Home / Blogs

"Keep Those Eyebrows Up!" - Cybersecurity at the Global Women's Forum

Constance Bommelaer

News of cyberattacks is slowly becoming a new normal. We are still at a stage where high-profile cases, like the recent attack against the American credit reporting company Equifax, in which 145.5 million users had their personal information compromised, raise eyebrows. But we need those eyebrows to stay up because we should never accept cyber threats as the new normal.

This week in Paris, hundreds of leaders met at the Women's Forum to discuss some of the key issues that will shape the future of a world in transition, including cybersecurity. But this topic is not just a concern for the experts — it's a concern to all men and women leading any business today.

New risks on the horizon

A recent report by the Internet Society, "Paths to Our Digital Future", points out that now is a big moment for the Internet. The revolution we already see could accelerate in the coming years, not only due to the increasing digitalization of services and businesses, but also through the expansion of objects being connected to the Internet — the Internet of Things (IoT). By 2020 more than 20 billion "things" could be connected.

Suddenly it's not only your computer but also your toaster or car that's online! The convergence of the physical and the digital world promises a whole range of opportunities on the horizon. But in the interconnected communities we live in, cybersecurity becomes increasingly about personal and societal security.

Organisations are only as secure as their weakest link

What this means is that security needs to be everyone's concern in the management chain. For leaders, cybersecurity must become a strategic priority. Business executives need to ensure that their organisations have the capacity and skills to address online threats — a challenge in itself due to the current deficit of qualified professionals. In fact, some estimates point towards a global shortage of 2 million cybersecurity professionals by 2019, with a stronger gender divide than in any other industry.

Security is not a concern that can be delegated to experts either, hoping that all will be fine. Today there is a psychological barrier among many non-experts who believe that security is something that their IT department is solely responsible for.

This narrow view misses the point that cybersecurity is dependent on a variety of actors — including individuals. The majority of cyber incidents are actually due to human error, through social engineering attacks such as email phishing to an employee, or even the accidental disclosure of private data. This means that basic security practices must be understood by non-experts as well.

Shaping a trustworthy Internet ecosystem

The ecosystem also needs to offer incentives for good behavior. Take the example of data breaches. While they are a risk to both companies and customers, the risks do not align. As we showed in our 2016 Global Internet Report, the organisations that handle customer data may be at reputational or legal risk to a data breach, but they are not likely to bear the same level of costs as the customers or users who may have their data lost or stolen in a breach.

This means we have to shape the ecosystem to better align the risks among users, manufacturers and service providers. While there are several ways to do this, such as clarifying liability laws, a key way is through better security signaling: recognizable, trusted methods for signaling levels of security so that consumers can factor it into their buying habits.

Everyone has a role to play to shape a trustworthy Internet. To secure data and online devices through their lifetimes, The Internet Society offers the Online Trust Alliance's IoT Trust Framework. But this is only part of the solution. We need to all take into account the risk IoT insecurity poses to users, and the Internet as a whole.

Cybersecurity needs to be everyone's concern, so keep those eyebrows up!

By Constance Bommelaer, Senior Director, Global Internet Policy, Internet Society. More blog posts from Constance Bommelaer can also be read here.

Related topics: Cybersecurity, Internet of Things

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

IP Addressing

Sponsored by Avenue4 LLC

DNS Security

Sponsored by Afilias

Cybersecurity

Sponsored by Verisign

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Buying or Selling IPv4 Addresses?

Discover ACCELR/8, a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?