Disruptive cyberattacks cost the world €235bn in 2017 and increasingly threaten our lives and societies at every level. Malicious software attacks regularly make headlines, bringing chaos and financial calamity to states, business and society. This was the conclusion of Friends of Europe’s Policy Insight debate ‘Building cyber resilience: aligning strategies and increasing cooperation’ on 6 November, the third and final in a series of events on resilience. Indeed, the collateral damage from a cyberattack “can be massively greater than the impact on those who were directly targeted,” underscored Jamie Shea, Senior Fellow at Friends of Europe and Former Deputy Assistant Secretary General for Emerging Security Challenges at NATO (2010-2018).
With a litany of cyber hacks affecting the EU and NATO, the two organisations are developing their toolboxes to respond to malicious actors including through active cyber measures. But can such responses truly secure Europe’s cyber-domain, given the new threats emerging with technologies like 5G?
Some states such as Estonia, one of the most connected and digitally advanced in Europe, dodged the NotPetya ransomware attack “because Estonian organisations were so resilient that the prevention work was so good,” explained Heli Tiirmaa-Klaar, Estonian Ambassador for Cyber Security.
International organisations like NATO and the EU are strengthening their cyber defence operations and capabilities. In 2016, NATO signed a Technical Arrangement on cyber-defence cooperation with the EU, while NATO Allies made a Cyber Defence Pledge to enhance their cyber-defences and putting “cyber into the operational domain,” said Sorin Ducaru, Chairman of the NATO Secretary-General’s Senior Advisory Board for the Functional Review of the NATO Headquarters & Trustee of Friends of Europe.
The EU boasts a playbook of cyber-defence measures. They include the €13bn European Defence Fund, a network of computer security incident response teams and the EU Cyber Rapid Response Force teams launched under PESCO. There is also new EU-wide legislation on cyber-security, plus a commitment to better educate and train Europeans to fend off cyber-threats. Vivian Loonela, Member of Cabinet of Commissioner Andrus Ansip added that the EU “should put in place the right and good software and hardware to have the technological capabilities”.
Businesses like British Telecoms (BT), are also more focused on securing networks. For the wider good, they happily share information on cyberattacks with competitors and intelligence agencies. Many companies pin their hopes on “security-by-design” products which are becoming mandatory soon. The key thing, explained Ruth Davis, Head of Commercial Strategy and Public Policy at BT Security, “for getting secure by design is creating a market for it … and to achieve that is through educating the consumer market better”. Cloud services, artificial intelligence and quantum computing are here today, or at least right around the corner. These technologies can be vectors for further cyberattacks, and they also constitute a promise welcome in the array of cyber solutions, such as stronger encryption.
The event further elaborated on the recommendation to build a more effective and credible cyber-deterrence framework, which resulted from Friends of Europe’s global online brainstorm, Debating Security Plus.
Should you not be able to view this gallery, please click here.