Cyberattacks are one of the top 10 global risks of highest concern in the next decade, with an estimated price tag of $90 trillion if cybersecurity efforts do not keep pace with technological change. While there is abundant guidance in the cybersecurity community, the application of prescribed action continues to fall short of what is required to ensure effective defence against cyberattacks. The challenges created by accelerating technological innovation have reached new levels of complexity and scale – today responsibility for cybersecurity in organizations is no longer one Chief Security Officer’s job, it involves everyone.
The Cybersecurity Guide for Leaders in Today’s Digital World was developed by the World Economic Forum Centre for Cybersecurity and several of its partners to assist the growing number of C-suite executives responsible for setting and implementing the strategy and governance of cybersecurity and resilience. The guide bridges the gap between leaders with and without technical backgrounds. Following almost one year of research, it outlines 10 tenets that describe how cyber resilience in the digital age can be formed through effective leadership and design.
“With effective cyber-risk management, business executives can achieve smarter, faster and more connected futures, driving business growth,” said Georges De Moura, Head of Industry Solutions, Centre for Cybersecurity, World Economic Forum. “From the steps necessary to think more like a business leader and develop better standards of cyber hygiene, through to the essential elements of crisis management, the report offers an excellent cybersecurity playbook for leaders in public and private sectors.”
“Practicing good cybersecurity is everyone’s responsibility, even if you don’t have the word “security” in your job title,” said Paige H. Adams, Global Chief Information Security Officer, Zurich Insurance Group. “This report provides a practical guide with ten basic tenets for business leaders to incorporate into their company’s day-to-day operations. Diligent application of these tenets and making them a part of your corporate culture will go a long way toward reducing risk and increasing cyber resilience.”
“The recommendation to foster internal and external partnerships is one of the most important, in my view,” said Sir Rob Wainwright, Senior Cyber Partner, Deloitte. “The dynamic nature of the threat, not least in terms of how it reflects the recent growth of an integrated criminal economy, calls on us to build a better global architecture of cyber cooperation. Such cooperation should include more effective platforms for information sharing within and across industries, releasing the benefits of data integration and analytics to build better levels of threat awareness and response capability for all.”
The Ten Tenets
1. Think Like a Business Leader – Cybersecurity leaders are business leaders first and foremost. They have to position themselves, teams and operations as business enablers. Transforming cybersecurity from a support function into a business-enabling function requires a broader view and a stronger communication skill set than was required previously.
2. Foster Internal and External Partnerships – Cybersecurity is a team sport. Today, information security teams need to partner with many internal groups and develop a shared vision, objectives and KPIs to ensure that timelines are met while delivering a highly secure and usable product to customers.
3. Build and Practice Strong Cyber Hygiene – Five core security principles are crucial: a clear understanding of the data supply chain, a strong patching strategy, organization-wide authentication, a secure active directory of contacts, and encrypted critical business processes.
4. Protect Access to Mission-Critical Assets – Not all user access is created equal. It is essential to have strong processes and automated systems in place to ensure appropriate access rights and approval mechanisms.
5. Protect Your Email Domain Against Phishing – Email is the most common point of entry for cyber attackers, with the median company receiving over 90% of their detected malware via this channel. The guide highlights six ways to protect employees’ emails.
6. Apply a Zero-Trust Approach to Securing Your Supply Chain – The high velocity of new applications developed alongside the adoption of open source and cloud platforms is unprecedented. Security-by-design practices must be embedded in the full lifecycle of the project.
7. Prevent, Monitor and Respond to Cyber Threats – The question is not if, but when a significant breach will occur. How well a company manages this inevitability is ultimately critical. Threat intelligence teams should perform proactive hunts throughout the organization’s infrastructure and keep the detection teams up to date on the latest trends.
8. Develop and Practice a Comprehensive Crisis Management Plan – Many organizations focus primarily on how to prevent and defend while not focusing enough on institutionalizing the playbook of crisis management. The guide outlines 12 vital components any company’s crisis plan should incorporate.
