How COVID-19 shows the urgent need to address the cyber poverty gap

cyber security

(Philipp Katzenberger, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: William Dixon, Head of Operations, Centre for Cybersecurity, World Economic Forum & David Balson, Director of Intelligence, Ripjar


  • Responding to the COVID-19 pandemic requires secure vital services, networks and capabilities.
  • Yet recent cyberattacks against organizations including the World Health Organization reveal a cyber poverty gap between those that are prepared and those that are not.
  • Solutions include adopting next-generation technology and focusing on skills development.

The need for vital services, networks and national capabilities to continue to function without interruption has never been more stark. The global response to the COVID-19 pandemic is without precedent and is testing the limits of our ability to communicate, understand the situation and react appropriately.

One such vital piece of our global response, the World Health Organization (WHO), was widely reported to have been the target of a malicious cyberattack at the very time when it is critical to the global response and a key component of our collective resilience.

Especially during a crisis, it is paramount to maintain the underlying digital infrastructure of our social fabric. However, globally we are now at risk of being exposed to a cybersecurity poverty gap, in which the essential security capabilities, skills and services are priced beyond the means of those who need it in the key industries and services we are collectively reliant on.

What is the World Economic Forum doing about the coronavirus outbreak?

A new strain of Coronavirus, COVID 19, is spreading around the world, causing deaths and major disruption to the global economy.

Responding to this crisis requires global cooperation among governments, international organizations and the business community, which is at the centre of the World Economic Forum’s mission as the International Organization for Public-Private Cooperation.

The Forum has created the COVID Action Platform, a global platform to convene the business community for collective action, protect people’s livelihoods and facilitate business continuity, and mobilize support for the COVID-19 response. The platform is created with the support of the World Health Organization and is open to all businesses and industry groups, as well as other stakeholders, aiming to integrate and inform joint action.

As an organization, the Forum has a track record of supporting efforts to contain epidemics. In 2017, at our Annual Meeting, the Coalition for Epidemic Preparedness Innovations (CEPI) was launched – bringing together experts from government, business, health, academia and civil society to accelerate the development of vaccines. CEPI is currently supporting the race to develop a vaccine against this strand of the coronavirus.

The cyber poverty gap

The attack on the WHO is just one example of a major spike in cyber activity impacting critical services. In the Czech Republic, a cyberattack against one of the COVID-19 testing hospitals has taken it offline, forcing all the patients to be relocated and disrupting testing at a critical time. It is also alleged that cybercriminals recently launched an attack on the US Department of Health and Human Services in an attempt to slow down its response.

At this time of unprecedented reliance on digital services, infrastructure and the need for reliable information, cybersecurity has never been more important. While most of society sees the pandemic as a time for collective action, criminals have launched spear-phishing attacks imitating the WHO and Centers for Disease Control and Prevention (CDC), ultimately using the context of the pandemic to spread malware and ransomware as well as launch fraudulent websites that prey on users intent on helping others.

For the past decade, security has been driven by a major principle: those who invest the most are the best protected. But in areas such as healthcare, retail and local government services the last few weeks have indicated that the market falls short of what is needed to build collective resilience at a time of crisis.

 

Despite global spending on cybersecurity reaching more than $100 billion dollars a year, breaches and disruptions are a daily fact of life. The market is failing to create commoditization of cybersecurity and vulnerable businesses are paying the price. The healthcare sector is particularly vulnerable, with Crowdstrike reporting more targeted intrusions than defence, aerospace and manufacturing.

With the cost of procuring security systems and controls rising, and the skills needed to properly administer and implement these systems in short supply, it is likely that the networks with the greatest need in healthcare, social welfare or the complex ecosystem of supply chains that underpins them are still fundamentally ill-prepared from the threat of cyberattacks.

There are three ways that leaderships can address this cyber poverty gap:

1. Incentivise the adoption of next-generation defence.

Now is the time to deploy the full promise of the Fourth Industrial Revolution and expand the use of advanced security automation capabilities, including machine learning and artificial intelligence. This includes smart automation that can take complex security workflows, shared intelligence and knowledge of adversary behaviour, and respond to potential risks at machine speed entirely without human intervention. This will enable us to scale our collective response and dramatically drive down the cost of security to make it more accessible.

Scale of cyberattacks
Scale of cyberattacks
Image: World Economic Forum

Companies that are already offering free access to cybersecurity solutions during this time of crisis will be able to take advantage of a new automation economy and cheaper, faster and more scalable products that allow a vastly wider pool of customers across the supply chain – including logistics, transport and manufacturing – to gain access to vital capabilities and service offerings.

Upstream, automation is already playing a crucial role in scaling the response to the cyber threat. The UK’s “Active Cyber Defence” programme and work like Microsoft’s recent Necurs takedown aim at the strategic level to automatically take down or block tens of thousands of malicious websites and spearphishing attacks before they have had even had a chance to be utilised, with all users downstream benefiting from increased protection.

2. Accelerate skills development.

With a widening global cyber skills gap of 4 million, vulnerable sectors are falling far behind. When the UK’s NHS was impacted by the Wannacry outbreak, the subsequent investigation indicated that some of the UK’s biggest health trusts “did not have any” qualified cybersecurity professionals.

Addressing the cyber poverty gap will need bold leadership. Leaders drive the adoption and value of new technology and innovations, adopt the right governance models and deploy strategies across an entire business ecosystem. In critical industries such as healthcare, hospitals often run at a loss with small operating margins, yet the average salary of a Chief Information Security Officer is now over $200,000. To address this we need to incentivize and accelerate a much larger talent pool and new ecosystem given these skills will be the potential key workers of future crises.

