Cybersecurity: Four steps in the cyber space
It is time of the digital revolution.
There are digital challenges, digital issues and digital solutions. They are creating the digital game changer.
The paramount impact of this game changer is seen in every area and every aspect of our life.
What is the most important for the future, if we want to keep the human centric digital development of the world? The TRUST!
Trust is based on our needs and the desirable feeling of security, privacy protection, full respect of all technological inventions to the fundamental rights, ethical values, and the principle of transparency.
Cybersecurity framework (institutional, legislative) is needed as a fundament to build the trust.
What is the additionally important is clear explainability of all rules significant for the cybersecurity addressed to all users, to all of us.
This is the FIRST STEP.
But, trust can be build and developed due to the sharing responsibility for the cybersecurity.
It means, that we have to start with individuals’ responsibilities. Some kind of the cyber hygiene is crucial our everyday customs, behaviors should be trained.
We have to educate people, to give them some tools for the cybersecurity literacy. It is basic.
And the capability of all companies and institutions to make the risk analysis, clear assessment of the risks and to find proper responses is crucial.
It should be clear that we are not talking only about the critical infrastructure.
Everything should be treated as critical, if we want to implement the strong, real solutions for the cybersecurity in the modern, digitally advanced world.
It also means that in every country we need to implement common European solutions done in the NIS directive and the Cybersecurity Act, and to have properly, precisely described duties of the state institutions. For many activities, the national level is crucial.
At the end it is the European responsibility with the new role and mandate of the ENISA agency, and some new institutions, key for the cybersecurity growth and the European certification model development.
It requires the proper and desirable level of European harmonisation.
In addition, it is important to build the European solutions in the course of the global undertakings and key-lines.
The cybersecurity issues are global, because the threats are global.
It is the SECOND STEP.
Day by day, it is more and more under standable, that we live in the data economy paradigm.
If we want to protect our security at the cyber space we want to keep the data secure and safety.
Everything is about data: our participation in all kinds of digital services, the usage of all devices and logins and passwords to them, the new opportunities of the encryption and encrypted interactions, the information about formats of the hacking schemes, all our personal data from general information to the more sensitive, related to our state of health.
The data are flowing, the exchange of data is crucial for the digital game changer.
Therefore, we have to protect not only the data, the information, but also the transfers of data.
In addition, when the data are under attack, it is meaningful to share all those information, incidents for analysis: how it was done!
We need to recognise the schemes of attacks it is for investigation and future protection.
Additionally, it is time to use algorithms and Artificial Intelligence powers to support at the big scale the work of all analytical groups: from the ENISA team, Europol, national CERTs to all institutions responsible for the security.
It is the challenge of speeding up the results of analytical efforts, more precise recognition of some patterns, and predictions of the future schemes of attacks.
The battle against cybercrime organisations is the never ending story it should be continued in every case and it should be oriented at some new forms of attacks.
Making those attacks much more predictable is one of the key goals of the cybersecurity policies.
It will be the THIRD STEP.
Finally, we need to come back to the problem of certification schemes and instruments.
It is essential for the cybersecurity. If we will have devices, systems, networks, any kind of walls etc. better and deeper harmonised and in the predictable future unified due to the proper, European certifications, we will live in the much more secure environment.
It is the work, which should be done. But we need the agenda and the timetable to achieve this objective.
The Cybersecurity Act established the framework for this purpose.
Nevertheless, we should feel obliged to fulfil it completely with involvement of all partners at the European and probably the global level to make it real.
It is important for the cybersecurity, and for the cybersecurity industry development.
It will create the new jobs, it will support the new investments based on the research achievements.
There are many advantages of the process of making all cybersecurity certifications – European in a short-term perspective.
Moreover, it will be the FOURTH STEP.
There are the steps, which can lead us to the cybersecurity as European guarantee.
It is possible to achieve this purpose, but – it requires the adequate and strong leadership.