Posted at May 8, 2015, by Raleigh Addington, Comments Off on Javier Solana, former Secretary-General of NATO, calls for “a multi-stakeholder approach to creating governance structures for the Internet”
Writing for Project Syndicate, former Secretary-General of NATO Javier Solana calls for “a multi-stakeholder approach to creating governance structures for the Internet.”
Javier notes that information and communication technologies have become a central part of everyday life for most of the world’s population. Whilst these technologies generate enormous benefits, he argues that they are also risky, owing to the ease of accessing data and using it for criminal purposes. Cyber attacks are already vastly increasing in number, sophistication, magnitude, and impact.
Javier goes on to say that although cyber crime is highly internationalised, a global governance regime has yet to be fully developed. He argues that various initiatives, such as The Global Conference on Cyberspace (GCCS), are limited in effectiveness by “the fact that the three largest cyberspace powers – the United States, China, and Russia – have not agreed on a common treaty to harmonise national laws or facilitate cooperation.”
“The international community has put in place minimal codes that regulate areas like health and nuclear weapons proliferation,” Javier concludes, “There is no reason why we cannot do the same in cyberspace.”
Posted at March 3, 2015, by Raleigh Addington, Comments Off on Expert speakers on global cybersecurity challenges and mitigation
President Barack Obama has described cyber attack as posing “one of the gravest national-security dangers” to the US. During a recent visit to Washington DC, British Prime Minister David Cameron warned that cyberwarfare “is an evolving threat which poses a real risk to our businesses.” In January, the US and UK announced a new programme of cyber war games in order to test their defences against attack.
There are three key reasons why the danger of cyber attacks has increased:
Governments, businesses and individuals are increasingly data-dependent.
Digital infrastructure is becoming ever more complex, making it harder to police.
Highly sophisticated hacking groups have suddenly risen in number.
Educating employees, say experts, is paramount. So is new legislation that strikes the right balance between security, and internet freedom.
Here are a number of world leading experts we’d like to recommend on cyber warfare, cyber-security, data management and internet freedom. To book these speakers for your event, or for more ideas on digital security experts, please get in touch.
Jamie Bartlett: author of “The Dark Net: Inside the Digital Underworld” (2014).
Cory Doctorow: global thought leader on digital privacy & open source technology.
Misha Glenny: leading commentator on organised crime & cyber-security.
Annie Machon: former MI5 intelligence officer & expert on surveillance.
Ramesh Narayanaswamy: tech leader & CIO for Singapore Post.
David Rowan: editor of Wired (UK), the leading digital trends & technology magazine.
Howard Schmidt: former “cyber czar” for US President Barack Obama & George W. Bush.
Jonathan Shaw: former Director of UK Special Forces & authority on cyberspace.
Posted at November 25, 2013, by Raleigh Addington, Comments Off on Major General Jonathan Shaw on Cybersecurity in a Digital Age
On Tuesday 12th November 2013 Chartwell hosted a breakfast briefing at the Royal Automobile Club with the former Head of the UK’s Defence Cyber Security Programme, Major General Jonathan Shaw CB CBE (Rtd).
The discussion focused on managing the new risks of cyber security to business and citizens and how best to leverage resources to secure business and organisations. Here are a few points we learned from the event.
1. It’s about managing human risk as much as securing technological systems.
Cybersecurity gives the wrong emphasis to today’s challenge. The internet was designed to keep us connected and spread information, not to keep information secure and hidden. The challenge is better seen as a campaign of risk management- balancing the value of sharing data with the risk of a leak.
In these terms cyber security becomes as much about business decisions, staffing, structure and morality as it does about technology.
2. The digital age is a board level issue, don’t delegate to your CTO
Whilst technologists will provide new defensive technologies to counter new threats organisational structure is key to deploy these assets effectively. In a campaign of risk, decisions from the board on how to structure a business as as vital for information security as technical expertise.
Leaders implementing information security don’t need to be technologists but do need to have a good grasp of the threats and risks they face. Senior figures in corporations are too often protected from the pace of technological change by a layer of admin assistance that insulates them from daily usage of new systems.
Corporations need to be honest about gaps in their understanding and then work to create a system that leverages the expertise from a young generation of ‘digital natives’ to mix with leadership from senior figures. As such this problem is not one for to be delegated away to the CTO ‘to fix’ but rather embraced as a strategic imperative requiring board level leadership. Similarly restraint can be a virtue in not over-engineering security, the technical question “what can we do” should be balanced against the human “what should we do”, a choice that calls on senior leadership.
3. The security regime should be adapted and proportionate to the threat
A security response should prioritise assets, measure threats and deploying resources accordingly. Over securing a system that isn’t threatened might affect the ease of use and reduce it’s utility and impact productivity right across an organisation.
In measuring threats, consideration needs to be given to human risks as well as the technical ones. The more you invest in technical security the more hackers will target the human links in the system. Thus threat mitigation thus broadens into questions of training and the loyalty of those with access.
4. Your CIO should be your best communicator not your best tech expert.
Chief Information Officers (CIOs) take on a very important role today. In a digital landscape they often hold responsibility for the key assets of a company but they need not be the best technologist. Rather they should be excellent communicators and leaders of change with a role to communicate new and emerging risks to the board, who can then respond to the leadership questions it begs.