We are one day into the 4th Cyber Intelligence Europe. I sat down with Martyn Hill, Managing Director for Intelligence Sec, to get his thoughts on risks, public-private cooperation, and what his extensive experience on international markets thought him about cybersecurity.
Which are the most concerning cyber threats for public and private sectors?
I would say at the moment the most concerning threat to the public and private sectors is cybercrime such as fraud. With many more people using their mobiles and iPads/tablets to do their personal banking, energy bills, emails etc. it has created a more open space for cyber criminals to access sensitive information such as banking information, private emails and classified information.
How lack of international agreements regarding cyber security and cyber defence is affecting the fight against security issues?
Absolutely, there is not many international agreements in place currently especially in Europe. This would help to share information between countries and governments to help fight against security issues. The largest community I know of that share information is the International Telecommunication Union (ITU) and IMPACT in Asia-Pacific. To what extent they share information I am unsure, but there definitely needs to be more communities and agreements in place to share information to help the fight against key security issues.
What is the role of government in strengthening cyber security?
Government’s need to continue keeping cyber security a key focus in the coming years. Government’s need to be more open with each other and share challenges that they face and attempted attacks they have come up against. This would then help with the fight against cybercrimes. Currently there is too much secrecy between nations/allies and this does not help the issue.
Is it important to have a public/private cooperation regarding cyber security and why?
Absolutely, there needs to be better cooperation between the public and private sectors. Every time an organisation or government agency is attacked this information needs to be made public so that other private sector companies and government agencies can prepare themselves for similar breaches. Cyber criminals are one step ahead every time and are becoming more sophisticated with their attacks. The more cooperation there is between the two sectors the gap between the criminals and organisations becomes smaller.
Nowadays, almost every job involves the use of digital devices in some aspect of work. Should there exist a basic level “cyber self-defence” training for the workforce in the non-IT sector? And would this help preventing and/or reducing cyber threats?
There definitely needs to be some kind of training to the workforce. Especially the older generation within the workplace who are still developing their digital skills. Recently, at our Cyber Intelligence Asia event in Bangkok the Thai Government are in the process of implementing a training programme for the workforce within the government and financial sector. If successful, they will roll out the training to other industries.
I also believe that many organisations/governments do not feel it necessary to do cyber training until they have been attacked, and this philosophy may take some time to change as many companies are cutting budgets and still do not see cyber security as a priority unlike the public sector.
What type of cyber threat information would be most useful for the general population to have?
Online cyber threat information is very important, with more children now online than ever, before the risks and threats are greater. Maybe cyber security and intelligence training is something that can be initiated in schools at a young age so children understand the risks of going online. This is something Facebook is trying to implement globally and raise the awareness of online fraud and criminals that target children and the elderly online.
From your international experience, are there different answers to the same problems of cyber security depending on the region?
Yes, each country has different threats and challenges. I also believe that countries experience different threats and attacks depending on their religious beliefs, culture and demographics of their population. There is no global answer to the cyber security threats faced across the world.