9. Build a Robust Disaster Recovery Plan for Cyberattacks – A disaster recovery and continuity plan must be tailored to security incident scenarios to protect an organization from cyberattacks and to instruct on how to react in case of a data breach. Furthermore, it can reduce the amount of time it takes to identify breaches and restore critical services for the business.
10. Create a Culture of Cybersecurity – Keeping an organization secure is every employee’s job. Tailoring trainings, incentivizing employees, building elementary security knowledge and enforcing sanctions on repeat offenders could aid thedevelopment of a culture of cybersecurity.
In the Fourth Industrial Revolution, all businesses are undergoing transformative digitalization of their industries that will open new markets. Cybersecurity leaders need to take a stronger and more strategic leadership role. Inherent to this new role is the imperative to move beyond the role of compliance monitors and enforcers.
Cybersecurity depends on the user
Businesses and pharmaceutical companies have become prime targets for cyber criminals. For many employees switching to work from home has made them more vulnerable to cyber attacks. Amid the continuing coronavirus pandemic the focus is shifting on digital hygiene and training. These are top issues outlined by the participants of a round table which took place at TASS Press Center under the title “Cybersecurity: new threats and protection against them”.
At present, a large number of high-tech medical equipment is connected to the Internet. Given that medical institutions are not used to new threats, they often fall prey to cyber criminals. At times, hospitals have to pay ransom in order to restart the equipment vital for patients’ lives. The participants in the round table cited yet more tragic cases when the ambulance equipment glitch forced the driver to head for other hospitals, which means that patients in critical condition may not make it there.
Cyber threats have been haunting not only the medical industry. President of Check Point Software Technologies in Russia and CIS Vasily Diaghilev has singled out 3 key challenges in the new reality. Firstly, the decision-taking time limit has shortened considerably, — the market proved unprepared for this (unlike in the past, when months were given to elaborate decisions on cyber security, now a mere days are given to do so). Secondly, the criminal groups which had to go online as well, were provided with new financing to “work” in the cyber sphere. Thirdly, user vulnerability went up due to a wide variety of hacking methods.
Alexei Novikov, Director of Security at Positive Technologies, disagrees with such a view. The transition to online work has increased the number of vulnerabilities making it possible for the criminals to find new loops. Hence cyber security has come to depend on the competence of particular individuals. Earlier, information security was guaranteed “along the perimeter of corporate network”. Now, when practically everyone is working from home, family members have got access to the data too. In addition, employees often connect their personal “smart devices” of the Internet of things to their corporate networks.
Experts who took part in the round table provided specific recommendations as to how to boost digital security. Founder and General Director of Zecurion Alexei Raevsky warned companies which are not supposed to store loads of data against doing so. Alexei Raevsky described all the data (for example, for electronic passes), which they collect on a regular basis in the conditions of a quarantine, as a “time bomb”. Vasily Diaghilev has urged individuals to refrain from using (and called on companies to impose restrictions on this practice on a mandatory basis) corporate passwords on external servers, in addition, he recommended coding corporate data, and in order to secure protection against destructive files, he advises to switch to the safe pdf-format in paperwork. “Info security should enter mass market as a taxi – a kind of digital security outsourcing”, — Lev Matveev, Chairman of the Board of “SearchInfoorm”, member of the Association of Software Manufacturers “Russoft”, says. Besides, he recommended including VPN-apps and services into public (free) WiFi-networks.
From our partner International Affairs
Top 10 Emerging Technologies to Watch in 2020
From virtual patients to pain-free needles, synthesizing whole-genomes, and digital medicine, these top 10 emerging technologies are transforming our post-COVID-19 lives. An international steering group of experts singled out these and other emerging technologies as the ones most likely to impact the world in the next three to five years.
For example, a Swiss group was able to synthesize the entire COVID-19 genome by reproducing the genetic sequence uploaded by Chinese scientists. They were essentially teleporting the virus into their laboratory for study without waiting for physical samples. The ability to write our genome will inevitably help doctors to cure genetic diseases.
As we now move to clinical trials of a COVID-19 vaccine, virtual patients, instead of living humans, could help identify successful vaccine candidates, reduce costs, and speed up research. It would also prevent the testing of imperfect vaccine candidates on living volunteers.
