been more important. While most of society sees the pandemic as a time for collective action, criminals have launched spear-phishing attacks imitating the WHO and Centers for Disease Control and Prevention (CDC), ultimately using the context of the pandemic to spread malware and ransomware as well as launch fraudulent websites that prey on users intent on helping others.

For the past decade, security has been driven by a major principle: those who invest the most are the best protected. But in areas such as healthcare, retail and local government services the last few weeks have indicated that the market falls short of what is needed to build collective resilience at a time of crisis.

 

Despite global spending on cybersecurity reaching more than $100 billion dollars a year, breaches and disruptions are a daily fact of life. The market is failing to create commoditization of cybersecurity and vulnerable businesses are paying the price. The healthcare sector is particularly vulnerable, with Crowdstrike reporting more targeted intrusions than defence, aerospace and manufacturing.

With the cost of procuring security systems and controls rising, and the skills needed to properly administer and implement these systems in short supply, it is likely that the networks with the greatest need in healthcare, social welfare or the complex ecosystem of supply chains that underpins them are still fundamentally ill-prepared from the threat of cyberattacks.

There are three ways that leaderships can address this cyber poverty gap:

1. Incentivise the adoption of next-generation defence.

Now is the time to deploy the full promise of the Fourth Industrial Revolution and expand the use of advanced security automation capabilities, including machine learning and artificial intelligence. This includes smart automation that can take complex security workflows, shared intelligence and knowledge of adversary behaviour, and respond to potential risks at machine speed entirely without human intervention. This will enable us to scale our collective response and dramatically drive down the cost of security to make it more accessible.

Scale of cyberattacks
Scale of cyberattacks
Image: World Economic Forum

Companies that are already offering free access to cybersecurity solutions during this time of crisis will be able to take advantage of a new automation economy and cheaper, faster and more scalable products that allow a vastly wider pool of customers across the supply chain – including logistics, transport and manufacturing – to gain access to vital capabilities and service offerings.

Upstream, automation is already playing a crucial role in scaling the response to the cyber threat. The UK’s “Active Cyber Defence” programme and work like Microsoft’s recent Necurs takedown aim at the strategic level to automatically take down or block tens of thousands of malicious websites and spearphishing attacks before they have had even had a chance to be utilised, with all users downstream benefiting from increased protection.

2. Accelerate skills development.

With a widening global cyber skills gap of 4 million, vulnerable sectors are falling far behind. When the UK’s NHS was impacted by the Wannacry outbreak, the subsequent investigation indicated that some of the UK’s biggest health trusts “did not have any” qualified cybersecurity professionals.

Addressing the cyber poverty gap will need bold leadership. Leaders drive the adoption and value of new technology and innovations, adopt the right governance models and deploy strategies across an entire business ecosystem. In critical industries such as healthcare, hospitals often run at a loss with small operating margins, yet the average salary of a Chief Information Security Officer is now over $200,000. To address this we need to incentivize and accelerate a much larger talent pool and new ecosystem given these skills will be the potential key workers of future crises.

This future leadership will be built by novel initiatives such as the Atlantic Council’s Cyber 9/12 challenge, a global competition which has encouraged hundreds of young people across Europe, US and Australia to pursue cyber policy and leadership roles in cybersecurity and the wider ecosystem. Developing future frameworks to develop leaders will be essential if the industry is to create new mass-market business models and not just boutique services.

3. Address market imbalances.

One of the strategic issues will be how the market adjusts itself to address the cyber poverty gap, and we can look to the healthcare industry for inspiration.

In the aftermath of World War II, the UK quickly established a nationalised health service. Its visionary founder Aneurin Bevan summarised its underlying philosophy in terms of the balance between rich and poor – “the essence of a satisfactory health service is that the rich and the poor are treated alike, that poverty is not a disability, and wealth is not advantaged.”

The coronavirus does not care about the wealth of those it infects, and the same can be said of cyberattacks. Only by working together will society find ways of containing their spread and reducing their impact. It may take a cyber version of the NHS to realign priorities of industry to realise the collective good, and ensure – as Bevan put it – that illness should not be an offense for which people should be penalised and the cost should be burdened by the community.

Governments around the world are already addressing these imbalances. The UK’s Department for Digital, Culture, Media and Sport allows organisations such as charities and training companies to take on grants of up to £100,000 in order to more quickly scale up skills in areas that need it most, but we now need to work on how these initiatives work on a global scale.

