How COVID-19 shows the urgent need to address the cyber poverty gap

cyber security

(Philipp Katzenberger, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: William Dixon, Head of Operations, Centre for Cybersecurity, World Economic Forum & David Balson, Director of Intelligence, Ripjar


  • Responding to the COVID-19 pandemic requires secure vital services, networks and capabilities.
  • Yet recent cyberattacks against organizations including the World Health Organization reveal a cyber poverty gap between those that are prepared and those that are not.
  • Solutions include adopting next-generation technology and focusing on skills development.

The need for vital services, networks and national capabilities to continue to function without interruption has never been more stark. The global response to the COVID-19 pandemic is without precedent and is testing the limits of our ability to communicate, understand the situation and react appropriately.

One such vital piece of our global response, the World Health Organization (WHO), was widely reported to have been the target of a malicious cyberattack at the very time when it is critical to the global response and a key component of our collective resilience.

Especially during a crisis, it is paramount to maintain the underlying digital infrastructure of our social fabric. However, globally we are now at risk of being exposed to a cybersecurity poverty gap, in which the essential security capabilities, skills and services are priced beyond the means of those who need it in the key industries and services we are collectively reliant on.

What is the World Economic Forum doing about the coronavirus outbreak?

A new strain of Coronavirus, COVID 19, is spreading around the world, causing deaths and major disruption to the global economy.

Responding to this crisis requires global cooperation among governments, international organizations and the business community, which is at the centre of the World Economic Forum’s mission as the International Organization for Public-Private Cooperation.

The Forum has created the COVID Action Platform, a global platform to convene the business community for collective action, protect people’s livelihoods and facilitate business continuity, and mobilize support for the COVID-19 response. The platform is created with the support of the World Health Organization and is open to all businesses and industry groups, as well as other stakeholders, aiming to integrate and inform joint action.

As an organization, the Forum has a track record of supporting efforts to contain epidemics. In 2017, at our Annual Meeting, the Coalition for Epidemic Preparedness Innovations (CEPI) was launched – bringing together experts from government, business, health, academia and civil society to accelerate the development of vaccines. CEPI is currently supporting the race to develop a vaccine against this strand of the coronavirus.

The cyber poverty gap

The attack on the WHO is just one example of a major spike in cyber activity impacting critical services. In the Czech Republic, a cyberattack against one of the COVID-19 testing hospitals has taken it offline, forcing all the patients to be relocated and disrupting testing at a critical time. It is also alleged that cybercriminals recently launched an attack on the US Department of Health and Human Services in an attempt to slow down its response.

At this time of unprecedented reliance on digital services, infrastructure and the need for reliable information, cybersecurity has never been more important. While most of society sees the pandemic as a time for collective action, criminals have launched spear-phishing attacks imitating the WHO and Centers for Disease Control and Prevention (CDC), ultimately using the context of the pandemic to spread malware and ransomware as well as launch fraudulent websites that prey on users intent on helping others.

For the past decade, security has been driven by a major principle: those who invest the most are the best protected. But in areas such as healthcare, retail and local government services the last few weeks have indicated that the market falls short of what is needed to build collective resilience at a time of crisis.

 

Despite global spending on cybersecurity reaching more than $100 billion dollars a year, breaches and disruptions are a daily fact of life. The market is failing to create commoditization of cybersecurity and vulnerable businesses are paying the price. The healthcare sector is particularly vulnerable, with Crowdstrike reporting more targeted intrusions than defence, aerospace and manufacturing.

With the cost of procuring security systems and controls rising, and the skills needed to properly administer and implement these systems in short supply, it is likely that the networks with the greatest need in healthcare, social welfare or the complex ecosystem of supply chains that underpins them are still fundamentally ill-prepared from the threat of cyberattacks.

