World Economic Forum: ‘Cybersecurity is a responsibility we must all take on’

To achieve a “truly protected digital world,” Cybersecurity must be built-in to every product and system – but, says The World Economic Forum in a new blog post, four challenges for business leaders need to be overcome.

The context here, it says, is that, Cybersecurity cannot be an add-on, but rather “must be built into every product and system from the moment it is conceived”.

The challenges, then, are the need to make real-time information sharing a reality, promote widespread Cyber collaboration, the creation and promotion of a “common vision for integrated Cybersecurity” and promoting the right technology platform to make this work.

On the first point, real-time information sharing, the group says that speed is fundamental to an effective cybersecurity strategy. As a result, our security systems must keep up with the increasing speed and volume of Internet traffic:

“To act fast, we must share threat information in near real-time. Cybercrime has no borders. In a world that is so deeply interconnected by digital technology, cybersecurity and global security are the same thing. No single organization, public or private, can have a complete view of the entire cyber landscape.

“Senior leadership must insist organizations share information to put the pieces of the puzzle together. Otherwise, we will be flying blind.”

By the same token, effective Cybersecurity must be deeply and widely collaborative, it posits: “Collaboration enables the good guys to create a hive mind, to learn rapidly, constantly expanding our competency and capacity… Wide collaboration means including everyone in a broader conversation about cybersecurity [while] deep collaboration means making everyone smarter and creating knowledge repositories that are part of our operational systems.”

To create and promote a common vision for integrated cybersecurity, the post goes on, public and private sector leaders must commit to creating a common vision for integrated cybersecurity – “something akin to NATO, which is based on clearly defined fundamental principles”.

Finally, when it comes to “promoting the technology platform we need to make this work”, the Forum says that, “Cybersecurity was not part of the design of most of the world’s current infrastructure. This must change.

“Making Cybersecurity work requires computing power. From now on, most products, devices and infrastructure should have this additional computing power designed in. Furthermore, the cybersecurity capabilities inside the devices must fit into an integrated platform that distributes workloads over the layers of a system.”

An example of what this might mean in reality is security-driven networking, which changes traditional assumptions of networking, says the post. So instead of looking only for the fastest path, security-driven networking takes the risk of each path into account and moves traffic over the fastest safe path. “To make this work, the networking devices all need to share information about the speed and the risk of each network path,” it points out.

The post concludes by observing that, “Given these four challenges, it is only once we have true integration, both across national and geographic borders, and also within our own businesses, that cybersecurity will achieve its full potential of creating a truly protected world… Regardless of industry, vertical market, and geography, industry and government leaders have a responsibility to guide us toward a safer world.

“In a climate permeated by lack of trust and poor cooperation between established industry leaders, the only winners are cybercriminals… Cybersecurity is a responsibility we must all take on.”