“Cyberspace is not at peace” – Eugene Kaspersky
December 2019 by Kaspersky
Following his appearance at the Paris Peace Forum, Eugene Kaspersky calls for equality, transparency and better education to achieve cybersecurity diplomacy and fight cybercriminals.
“It would be wrong to say that cyberspace is at peace. Every day, sabotage, espionage and crime campaigns are being committed – and the threat landscape is constantly changing,” asserts Eugene Kaspersky, CEO, Kaspersky.
As we deploy thousands upon thousands of new connected objects, and our dependence on the internet increases ever more, opportunities are multiplying for both private and state groups to destabilise, steal or destroy. The number of threats has exploded; Kaspersky counts more than 380,000 new malicious files every day. Their complexity has increased, too; analysis of the threat landscape suggests that cybercrime is now the main activity of more than half a million individuals, ranging from lone offenders to organised professional groups, whose resources can be very significant. The world needs more information sharing and cross-border partnerships to maintain peace in the digital world.
“There’s a need for all of us to come together to achieve diplomacy in cybersecurity. After all, the fight against cybercrime remains largely dependent on nation states and their policies, and therefore on borders. We can still hope to fight cybercriminals on equal terms – but to do so we need a new diplomacy based on three pillars: equality, transparency and education,” adds Eugene.
To build this diplomacy, multilateral participation is essential. Everyone has the right to participate in the establishment of the principles, order and rules that govern us all. Among these principles, the principle of transparency is essential. Its definition must be both border and culture-proof, which is why the industry as a whole must be involved.
Security solution providers also have a unique role to play. Alerted by their customers, they are often the first to intervene and therefore identify threats. At the same time, it is their technologies that are now being used by law enforcement to collect evidence. Given this crucial central role, security solution providers must embrace openness, transparency, neutrality and integrity to ensure their credibility. The role of solution providers is not to assign responsibility to attacks, but to identify them and study them to better protect users. As such, their technologies must be above suspicion. And the only way to secure such suspicion-free status is by allowing source-code audits to be carried out by trusted, certified third parties to verify that the technology is not being exploited, voluntarily or not, by any government.
The cybersecurity industry is now at a crossroads in its history. Reduced to its simple technological dimension, it will be ineffective. We must define the rules that will ensure trust in, and the security of, cyberspace for all – individuals, businesses, infrastructure and governments.
“Peace in cyberspace is still possible. But we need to make it an international priority,” concludes Eugene.