21st Annual e-Crime & Cybersecurity Congress
1st & 2nd March 2023 • Park Plaza Victoria, London, UK
As cyberspace becomes the arena for a new cold war, does cybersecurity practice need to change?
Too much focus on PID protection, not enough on cybersecurity?
However, it’s become increasingly clear that a new global cyberwar has started that looks very much like the cold war of the 1950s to 1980s. As one commentator puts it, instead of stockpiles of nuclear weapons, “the threat of cyberwar, by contrast, has more to do with a global stockpile of vulnerabilities, amassed by accident as a by-product of continued innovations in connectivity. In the end, the sensation is the same: a foreboding feeling of pervasive, imminent risk. Cyberwar is real.”
So how does a cyber-cold war create a different set of risks for individual organisations? Does the potential for huge rises in the scale and sophistication of attacks, and the likelihood that infrastructure disruption and destruction will become more prevalent, objectively change the security calculus? One answer is that it will force firms to stop focusing narrowly on GDPR and think strategically about real security: as Mario Greco, chief executive at insurer Zurich says, focusing on the privacy risk to individuals is missing the bigger picture: “First off, there must be a perception that this is not just data . . . this is about civilisation. These people can severely disrupt our lives.”
The struggle to value cybersecurity
- 51% of CISOs/CIOs, believe that businesses will need a specific strategy in place to protect against cyberwarfare in the next 12-18 months.
- The C-suite is increasingly concerned about loss of IP and R&D secrets, revenues and operational resilience.
- Governments are concerned about the potential for attacks on CNI and also for exploitation of poorly-understood linkages in financial systems, energy infrastructure and supply chains.