Digital technologies are changing our lives and economies. Artificial intelligence, big data analytics, blockchain and cloud technologies are improving our world in countless ways. But they bring new vulnerabilities. The recently disclosed processor security gaps Spectre and Meltdown affected the privacy of data on billions of devices. Ensuring that criminal and malicious forces do not exploit our broad digital engagement is becoming a major challenge. Fostering trust in cybersecurity requires a broad alliance of companies and governments to act. No single entity can do it. Decisions must be taken now.
How can we build trust in the digital age?
Dr. Roland Busch, Chief Technology Officer and Member of the Managing Board of Siemens AG, on cybersecurity.
The Internet of Things makes cybersecurity more essential – and more challenging
Digitalization and globalization are shifting paradigms and bringing new opportunities. Billions of devices are connected by the Internet of Things, interacting on an entirely new level. These technologies are changing the way we live, communicate and work. They are enabling new applications and business models across all industrial sectors and verticals.
Fundamentally, these advances are a great sign of progress. Growth forecasts predict a trillion-dollar business. But while they improve our lives and economies, they also increase our risk of exposure to malicious cyberattacks. The world has experienced how such attacks can influence democratic elections.
More and more, critical infrastructures such as banks, ministries and the British National Health Service are also targets. The global damage caused by such attacks is estimated at $3 trillion annually. This is approximately equivalent to the gross domestic product of countries such as Germany or France.
The message is clear. Failing to protect the systems that connect and control our homes, hospitals, factories, power grids and infrastructures could have devastating consequences. The digital world needs baseline security, to match the commonly accepted safety measures we take for granted in the non-digital world.
Ultimately, this is about how our modern lives and economy function. Cybersecurity determines how people and organizations embrace new digital technologies. Trust in it, therefore, is the basis for any growth and progress in the digital economy.
Current cybersecurity efforts are strong – but don’t go far enough
Companies and governments must take decisive action now to keep pace with the rapid advances in the market, as well as with growing threats from the criminal world. Digital players including IBM, Microsoft, Google and Amazon are working hard to achieve high levels of security and protect their reputation. The same applies in the industrial world, which is seeing increasing digital value creation. For example, Siemens has adopted a “defense in depth” concept that provides comprehensive security mechanisms combining physical security, network security and system and software security.
Governments are equally willing to take action. The European Commission, for instance, released a regulation for data protection (GDPR) which will take effect in May 2018. It also aims to define an EU cybersecurity certification framework. Many countries around the world are committed to facilitating more extensive and effective regulations.
All these efforts are helpful. But in order to make substantial headway, businesses and governments must take joint ownership and responsibility for cybersecurity. There must be a focused and coordinated approach to handling the relevant action fields.
Creating total trust
Hedging the all-encompassing impact of digitalization and cybersecurity, and creating a level playing field across globalized markets, requires strong multilateral collaboration between politics and business. Responsibility must be taken at the highest levels of government and corporate entities. It must be reflected by clear targets and measures.
Moreover, responsibility must be deployed throughout the entire digital value chain in order to ensure the most comprehensive cybersecurity. This involves fundamental and ongoing education and professional training in cybersecurity. Firms and policymakers should deepen their common understanding of what is needed for continuous innovation and adaptation of technologies, regulations and standardization. Data flows don’t stop at national borders, either. International rules would help everyone.
No single entity can manage implementation of all the necessary measures. The “Charter of Trust” is an attempt to initiate close collaboration at all levels. The charter will be presented and signed together by business and political partners and witnesses at the Munich Security Conference.
Information, product and solution security must be an integral part of our digital world. Businesses and countries that want to play leading roles in the global digital markets will have to engage jointly in cybersecurity in order to sustain the trust of societies, customers and business partners.