Is there a role for industry? Hmm…
By Evgeny Grigorenko, Head of Public Affairs, Europe
As a representative of the cybersecurity industry, I spoke last month at a workshop related to the difficulties regarding, and pathways to restore dialogue between Russia and the United States. While there are many domains to cover in this area, I specifically addressed the role of private industry in protecting critical infrastructure and the synergies that may be generated as a result of cooperation between governmental organisations and businesses.
In this regard, a question that the organizers asked – ‘Is there a role for industry in providing technical and/or normative solutions to decrease cyber-risks to the security of critical infrastructure?’ – while being multi-faceted, may be answered simply with: ‘well, sure’ or ‘hmm’. To be a bit provocative and clear, I’d say that if anyone now plays a significant and tangible role in protecting against cyberthreats, it’s the private sector. But let me elaborate more and give Kaspersky’s activities as an example of things that can and are being done.
In previous blogposts, I wrote about various trends in cyberspace: balkanization (fragmentation), militarization, protectionism, and the collapse of international dialogue on cyber. On a technical level, our specialists observed that the percentage of ICS computers attacked by malware is growing.
In other words, we have rising threats, set against a very negative international backdrop and with no ‘toolbox’ to change the situation. And this is where private industry tries to propose its own approach and solutions. To name just a few of them:
- Learning about and sharing information about threats. In addition to our high-class GReAT, we have the Kaspersky ICS CERT – a team specifically focuses on the industrial domain, which is regarded as the backbone of critical infrastructure in many countries. Tracking attacks on ICS, hunting vulnerabilities, working on temporary solutions for them (it takes much more time for industrial equipment than for regular digital devices to be patched), and working with the world’s largest industrial vendors to remedy those vulnerabilities – these are just some of the things our ICS CERT is doing. And key is the fact that its work is trans-border, i.e., where diplomatic channels have become non-functional, private industry continues to cooperate.
- Suggesting a framework to address the lack of trust in cyberspace. We’ve widely reported on the launch and progress of our Global Transparency Initiative. But this is not only about Kaspersky. For example, in UN GGE report 2014-15, countries agreed to a certain principle – that ‘states should take reasonable steps to ensure the integrity of the supply chain so that end users can have confidence in the security of ICT products’. What is ‘reasonable’? How do we ‘ensure’? As one can expect from the world of diplomacy, this principle is very general. Can the cybersecurity industry propose something more actionable and specific? Yes, there are, for example, measures envisaged by the GTI. Even theoretical risks of (unlawful) access to data of customers may be addressed by strict Swiss privacy rules and of backdoors minimized by the opportunity for regulators to check our source code in our Transparency Centre. Other measures are being considered for the future. In other words, with a specific set of technical and organisational measures, our company tries to address supply chain risks. We are basically speaking about a normative solution for a global issue that stems from governmental concerns about protection of their critical assets.
These are the two areas or sets of measures that are supplemented by the more well-known activities associated with cybersecurity companies. We also provide high-level industrial cybersecurity solutions and cooperate with law enforcement agencies, e.g. INTERPOL, on fighting cybercrime.
What do all the contributions we make to digital security have in common? They all hinge upon cooperation with other players of the ecosystem – other businesses, governments, research and civil organisations. Cooperation may be better and improved, but now everyone needs to play their role to protect the increasingly digitized foundation of our economies and societies.