Thursday

25th Aug 2016

Opinion

Cyber security: public problem, private answers

  • The EU should support cyber-security start-ups (Photo: European Commission)

Each day the number of cyber attacks against individuals, corporations and government entities grow. As the profile of attackers rises above the nerd in a garage pay grade, the attacks become more vicious, pervasive and money/power oriented.

Policy makers everywhere are looking for viable structures to defend their people and economies.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

In Europe we are seeing a network of "Computer emergency response teams" being set up with pan-European exercises taking place. This comes hot on the heels of US President Barack Obama’s national cyber security strategy. Both sides of the pond are engaged in a dialogue politically - via the EU-US working group on cyber security and cyber crime (May 2011) and militarily, with Nato putting in place its own cyber army to ensure the 2007 attacks on Estonia do not happen elsewhere.

So far, the cornerstones are there but the walls have yet to come up. Safe to assume that all of this will cost millions to taxpayers.

Let’s pause here for a moment and consider a few recent appointments in the US. In 2009 US homeland security advisory council appoints Jeff Moss, founder of the Black Hat and Def Con hacker and security conferences. In 2010, the Federal Trade Commission appoints Ed Felton as its first chief technologist. And earlier this year, the Internet Corporation for Assigned Names and Numbers (Icann) appoints ex-hacker Jeff Moss as chief security officer.

The appointment of hackers to these posts makes sense. If you want to avoid a robbery, a professional robber is perhaps your best counsel. Franklin Roosevelt had already put this lesson to good use when appointing wheel-dealer Joe Kennedy (JFK's father) as first Chairman of the Securities and Exchange Commission. Joe Kennedy knew how to play the system and used his knowledge to make it (until recently) one of the most respected bodies in the US. He was the perfect choice. Can we say the same of the military and public administrations when it comes to cyber security?

If we need help, we can’t turn our backs on tech entrepreneurs. Many small and medium-sized enterprises (SMEs) are developing the next generation of cyber security solutions and Europe may lose out by enacting cyber security-related regulation that may hinder the kind of innovation we need to protect ourselves.

Hacking techniques continually evolve. New worms, malware, phishing techniques and predatory programmes are born every day. Only those at the forefront of innovation can keep pace. Europe has to give itself the means to fight this new intangible enemy and to do so, it must use its best suited troops: those that are developing the next generation of cyber security solutions, innovative SMEs.

This is a great chance for the EU to leverage this brain power whilst at the same time investing in its SME network. The cyber issue should be approached like a threat to the commons – man-made in its origin and man-dependent on its resolution. Public responses to climate change have wielded growth in many industries such as the creation of a massive solar industry in Germany, largely supported by a string of innovative SMEs.

We need to think about cyber security in that way. While public money is indispensable to boost and coordinate a new agile and effective security solutions industry, the responsibility for developing these solutions should lie in the hands of those that are closest to the problem. As such, the EU should consider giving a wider role to SMEs in terms of research and implementation.

The EU has already taken some good steps by putting in place a number of research credits towards resilience and security programmes. To make sure this turns into a virtuous economic cycle, EU policy recommendations on cyber security should start incorporating SMEs in day-to-day activities in order to tap into their knowledge base and fuel what may become the blue fields of a rich and versatile EU economy.

The writer is the head of the Association for Competitive Technology, a Brussels-based non-profit association focusing on the interests of small and mid-size entrepreneurial technology companies.

Opinion

A marriage of convenience

The West has nothing to fear from the convenient meeting of the minds between Erdogan and Putin. Both countries are strictly following their strategic national interests, which sometimes clash heavily - as can be seen in Syria.

Stakeholders' Highlights

  1. HuaweiMaking Cities Smarter and Safer
  2. GoogleHow Google Makes Connections More Secure For Users
  3. EGBAThe EU Court of Justice Confirms the Application of Proportionality in Assessing Gambling Laws
  4. World VisionThe EU and Member States Must Not Use Overseas Aid for Promoting EU Interests
  5. Dialogue PlatformInterview: "There is a witch hunt against the Gulen Movement in Turkey"
  6. ACCAACCA Calls for ‘Future Looking’ Integrated Reporting Culture With IIRC and IAAER
  7. EURidNominate Your Favourite .eu or .ею Website for the .EU Web Awards 2016 Today!
  8. Dialogue PlatformAn Interview on Gulen Movement & Recent Coup Attempt in Turkey
  9. GoogleA Little Bird Told us to Start Tweeting About Google’s Work Across Europe. Learn More @GoogleBrussels
  10. Counter BalanceThe Trans Adriatic Pipeline: An Opportunity or a Scam in the Making for Albania?
  11. Counter BalanceThe Investment Plan for Europe: Business as Usual or True Innovation ?
  12. Belgrade Security ForumMigration, Security and Solidarity within Global Disorder: Academic Event 2016