Friday

30th Sep 2016

Opinion

Cyber security: public problem, private answers

  • The EU should support cyber-security start-ups (Photo: European Commission)

Each day the number of cyber attacks against individuals, corporations and government entities grow. As the profile of attackers rises above the nerd in a garage pay grade, the attacks become more vicious, pervasive and money/power oriented.

Policy makers everywhere are looking for viable structures to defend their people and economies.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

In Europe we are seeing a network of "Computer emergency response teams" being set up with pan-European exercises taking place. This comes hot on the heels of US President Barack Obama’s national cyber security strategy. Both sides of the pond are engaged in a dialogue politically - via the EU-US working group on cyber security and cyber crime (May 2011) and militarily, with Nato putting in place its own cyber army to ensure the 2007 attacks on Estonia do not happen elsewhere.

So far, the cornerstones are there but the walls have yet to come up. Safe to assume that all of this will cost millions to taxpayers.

Let’s pause here for a moment and consider a few recent appointments in the US. In 2009 US homeland security advisory council appoints Jeff Moss, founder of the Black Hat and Def Con hacker and security conferences. In 2010, the Federal Trade Commission appoints Ed Felton as its first chief technologist. And earlier this year, the Internet Corporation for Assigned Names and Numbers (Icann) appoints ex-hacker Jeff Moss as chief security officer.

The appointment of hackers to these posts makes sense. If you want to avoid a robbery, a professional robber is perhaps your best counsel. Franklin Roosevelt had already put this lesson to good use when appointing wheel-dealer Joe Kennedy (JFK's father) as first Chairman of the Securities and Exchange Commission. Joe Kennedy knew how to play the system and used his knowledge to make it (until recently) one of the most respected bodies in the US. He was the perfect choice. Can we say the same of the military and public administrations when it comes to cyber security?

If we need help, we can’t turn our backs on tech entrepreneurs. Many small and medium-sized enterprises (SMEs) are developing the next generation of cyber security solutions and Europe may lose out by enacting cyber security-related regulation that may hinder the kind of innovation we need to protect ourselves.

Hacking techniques continually evolve. New worms, malware, phishing techniques and predatory programmes are born every day. Only those at the forefront of innovation can keep pace. Europe has to give itself the means to fight this new intangible enemy and to do so, it must use its best suited troops: those that are developing the next generation of cyber security solutions, innovative SMEs.

This is a great chance for the EU to leverage this brain power whilst at the same time investing in its SME network. The cyber issue should be approached like a threat to the commons – man-made in its origin and man-dependent on its resolution. Public responses to climate change have wielded growth in many industries such as the creation of a massive solar industry in Germany, largely supported by a string of innovative SMEs.

We need to think about cyber security in that way. While public money is indispensable to boost and coordinate a new agile and effective security solutions industry, the responsibility for developing these solutions should lie in the hands of those that are closest to the problem. As such, the EU should consider giving a wider role to SMEs in terms of research and implementation.

The EU has already taken some good steps by putting in place a number of research credits towards resilience and security programmes. To make sure this turns into a virtuous economic cycle, EU policy recommendations on cyber security should start incorporating SMEs in day-to-day activities in order to tap into their knowledge base and fuel what may become the blue fields of a rich and versatile EU economy.

The writer is the head of the Association for Competitive Technology, a Brussels-based non-profit association focusing on the interests of small and mid-size entrepreneurial technology companies.

Column / Crude World

Why Putin's union doesn't want to work with the EU

The EU should not dismiss institutional cooperation with the Russia-led economic association. But Moscow's previous behaviour with Ukraine and Moldova shows it won't let its neighbours turn too much to the West.

Opinion

Steel overcapacity crisis - from Europe to China

While the debate has escalated about China’s steel overcapacity, it is not exactly new. The first postwar steel crisis occurred in the US and Europe. Beijing seeks to avoid a deja vu of bad policies.

Stakeholders' Highlights

  1. ACCAFinTech Boom Needs Strong Guidance to Navigate Regulatory Hurdles
  2. Counter BalanceWhy the Investment Plan for Europe Does not Drive the Sustainable Energy Transition
  3. Nordic Council of MinistersThe Nordic Region Seeks to Make Its Voice Heard in the World
  4. Taipei EU OfficeCountries Voice Support for Taiwan's Participation in ICAO
  5. World VisionNew Tool Measuring Government Efforts to Protect Children Released
  6. GoogleDid You Know Europe's Largest Dinosaur Gallery Is in Brussels? Check It Out Now
  7. IPHRHuman Rights in Uzbekistan After Karimov - Joint Statement
  8. CISPECloud Infrastructure Providers Unveil Data Protection Code of Conduct
  9. EFAMessages of Hope From the Basque Country and Galicia
  10. Access NowDigital Rights Heroes and Villains. See Who Protects Your Rights, Who Wants to Take Them Away
  11. EJCAppalled by Recommendation to Remove Hamas From EU Terrorism Watch List
  12. GoogleBringing Education to Refugees in Lebanon With the Clooney Foundation for Justice