There are three ways that leaderships can address this cyber poverty gap:

1. Incentivise the adoption of next-generation defence.

Now is the time to deploy the full promise of the Fourth Industrial Revolution and expand the use of advanced security automation capabilities, including machine learning and artificial intelligence. This includes smart automation that can take complex security workflows, shared intelligence and knowledge of adversary behaviour, and respond to potential risks at machine speed entirely without human intervention. This will enable us to scale our collective response and dramatically drive down the cost of security to make it more accessible.

Scale of cyberattacks
Scale of cyberattacks
Image: World Economic Forum

Companies that are already offering free access to cybersecurity solutions during this time of crisis will be able to take advantage of a new automation economy and cheaper, faster and more scalable products that allow a vastly wider pool of customers across the supply chain – including logistics, transport and manufacturing – to gain access to vital capabilities and service offerings.

Upstream, automation is already playing a crucial role in scaling the response to the cyber threat. The UK’s “Active Cyber Defence” programme and work like Microsoft’s recent Necurs takedown aim at the strategic level to automatically take down or block tens of thousands of malicious websites and spearphishing attacks before they have had even had a chance to be utilised, with all users downstream benefiting from increased protection.

2. Accelerate skills development.

With a widening global cyber skills gap of 4 million, vulnerable sectors are falling far behind. When the UK’s NHS was impacted by the Wannacry outbreak, the subsequent investigation indicated that some of the UK’s biggest health trusts “did not have any” qualified cybersecurity professionals.

Addressing the cyber poverty gap will need bold leadership. Leaders drive the adoption and value of new technology and innovations, adopt the right governance models and deploy strategies across an entire business ecosystem. In critical industries such as healthcare, hospitals often run at a loss with small operating margins, yet the average salary of a Chief Information Security Officer is now over $200,000. To address this we need to incentivize and accelerate a much larger talent pool and new ecosystem given these skills will be the potential key workers of future crises.

This future leadership will be built by novel initiatives such as the Atlantic Council’s Cyber 9/12 challenge, a global competition which has encouraged hundreds of young people across Europe, US and Australia to pursue cyber policy and leadership roles in cybersecurity and the wider ecosystem. Developing future frameworks to develop leaders will be essential if the industry is to create new mass-market business models and not just boutique services.

3. Address market imbalances.

One of the strategic issues will be how the market adjusts itself to address the cyber poverty gap, and we can look to the healthcare industry for inspiration.

In the aftermath of World War II, the UK quickly established a nationalised health service. Its visionary founder Aneurin Bevan summarised its underlying philosophy in terms of the balance between rich and poor – “the essence of a satisfactory health service is that the rich and the poor are treated alike, that poverty is not a disability, and wealth is not advantaged.”

The coronavirus does not care about the wealth of those it infects, and the same can be said of cyberattacks. Only by working together will society find ways of containing their spread and reducing their impact. It may take a cyber version of the NHS to realign priorities of industry to realise the collective good, and ensure – as Bevan put it – that illness should not be an offense for which people should be penalised and the cost should be burdened by the community.

Governments around the world are already addressing these imbalances. The UK’s Department for Digital, Culture, Media and Sport allows organisations such as charities and training companies to take on grants of up to £100,000 in order to more quickly scale up skills in areas that need it most, but we now need to work on how these initiatives work on a global scale.

The integrity of cyberspace is a critical element of our collective resilience and desperately concerning during times of immediate crisis such as the current pandemic. Security is, therefore, a basic need and one that will need to be addressed by leaders to remediate the gap between the cyber haves and have-nots. Doing so will be of paramount importance to the future of the Fourth Industrial Revolution and the wellbeing of the social fabric in which we live.

