It’s hard to believe cybersecurity was once considered a minor problem for IT departments. Remember back then, when attacks were mainly small-scale annoyances like viruses spread on floppy disks, and hackers were teenagers doing it for fun? Whereas now, it’s a high-stakes endeavour threatening commerce, privacy, and national security. These days cybersecurity garners attention at the highest levels of government. But more decisive action is needed by world leaders to collectively strengthen defences globally, before the next advances in technology give cyber criminals a major advantage.
Cybersecurity regulations and compliance
Legislation remains a solid starting point. While progress has been made with the take up and enforcement of cybersecurity regulations at a local level, there needs to be more harmonisation on the global front. This would help eliminate gaps in enforcement, creating a united front against cybercrime. It requires governments to agree and establish minimum standards for defence and response, which is proving difficult, even in territories with a strong commitment to cooperation such as the EU.
The European parliament is still trying to achieve consensus among member states, having brought in the first iteration of its Network and Information Security (NIS) Directive back in 2016 to promote standardisation. This remains challenging however as different levels of digital maturity and priorities exist within individual countries, making unification of cybersecurity standards a frustratingly slow process.
In the meantime, leaders and their governments should advocate responsible information sharing and collaboration locally. Without the will to do this at home, there’s even less likelihood of reaching the goal of cross-border cooperation. By taking the lead, governments can expand their overall involvement in threat intelligence communities, while at the same time keeping highly sensitive information confidential as necessary.
Early warning of potential threats depends on collaboration between stakeholders in both the public and private sectors. If all participants were privy to the same information about security threats and how to close them down, then the window of opportunity for attackers would dramatically reduce. Private sector organisations are already taking advantage of this approach by connecting with forums and hubs that quickly assimilate and disseminate vital security data to their members. The government and the public sector need to do the same.
AI governance
Focus must remain on the risks and rewards posed by AI. With large parts of the private sector already moving rapidly to leverage its benefits, governments have a tough job on their hands balancing security and safety fears in the race for innovation.
More investment in cybersecurity to accelerate development of strong defences against malicious AI is imperative. Joint public-private partnerships with established industry leaders, along with funding options for R&D and startups, should progress in tandem with strengthening regulations for secure AI.
Leaders must take a more joined up global response to AI security, bringing together various international and local initiatives, including the EU AI Act and the EO from the USA, as well as persuading other countries to align with the same principles.
The scale of the challenge demands urgent action, otherwise the pace of criminal AI development is likely to outstrip the creation of effective security mechanisms.
Quantum computing
Although quantum computing is in an experimental stage, major technology players across US, Europe, and China are investing heavily in research and development. Even in these early days alarm bells are ringing as, in malicious hands, quantum’s impact on cybersecurity could have a greater effect than the meteoric rise of AI. Governments and the cybersecurity industry are worried about its theoretical capability to crack widely used encryption algorithms in a matter of seconds, putting national security in jeopardy. Compounding concerns is the suspicion that cybercriminals are currently stealing and storing encrypted data, with the intention of decrypting it as soon as quantum capabilities mature.
Planning ahead for quantum-driven technology and a new wave of cybercrime could help avert disaster in what might be the not-too-distant future. To gauge this evolving risk, governments must constantly review cryptographic standards, working closely with quantum experts in the private sector as well as funding further research.
Developing cybersecurity talent
To combat the fast-moving criminal world requires a workforce of talented cybersecurity professionals. Yet, a recent study from ISC2 puts the shortfall of qualified recruits at a massive four million. To fill the void, governments must make changes within their education systems to address the longstanding gap between the appropriate skills for cybersecurity and what’s taught in schools and colleges. Also, more support is needed for those individuals wanting to switch careers, and for young people who have missed out on formal education routes.
In the UK, initiatives like TeenTech need access to increased funding to give young people the opportunity to build careers in technology. The private sector can play its part, offering more internships and apprenticeships that provide hands-on experience and practical skills for young adults, helping them transition into cybersecurity roles. Running awareness campaigns in partnership with educational institutions, explaining how interests and hobbies can translate into jobs in cybersecurity, would help plant the seeds for this career choice at an early age.
Securing a volatile future
Although the menace of cybercrime looms larger than ever, if world leaders take decisive action now, they can mobilise public and private sectors globally to unite more effectively. By championing policies that share threat intelligence and promote collaboration, governments can build inclusive cyber resilient ecosystems that collectively mitigate future threats across borders. Joining forces today must be the way forward to secure a safer world for the volatile years to come.
