In recent years nations have been mostly concerned with the security of the physical world. However, cybersecurity is a topic of growing global concern. The pervasiveness of cyberspace, and its growing use in today’s digital economy and society, allow it to present both great opportunities for growth and prosperity, as well as significant risks which need to be managed.
Cyber risks for business and individuals
Cybersecurity is a challenging field because the internet was not designed with security in mind. Cyber attacks occur on a daily basis, some of which are visible on Kaspersky’s real time global map.
Not all of these attacks are successful. However, only a few weeks ago, Sony Pictures suffered a cyber attack leaking some of its scripts, private internal communications, and bringing down its entire computer network. JP Morgan, America’s largest bank, also announced that 76 million private and 7 million business accounts were compromised in a cyber attack earlier this year. These are only two of many recent examples.
It is not just businesses that are under threat, but individuals. Individual users need to feel safe in using the services available on the internet, such as online shopping, healthcare, etc., and need to be able to trust the system. As you would depend on a third party to have the knowledge to fix your car, and make sure it is working correctly, as a consumer you want to know who you can trust to give you security whilst maintaining your privacy online.
Security, privacy and trust in the digital world
Security is intrinsically linked with privacy, and getting the balance right is one of the challenges faced by today’s regulators. This challenge is also closely linked to rebuilding and nurturing public trust, which was somewhat compromised after Edward Snowden’s allegations of global surveillance programmes.
Trust is important because of the asymmetry of information in cyberspace. Certain groups know how to design, operate and protect the system; users are faced with a choice of whether or not to trust these third parties to provide services that help them navigate the online world.
A UK and US perspective on cybersecurity
Cybersecurity has grown in prominence both in the US and the UK.
The Cabinet Office published a national cybersecurity strategy (displayed in the infographic below), and the Royal Society will be publishing its report on Cybersecurity research and innovation in the UK in 2015. This will give a 5-10 year view of the emerging research challenges in this field, and the policy frameworks to best tackle them.
Across the pond, President Obama has declared cybersecurity as a priority stating that:
“economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet.”
However given cybersecurity’s crosscutting nature, on whose shoulders should these responsibilities lie?
According to UK Cabinet Office Minister Francis Maude:
“Government, industry, academia and the public. We are all invested in the success of the internet – and we all have a shared responsibility to make it safe.”
This need for shared responsibility, combined with the UK’s and US’s mutual concern for cybersecurity, made the 2014 Sackler Forum the ideal platform for experts from these sectors to discuss international cybersecurity challenges.
This annual Scientific Forum is organized jointly by the Royal Society and US National Academy of Sciences, to bring together UK and US experts to work on topics of mutual interest to benefit society, and develop joint scientific leadership. Previous topics include Modeling Earth’s future, Neuroscience and the Law, and Advancing Agriculture.
The Forum presented a unique opportunity in the cybersecurity field for UK and US senior figures from academia, industry, and Government to interact with each other, and share their thoughts under Chatham House Rules.
For a topic closely tied to national security, it was refreshing to have views and discussions which went beyond these boundaries, and where the focus was more on the rights of the individual and the role of cybersecurity in wider policy and international relations.
A summary of the discussions will be published in 2015.