While the outbreak unfolded, dozens of medical apps and bots were developed, expanding the digital medicine landscape. These apps could detect depression and provided counselling. Bots answered over 200 million inquiries about COVID symptoms and treatments. COVID-19 will continue to shape our lives, and these emerging technologies could fill the gaps created by the pandemic.
The list also includes new technologies that can help combat climate change by tackling major polluting industries. These new green technologies include innovative planes, new concrete formulations and using sunlight to power refineries.
Top 10 technologies to make the list are:
Virtual patients, instead of living humans, could make vaccine trials quicker and inexpensive. This technology would significantly reduce the number of human subjects needed for experimentation.
Microneedles for Painless Injections and Tests
These tiny needles promise pain-free injections and blood testing. Microneedles do not touch nerve endings. Since the process does not need costly equipment or a lot of training, they can be used in areas that do not normally receive cutting-edge medical technologies.
Whole-genome synthesizing will transform cell engineering. The ability to write our genome will inevitably help doctors to cure genetic diseases.
Digital medicine is a collection of apps that detect and monitor the mental and physical health of patients. These apps and bots can enhance traditional medicine and provide support to patients with limited access to healthcare.
Electric propulsion motors would eliminate direct carbon emissions. This technology could also reduce fuel costs by up to 90%, maintenance by up to 50% and noise by nearly 70%. Currently, about 170 electric airplane projects are underway.
Concrete, the most widely used human-made material, shapes much of our built world. If cement production were a country, it would be the third-largest emitter after China and the US. Researchers are working on lower-carbon approaches by changing the recipe, using different materials, and using carbon capture and storage technologies.
This approach uses sunlight to convert carbon dioxide waste into needed chemicals manufactured from fossil fuel. This approach could reduce emissions in two ways – by using unwanted gas as raw material and using sunlight as the source of energy instead of fossil fuels.
Current methods of producing hydrogen are not environmentally efficient. Green hydrogen, produced through electrolysis, has no by-product, unlike current processes. Green hydrogen could transform industries that require high-energy fuel.
“Spatial computing” will bring together raise reality apps and sensors to facilitate human-machine and machine-machine interactions to a new level. It combines these capabilities and controls objects’ movements and interactions, allowing a person to navigate the digital and physical world.
Quantum sensors enable autonomous vehicles that can “see” around corners, underwater navigation systems, early-warning systems for volcanic activity and earthquakes, and portable scanners that monitor a person’s brain activity during daily life.
Can ‘Open Science’ speed up the search for a COVID-19 vaccine? 5 things you need to know
The UN is calling for authoritative scientific information and research to be made freely available, to accelerate research into an effective vaccine against the COVID-19 virus, help counter misinformation, and “unlock the full potential of science”.
Arguing that no-one is safe until everyone is safe, the World Health Organization (WHO) has, for several months, been urging countries and scientists to collaborate, in a bid to bring the pandemic under control. This has involved the creation, alongside governments, scientists, foundations, the private sector and other partners, of a groundbreaking platform to accelerate the development of tests, treatments and vaccines.
In October, the head of the agency, Tedros Ghebreyesus Adhanom, alongside human rights chief Michelle Bachelet, and Audrey Azoulay, Director-General of science, culture and education agency UNESCO, issued a call for “Open Science”, describing it as a “fundamental matter of human rights”, and arguing for cutting-edge technologies and discoveries to be available for those who need them most.
But what exactly does Open Science mean, and why does the UN insist on making it more widespread?
1) What is ‘Open Science’?
Open Science has been described as a growing movement aimed at making the scientific process more transparent and inclusive by making scientific knowledge, methods, data and evidence freely available and accessible for everyone.
The Open Science movement has emerged from the scientific community and has rapidly spread across nations. Investors, entrepreneurs, policy makers and citizens are joining this call.
However, the agency also warns that, in the fragmented scientific and policy environment, a global understanding of the meaning, opportunities and challenges of Open Science is still missing.
2) Why is Open Science important?
