Tuesday

26th Jul 2016

Opinion

Cyber security: public problem, private answers

  • The EU should support cyber-security start-ups (Photo: European Commission)

Each day the number of cyber attacks against individuals, corporations and government entities grow. As the profile of attackers rises above the nerd in a garage pay grade, the attacks become more vicious, pervasive and money/power oriented.

Policy makers everywhere are looking for viable structures to defend their people and economies.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

In Europe we are seeing a network of "Computer emergency response teams" being set up with pan-European exercises taking place. This comes hot on the heels of US President Barack Obama’s national cyber security strategy. Both sides of the pond are engaged in a dialogue politically - via the EU-US working group on cyber security and cyber crime (May 2011) and militarily, with Nato putting in place its own cyber army to ensure the 2007 attacks on Estonia do not happen elsewhere.

So far, the cornerstones are there but the walls have yet to come up. Safe to assume that all of this will cost millions to taxpayers.

Let’s pause here for a moment and consider a few recent appointments in the US. In 2009 US homeland security advisory council appoints Jeff Moss, founder of the Black Hat and Def Con hacker and security conferences. In 2010, the Federal Trade Commission appoints Ed Felton as its first chief technologist. And earlier this year, the Internet Corporation for Assigned Names and Numbers (Icann) appoints ex-hacker Jeff Moss as chief security officer.

The appointment of hackers to these posts makes sense. If you want to avoid a robbery, a professional robber is perhaps your best counsel. Franklin Roosevelt had already put this lesson to good use when appointing wheel-dealer Joe Kennedy (JFK's father) as first Chairman of the Securities and Exchange Commission. Joe Kennedy knew how to play the system and used his knowledge to make it (until recently) one of the most respected bodies in the US. He was the perfect choice. Can we say the same of the military and public administrations when it comes to cyber security?

If we need help, we can’t turn our backs on tech entrepreneurs. Many small and medium-sized enterprises (SMEs) are developing the next generation of cyber security solutions and Europe may lose out by enacting cyber security-related regulation that may hinder the kind of innovation we need to protect ourselves.

Hacking techniques continually evolve. New worms, malware, phishing techniques and predatory programmes are born every day. Only those at the forefront of innovation can keep pace. Europe has to give itself the means to fight this new intangible enemy and to do so, it must use its best suited troops: those that are developing the next generation of cyber security solutions, innovative SMEs.

This is a great chance for the EU to leverage this brain power whilst at the same time investing in its SME network. The cyber issue should be approached like a threat to the commons – man-made in its origin and man-dependent on its resolution. Public responses to climate change have wielded growth in many industries such as the creation of a massive solar industry in Germany, largely supported by a string of innovative SMEs.

We need to think about cyber security in that way. While public money is indispensable to boost and coordinate a new agile and effective security solutions industry, the responsibility for developing these solutions should lie in the hands of those that are closest to the problem. As such, the EU should consider giving a wider role to SMEs in terms of research and implementation.

The EU has already taken some good steps by putting in place a number of research credits towards resilience and security programmes. To make sure this turns into a virtuous economic cycle, EU policy recommendations on cyber security should start incorporating SMEs in day-to-day activities in order to tap into their knowledge base and fuel what may become the blue fields of a rich and versatile EU economy.

The writer is the head of the Association for Competitive Technology, a Brussels-based non-profit association focusing on the interests of small and mid-size entrepreneurial technology companies.

Column / Brexit Briefing

Brexit plans missing in action

The Brexit referendum has created an almighty political and economic mess, with little sign of a British or EU plan to clean things up.

Opinion

Brexit seed was planted in 2004

The clause allowing a member state to leave the EU was introduced at a time of prosperity. EU leaders should not repeat the mistake and use the crisis to reinforce eurozone membership.

Stakeholders' Highlights

  1. Belgrade Security ForumMigration, Security and Solidarity within Global Disorder: Academic Event 2016
  2. GoogleHow Google Fights Piracy: Creating Value While Fighting Piracy
  3. EJC"My Visit to Israel" - Opinion by MEP Lopez Aguilar, Chair of the EP Working Group on Antisemitism
  4. World VisionChildren Migrating, Out of School and at Work as Hunger Deepens in Southern Africa
  5. European Healthy Lifestyle AllianceStand-Up (and Exercise) to Prevent Chronic Diseases
  6. Centre Maurits CoppietersLaunches a Real-time News Hub Specialised in EU Stakeholders
  7. Dialogue PlatformFethullah Gulen Calls for International Probe Into Turkey Coup Allegations
  8. GoogleEU-US Privacy Shield: Restoring Faith in Data Flows and Transatlantic Relations
  9. World VisionWorld Leaders & Youth Advocates Launch Partnership to End Violence Vs. Children
  10. Counter BalanceReport: Institutionalised Corruption in Romania's Third Largest Company
  11. Access NowEuropol Supports Encryption. We Can Relax Now… Right?
  12. GoogleLearn about Google's projects across Europe on Twitter @GoogleBrussels