The integrity of cyberspace is a critical element of our collective resilience and desperately concerning during times of immediate crisis such as the current pandemic. Security is, therefore, a basic need and one that will need to be addressed by leaders to remediate the gap between the cyber haves and have-nots. Doing so will be of paramount importance to the future of the Fourth Industrial Revolution and the wellbeing of the social fabric in which we live.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Syria’s groundbreaking constitutional talks: ‘a clear success of mediation’ says Guterres in Turkey

10 million Yemenis ‘one step away from famine’, UN food relief agency calls for ‘unhindered access’ to frontline regions

“911, What’s your emergency?”

Nearly a third of the globe is now on Facebook – chart of the day

Climate change is forcing 20 million people a year from their homes, Oxfam says

4 ways Africa can prepare its youth for the digital economy

Germany objects to EU Commission’s plan for a Eurozone bank deposits insurance scheme but Berlin could go along

Alcohol abuse kills three million people a year, most of them men – WHO report

2013, a Political Odyssey: What future for Italy?

This is why mental health should be a political priority

Commission welcomes European Parliament adoption of EU4Health programme

Commission welcomes agreement on the modernisation of EU export controls

7 ways to break the fast fashion habit – and save the planet

ECB again to subsidize euro area banks with more than one trillion euro

Thomas Cook bankruptcy: Better consumer and employee protection needed

MWC 2016 LIVE: Ingenu steps up efforts to build LPWA networks across the globe

Greener tourism: Greater collaboration needed to tackle rising emissions

How digital entrepreneurs will help shape the world after the COVID-19 pandemic

MEPs back plans to promote water reuse for agricultural irrigation

The ECB proposes a swift solution for SMEs’ financing

Working fewer hours makes you more efficient. Here’s the proof

COVID-19: A coordinated EU health strategy needed, say MEPs

‘BioSolar Leaves’ are better at cleaning the air than trees, say the technology’s developers

EU leaders agree to delay Brexit until 31 October

Yemen war ‘a test of our humanity’, and we’re ‘badly failing’ warns UN Children’s Fund chief

German Presidency outlines priorities to EP committees

The refugee crisis seen through the eyes of a young doctor from Turkey

EU, Latin America and the Caribbean: Partnering for prosperity, democracy, resilience and global governance

Collective action to enable sustainable growth will be critical to end tropical deforestation

Adoption of new rules to better protect children caught in cross-border parental disputes

Arrest of three Libyans wanted for grave crimes ‘would send strong and necessary message’ to victims, urges top Prosecutor

State aid: Commission approves around €36 million Romanian rescue aid to state-owned flag carrier TAROM

COVID-19: from the chaos of the pandemic to the difficulties in vaccination

Ecofin: ‘The Friday battle’ for the banking union

Haiti cholera outbreak ‘stopped in its tracks’

The UK option: An overarching alternative for the whole Brexit options

Security Council gravely concerned by Ebola outbreak in DR Congo, demands immediate end to violence hampering response

Here’s how to achieve growth in the Middle East and North Africa

Civil society groups matter for Cambodia’s sustainable development: UN expert

European Institute of Innovation and Technology: Commission welcomes political agreement on strategy for 2021-2027

The von der Leyen Commission: for a Union that strives for more

Number of MEPs to be reduced after EU elections in 2019

The challenge of palliative care in universal health coverage

The world needs carbon-neutral flying. Here’s how to bring it one step closer

Facts, not fear, will stop COVID-19 – so how should we talk about it?

Concorde is a reminder that the only way for innovation is up

Parlamentarians to “break up” with reality in the Google antitrust case

Implementation of tax transparency initiative delivering concrete and impressive results

The world has made spectacular progress in every measure of well-being. So why does almost no one know about it?

EU guidance on the handling of visa applications from residents of Ukraine’s Donetsk and Luhansk regions

MEPs to prioritise environment and climate action in next long-term budget

GDP growth slows in most G20 economies in third quarter of 2019

This is why retail is such a sore point in India-US trade relations

Khashoggi murder trials must public and meet international standards, UN expert urges

UN chief seeking ‘renewed commitment’ to global rules and values, as world leaders head to New York

Agriculture and Fisheries Council

A reality check on inclusive innovation

Austerity lovers to put a break on Renzi’s growth vision for Europe? the Sting reports live from World Economic Forum 2015 in Davos

This man is turning cities into giant sponges to save lives

4 key trends on how COVID has impacted women in business

More Stings?

Trackbacks

  1. […] How COVID-19 shows the urgent need to address the cyber poverty gap — The European Sting – C… […]

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s