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

What we need for a better European Solidarity Corps

Main results of Environment Council of 09 October 2018

EU to scrutinise foreign direct investment more closely

Yemen war: UN-backed talks to silence the guns due to begin in Stockholm

Galileo and EGNOS programmes back in orbit powered with €70 billion

80 adolescents a day will still die of AIDS by 2030, despite slowdown in epidemic

EU-US Trade: European Commission endorses rebalancing duties on US products

Tanzania’s Dual Burden

In Mozambique, it’s ‘a matter of the heart’ says Guterres, lauding the cyclone-struck nation’s ‘undeniable moral authority’

Forty-two countries adopt new OECD Principles on Artificial Intelligence

Eliminating hepatitis calls for ‘bold political leadership, with investments to match,’ UN health chief says

Peacekeeping: A ‘great opportunity’ to develop professionally and personally

EU job-search aid worth €2 million for 500 former shipbuilding workers in Spain

The gender gap of medicine in 2018

Scientists are growing meat on blades of grass

These cities score an ‘A’ for environmental action – but hundreds more are falling behind

The world needs a circular economy. Help us make it happen

3 trends that will transform the energy industry

Somalia: UN congratulates Puntland region’s newly-elected President

Climate change is a security threat. We must act now

How powering food storage could end hunger

This Netherlands football stadium creates its own energy and stores it in electric car batteries

Tourism offers much to the EU gets a little

Peace in the Gulf ‘at a critical juncture’ says DiCarlo, urging continuation of Iran nuclear deal

Next six months crucial for the EU, says von der Leyen at the start of the German Presidency of the Council of the EU

Russia must urgently step up fight against foreign bribery

UN forum spotlights cities, where struggle for sustainability ‘will be won or lost’

Corruption thwarts attempts to build a better world and ‘must be fought by all, for all’

How to make primary healthcare a favourable career choice for medical students: Strategies and reflections

UN chief hails victory of ‘political will’ in historic Republic of North Macedonia accord

The Amazon is reaching a dangerous tipping-point. We need to scale solutions now if we have any chance of saving it

Developing countries should not be liable for emissions ‘accumulated throughout history’, key UN development forum hears

Green Deal: Coal and other carbon-intensive regions and the Commission launch the European Just Transition Platform

Coronavirus update: UN addresses school disruptions, suspends public access to New York Headquarters

First Western Sahara talks at UN in six years, begin in Geneva

With millions of girls ‘at risk’ today of genital mutilation, UN chief calls for zero tolerance

Historian Niall Ferguson on what the pandemic means for the global economy, geopolitics – and parties

Trade barriers are slowing plastic-pollution action. Here’s how to fix it

Italy’s dilemma after Merkel-Hollande agreed loose banking union

EU: All economic indicators in free fall

Immigration crisis at its very worst: EU to outsource rescue business to North Africa?

Paradise islands of Pacific increasingly vulnerable to climate change, as UN boosts resilience

CEOs say these 4 factors will shape business in 2020

How Google is fighting fire with real-time mapping data

This new initiative aims to make cybercrime harder – and riskier – to commit

As conflicts become more complex, ‘mediation is no longer an option; it is a necessity’, UN chief tells Security Council

Marco Polo’s Dream

BRICS’ New Development Bank turns four: what has it achieved?

The Great Reset and digital trust: 3 lessons on digital tools from the COVID-19 crisis

This is how many people are forcibly displaced worldwide

European Parliament gives green light to Christine Lagarde

Upgraded EU visa information database to increase security at external borders

Is the ECB enforcing the will of the big Eurozone member states on the small? Can the euro area live with that?

EU budget: Commission proposes to increase funding to support the environment and climate action

UN forum to explore use of outer space to improve lives, protect planet

Beyond self-regulation: dealing with Europe’s consumption problem

Factory workers are facing a mental health crisis. Here’s how to respond

The Greta effect? Why businesses are more committed to climate action in 2020

Parenting in the time of COVID-19? Consider these 6 tips from the WHO

To all far-right partisans who exploit Charlie Hebdo atrocity: a peaceful reply given by a peaceful student

More Stings?

Advertising

Trackbacks

  1. […] How COVID-19 shows the urgent need to address the cyber poverty gap — The European Sting – C… […]

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s