viernes, 25 de mayo de 2018

Waiting time on cyber security

Some figures get you dizzy. That is the feeling I have ever had when I read the report of the impact of cybersecurity incidents and their cost. Reports can be found in all flavours in the internet, but here are the figures for the main dimensions of cybersecurity in one post:

  • Cyber crime damage costs to hit $6 trillion annually by 2021.
  • Cybersecurity spending to exceed $1 trillion from 2017 to 2021
  • Cyber crime will more than triple the number of unfilled cybersecurity jobs, which is predicted to reach 3.5 million by 2021
  • Human attack surface to reach 6 billion people by 2022 
  • Global ransomware damage costs are predicted to exceed $5 billion in 2017

As in any other part of the world, there is a growing concern in Europe about the above facts and figures and measures are taken in a progressive but unremmitting manner. Both in the Digital Single Market strategy and its mid-term review it is highlighted its importance and some measures are sketched, while the more concrete and holistic approach is set in the EU cyber security strategy published later under the name "Resilience, Deterrence and Defence: Building strong cybersecurity for the EU".

We will need some time to appreciate the results of the non-legislative actions, as the Cyber Security public-private partnership promoted by the European Commission. Nevertheless, the effect of the new pieces of legislation  is felt since the first day of their entry into force. Today, its the zero-day for GDPR and a few weeks ago the Network and Information Security went into effect. In both cases, the more visible impact will be be the big fines that firms will have to pay in case of cyber security breaches. as well as the investments they will certainly announced to have made in order to comply with the laws. Less visible will be if the new legal framework promote the needed trust on the digital technology and services, and therefore fulfill its final objectives.

Same could be said about the measures that are in the pipeline. It will be difficult to appreciate in the short term if the digital opportunities initiative contribute to train the needed base of cybersecurity professionals. However, we will see from day zero the cost of the implementation of the forthcoming cybersecurity certification framework without feeling in the short tem if it produces IT products and services we can trust on.

So now we are entering into waiting time. The time to wait and see if Europe has taken the right measures to provide a secure digital environment we can trust on. If some rectifications are identified, it would be difficult to have time enough to react.


No hay comentarios:

Publicar un comentario

palyginti kainas