Building confidence and security in the use of ICTs: National cybersecurity strategies for sustainable development
5 May 2016 11:00h
Event report
[Read more session reports and live updates from the WSIS Forum 2016.]
This session discussed the role of ICT in achieving the sustainable development goals (SDGs). It clarified the necessity to achieve and ensure trust in cyberspace, by reinforcing collaboration among the various stakeholders. Increasing access alone will not be enough to achieve the SDGs, without ensuring an adequate level of security, based on which newly connected communities can benefit and thrive.
The importance of cybersecurity and trust is enormous if we are to gain economic benefit from the Internet and new technologies. Ms Melissa Hathaway (Potomac Institute for Policy Studies) reaffirmed that insecurity has tremendous effects in terms of loss of economic opportunities (e.g. IPR thefts) and prevents achievement of the SDGs. What is necessary is to enable technology to build trust and confidence, raising awareness of the positive aspects of the Internet. National agendas need to be aligned with cybersecurity agendas, enhancing the cooperation between governments and industries.
Collaboration among the various stakeholders is fundamental, following a model where both the private and public sector win. In particular, two models of action were discussed: compulsory and voluntary. Following the compulsory model, reporting cyber incidents to the public authorities is mandatory, while in the voluntary one private entities are free to report or not. Ms Stefanie Frey (MELANI) explained that the choice of model depends on the country. For example, in Switzerland the voluntary model works well because of the country’s small size. She stressed the necessity of developing strategic plans, besides law enforcement. As the private-public model is the only possible solution, it is fundamental to have competent people around the discussion table. The main goal to achieve is transparency, which represents the basis on which we can build trust.
Mr Phil Zimmermann (Silent Circle) underlined that cybersecurity is simply an engineering problem, whose only possible solution is technical. He affirmed the necessity of having strong cryptography systems. Law enforcement agencies have more tools to achieve security today than they had a decade ago; they can grasp the full picture, with only ‘few pixels missing’. In that sense, they are also benefitting from technical improvement. Yet if companies compromise on security through the introduction of backdoors, everyone is impacted.
Mr Wojciech Berezowski (Office of Electronic Communications, Poland) stressed the importance of education in order to achieve trust and security. His main educational activity is directed at Internet users and consumers. However, education is also important in the field of B2B transactions, in order to allow companies to know how they can safely use the Internet in their business.
Finally, Mr Giampiero Nanni (Symantec Corporation) emphasised that cybersecurity is not only a political and technical question, but it also constitutes a personal issue. He affirmed that people have to ask themselves what they (and not only companies and governments) can personally do in order to achieve trust and cybersecurity. The users’ attitude is as important as technical and policy interventions.
In conclusion, the session clarified the importance of cooperation between governments, companies and Internet users, by developing technical tools as well as through the elaboration of policy instruments in order to enhance trust and cybersecurity, which are necessary elements for the achievement of the SDGs.
by Emanuele Sacchetto