Open Science facilitates scientific collaboration and the sharing of information for the benefit of science and society, creating more and better scientific knowledge, and spreading it to the wider population.
UNESCO has described Open Science as a “true game changer”: by making information widely available, more people can benefit from scientific and technological innovation.
3) Why is it needed now?
Because, in a world that is more inter-connected than ever before, many of today’s challenges do not respect political or geographic borders, and strong international scientific collaboration is essential to overcome the problems. The COVID-19 pandemic is a prime example.
We also have the tools to make it happen: with digitalization becoming ever more widespread, it is far easier than ever before to share scientific knowledge and data, which are needed to enable decisions that can lead to overcoming global challenges to be based on reliable evidence.
4) What is the impact of Open Science on the pandemic?
In this global health emergency, thanks to international collaboration, scientists have improved their understanding of the coronavirus with unprecedented speed and openness, embracing the principles of Open Science. Journals, universities, private labs, and data repositories have joined the movement, allowing open access to data and information: some 115,000 publications have released information related to the virus and the pandemic, and more than 80 per cent of them can be viewed, for free, by the general public.
Early in the pandemic, for example, Chinese scientists readily shared the genome of the virus, jumpstarting all following research into the virus, and the diagnostic testing, treatments, and vaccines that have since been developed.
Finally, the crisis has underlined the urgent need to bring science closer to decision making and to society as a whole. Fighting misinformation and promoting evidence-based decision-making, supported by well-informed citizens, has proven to be of vital importance in the fight against COVID 19.
5) What is the UN doing to promote Open Science?
To ensure that Open Science truly meets its potential, and benefits both developed and developing countries, UNESCO is taking the lead in building a global consensus on values and principles for Open Science that are relevant for every scientists and every person independently of their place of origin, gender, age or economic and social background.
The future UNESCO Recommendation on Open Science is expected to be the international instrument to set the right and just standards for Open Science globally, which fulfil the human right to science and leave no one behind.
In a statement released on World Science Day for Peace and Development, celebrated on 10 November, Ms. Azoulay said that widening the scope of Open Science will help science to “unlock its full potential”, making it more effective and diverse by “enabling anyone to contribute, but also to bring its objectives in line with the needs of society, by developing scientific literacy in an informed citizenry who take responsibility and are involved in collective decision-making”.
Future Economy: Micro-Manufacturing & Micro-Exports
Recovery now forces economies to emerge as dynamic entrepreneurial landscapes; today, the massively displaced working citizenry of the world may...
Scientific and trade cooperation between China and Africa
China was crumbling into misery, degradation and despair, in the middle of that 109-year period (1840-1949) known as the era...
The Need to Reorient New Delhi in the Indo-Pacific
Beijing’s overt expansionism in South Asia and the South China Sea (SCS) continues to threaten India’s maritime security. The rise...
EU greenhouse gas emissions fell in 2019 to the lowest level in three decades
The Commission today adopted its annual EU Climate Action Progress Report, covering the EU’s progress in cutting greenhouse gas emissions...
Global Experts To Convene Online To Discuss Values In A Post-Covid World
Leading Islamic scholars and experts from around the world, representing government and civil society will convene online to attend the...
Towards a stronger and more resilient Schengen area
The first ever Schengen Forum, convened today by the Commission, allowed for constructive exchanges towards building a stronger and more...
Urgent Action Needed for the Energy Transition in Heating and Cooling
The transition to cleaner, more sustainable heating and cooling solutions can attract investment, create millions of new jobs and help...
Diplomacy2 days ago
Europe3 days ago
Great Powers Competition in Moldova
Americas3 days ago
The Battle for the Essence of the Democratic Party
South Asia3 days ago
Status of Minorities in Pakistan
Economy2 days ago
Taxing The Super-Rich To Help The Poor
Americas2 days ago
Implications of the U.S. election on U.S.-China relations
Finance3 days ago
Sri Lanka Can Build Back Better from COVID-19 and Realize Inclusive Growth
Uncategorized3 days ago
The Urgent Need For Political Action On Climate Change In South Asia