This future leadership will be built by novel initiatives such as the Atlantic Council’s Cyber 9/12 challenge, a global competition which has encouraged hundreds of young people across Europe, US and Australia to pursue cyber policy and leadership roles in cybersecurity and the wider ecosystem. Developing future frameworks to develop leaders will be essential if the industry is to create new mass-market business models and not just boutique services.

3. Address market imbalances.

One of the strategic issues will be how the market adjusts itself to address the cyber poverty gap, and we can look to the healthcare industry for inspiration.

In the aftermath of World War II, the UK quickly established a nationalised health service. Its visionary founder Aneurin Bevan summarised its underlying philosophy in terms of the balance between rich and poor – “the essence of a satisfactory health service is that the rich and the poor are treated alike, that poverty is not a disability, and wealth is not advantaged.”

The coronavirus does not care about the wealth of those it infects, and the same can be said of cyberattacks. Only by working together will society find ways of containing their spread and reducing their impact. It may take a cyber version of the NHS to realign priorities of industry to realise the collective good, and ensure – as Bevan put it – that illness should not be an offense for which people should be penalised and the cost should be burdened by the community.

Governments around the world are already addressing these imbalances. The UK’s Department for Digital, Culture, Media and Sport allows organisations such as charities and training companies to take on grants of up to £100,000 in order to more quickly scale up skills in areas that need it most, but we now need to work on how these initiatives work on a global scale.

The integrity of cyberspace is a critical element of our collective resilience and desperately concerning during times of immediate crisis such as the current pandemic. Security is, therefore, a basic need and one that will need to be addressed by leaders to remediate the gap between the cyber haves and have-nots. Doing so will be of paramount importance to the future of the Fourth Industrial Revolution and the wellbeing of the social fabric in which we live.

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

What just happened? 5 themes from the COP24 climate talks in Poland

WEF Davos 2016 LIVE: “It is the implementation, Stupid!”, German Finance Minister Wolfgang Schaueble points the finger to Greece from Davos

EU approves €100 million for the post-earthquake reconstruction in Albania

Joint press release: Republic of Korea – EU Leaders’ video conference meeting

1st Exclusive High Level Dialogue: China-EU Cybersecurity and 5G Cooperation

Is South Korea set to lose from its FTA with the EU?

The impossible end of the war in Syria

UN chief outlines ‘intertwined challenges’ of climate change, ocean health facing Pacific nations on the ‘frontline’

New research reveals the true extent of corruption in fisheries

The world’s coastal cities are going under. Here’s how some are fighting back

Renewed pressures on Berlin to adopt growth policies

A 550 km-long mass of rotting seaweed is heading for Mexico’s pristine beaches

Women in Switzerland have gone on strike – this is why

Mental health of health professionals: the alter ego

Charlotte in Ghana

Estonia is making public transport free

Protection of transported animals: Parliament establishes inquiry committee

The European Sting @ Mobile World Congress 2014, Creating What’s Next for the World. Can EU Policy follow?

CHINA: five letters that could mean…

A Year in China

ISIL’s ‘legacy of terror’ in Iraq: UN verifies over 200 mass graves

Is Germany’s political landscape becoming a breeding ground for extremism?

Nordic noir: The unhappiness epidemic affecting young people in the world’s happiest countries

Banks cannot die but can be fined

Cyprus President urges collective leadership to address ‘root causes’ of world’s crises

St Patrick’s Day during a pandemic – how people celebrated this year

5 of the world’s deadliest infectious diseases

These charts show where the world’s refugees came from in 2017 – and where they’re heading

Mobility in 2020: a female perspective

The EU has to prove it can remain one piece

How close is Eurozone to a new recession which may trigger formidable developments?

Bangladesh: Head of UN refugee agency calls on Asia-Pacific leaders to show ‘solidarity’ with Rohingya refugees

What changes in the EU as from today

Coronavirus could trigger a hunger pandemic – unless urgent action is taken

Free movement of services: Commission takes further action to ensure a well-functioning Single Market for professionals

More children killed by unsafe water, than bullets, says UNICEF chief

Don’t believe the hype: offices are here to stay

Time to act together: Von der Leyen at the European Parliament July plenary

Security Council must ‘come together’ to address the plight of children trapped in armed conflict, says UN envoy

Mali: Presidential elections critical to consolidate democracy, says UN peacekeeping chief

MWC 2016 LIVE: BT chief aims to be at UK 5G forefront

Spanish and Polish voters are crying out for an imminent European change while US urge now Germany to change route

Politicization of migrant ‘crisis’ in Hungary making them scapegoats, independent UN human rights expert warns

Greater investment in family-friendly policies critical to support breastfeeding – UNICEF

Remittances could fall by $100 billion because of COVID-19 – here’s why that matters

Four lessons for a successful switch to value-based healthcare

These coastal countries are sinking the fastest

Scientists can lead the fight against fake news

To hope or doubt? The state of women’s progress in the world

Sudan: Health challenges in the Sustainable Development Goals era

Decades of progress ‘can be wiped out overnight,’ UN chief laments at climate session in Yokohama

EU Presidents lay out priorities for future of Europe

The Catcher in the Rice

The right approach to addressing overcapacity problem from a Chinese perspective

A Europe that protects: Continued efforts needed on security priorities

What do the economic woes of Turkey, Argentina and Indonesia have in common?

Women’s work faces the greatest risk of automation, says new research

Clamp down on illegal trade in pets, urge Public Health Committee MEPs

Responsible Artificial Intelligence

Aung San Suu Kyi defends Myanmar from accusations of genocide, at top UN court

More Stings?

Advertising

Trackbacks

  1. […] How COVID-19 shows the urgent need to address the cyber poverty gap — The European Sting – C… […]

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s