Cyber security took the centre stage at one of the most influential platforms for discussing developments in the digital ecosystem — Global Conference on Cyberspace (GCCS) — which was hosted in India this year. The discussions ranged from the possibility of increased roles related to cyber security within governments and corporations to the ways in which countries need to collaborate to tackle the rising cyber threats. Prime Minister Narendra Modi, while inaugurating the conference last week, underscored the need for information sharing and coordination among security agencies to “counter the ever-changing threat landscape”. Others at the event echoed his argument.
“Cyberspace is all about interconnectedness. A criminal or a malicious hacker from a remote part of the world can do extreme harm to a huge number of people in a totally different place in the world hitting their critical infrastructure. We have to see that this situation is overcome. When we talk about interconnectedness, there is a compelling argument for collaboration,” Uri Rosenthal, former Dutch Minister of Foreign Affairs and Special Envoy for International Cyber Policy, Dutch Ministry of Foreign Affairs told The Indian Express on the sidelines of the GCCS. “Cyber doesn’t acknowledge territorial borders, as simple as that. On the criminal side, on the side of hostile actions by one state to another there are a lot of questions involved, and if you add to this, a typical problem at hand in the cyberspace namely the issue of attribution, it adds to the difficulties,” he added.
Rosenthal said that India and The Netherlands agreed last week to start a bilateral dialogue on cyberspace. “…when we talk about cyberspace, it’s not just a matter of inter-governmental relations but also a matter of collaboration in terms of investment from both ends in cyber technologies. Today, when we talk about economic development, it is all cyber connected,” he said.
However, Huawei Technologies’ President, Global Cyber Security & Privacy John Suffolk argued for more actions on things discussed at such conferences. “What certainly happened, happened between the first conference in London, and now, is that every conference is getting bigger. My worry about conferences in general, and this one as well, is that we can come and make a lot of speeches, but where’s the action, where’s the evidence that we’re improving things?” Suffolk highlighted, while speaking to this newspaper.
Even as he sought more actions from governments on securing the cyberspace, Suffolk did not rule out the collaboration aspect between countries when it comes to cyber security. As one of the examples of what the governments could do for strengthening the cyber guard is putting the undersea optic fibre cables into international ownership and establish gatekeepers to cleanse the entry and exit points of these cables. “Governments could agree to do that, by beginning to take out known virus signatures, identifying denial of service attacks. It might take 5-10 years for us to get there but I think we should be talking about practical things to clean the digital world that we’re relying on,” he said.
Going ahead, both Suffolk and Rosenthal agreed, as the world enters a digital domain, the relevance of securing this ecosystem has become essential. “We see some very intriguing developments in the cyberspace, which is called leapfrogging. There are some countries in Africa, for example, where the coverage and applications of the letter ‘e’ to a specific domain are more dense than in many Western countries. In countries like Tanzania, e-banking is more normal and common than in many Western countries,” Rosenthal said.
India, too, under the NDA government, has adopted a number of digital initiatives for delivery of public services. Suffolk argued that ‘Digital India’ should be ‘Clean Digital India’. However, he also pointed out that the responsibility of securing the cyberspace where one is operating, lies not only with countries at large, but also with individuals and enterprises. For this, he said, following ‘basic hygeine’ for cyberspace issues was necessary. In fact, he said that shortcomings in measures to ensure cyber security should be made “socially unacceptable”.
“If you look at the majority of the big data leaks, it is caused because of a basic hygeine issue. Wannacry is a prime example. The patch for Wannacry was available before it hit. Even in the UK, there were hospitals not applying that patch. That’s a basic hygeine issue. As we have done with drunk driving in the world, we have made it socially unacceptable, in cyber security as well, we need to make not doing basic hygeine socially unacceptable to the point that it may be role limiting or career limiting,” Suffolk said.
IN THE FUTURE
Going ahead, as countries continue to digitise, on a public level as well as a personal level, the job opportunities in the domain of cyber security is also expected to grow. During his speech at GCCS, Modi said that it needs to be ensured that “cyber protection becomes an attractive and viable career option for the youth”. Suffolk concurred with this and said that there will be greater opportunities in roles related to cyber protection, not only at the information security officer level but also for lower strata roles such as design, architecture, forensics, etc. However, with new opportunities, the future of a digitised world is also expected to bring in a number of threats. “New threats will come from the ability to aggregate vast amounts of data to identify people or groups of people, where unscrupulous people could wish to do them harm by stealing your identity, or taking loans in your name, or knowing where you live, watching when you drive to work and stealing your car,” Suffolk said. He added that while there was an active debate on the dangers of artificial intelligence, it could be assumed that AI would be embedded into a number of applications such as autonomous vehicles, robotics, and facial recognition systems at airports, etc.
“What you can assume is that if you have an algorithm, which someone can tamper, the output that you’re looking for can be corrupted. Now you’re not talking about the software, but how you can influence the algorithm, like how you can influence search results to make a certain story comes on the top. People can begin to use the technologies in ways we can never even envisage – fake news is a prime example of how you influence voters,” Suffolk pointed out.
What the PM said
* During his speech at GCCS, Prime Minister Narendra Modi said that it needs to be ensured that “cyber protection becomes an attractive and viable career option for the youth”
* Huawei Technologies’ President, Global Cyber Security & Privacy, John Suffolk concurred with this and said that there will be greater opportunities in roles related to cyber protection, not only at the information security officer level but also for lower strata roles such as design, architecture, forensics, etc. “New threats will come from the ability to aggregate vast amounts of data to identify people or groups of people, where unscrupulous people could wish to do them harm by stealing your identity, or taking loans in your name…,” Suffolk said