Today, stakeholders from both public and private sector among several industries met together at the Global Cybersecurity Forum, organised by the Saudi Arabian National Cybersecurity Authority, together with Saudi Information Technology Company (SITE) and Saudi Telecom Company (STC).
During the sessions, it was made clear that cybersecurity is growing and that it has taken an even faster step this past year, motivated by the pandemic. The general transformation of most companies to operate online, has increased the need for a secured cyber space across industries. Even if some sources differ about the size of the global cybersecurity market, there is consensus on a relevant growth in 2020 which lead to a market sizing from 60 to 120 USD billions.
Several stakeholders raised the importance of looking at cybersecurity from an economic perspective. It was highlighted that the only cybersecurity KPI that has decreased is the cost of launching a cyberattack. This makes cybercrime to be a very profitable business. The cost of a data breach is estimated to be in the range of 4 USD millions, in average.
Therefore, it is important to create the right incentives for a more secured cyber space. Speakers from different industries proposed initiatives such as:
- Taking example of the pharmaceutical industry, which enables, in the USA, fast tracking approval processes for companies with good security track records. This approach could be useful for industries for which launching soon a cyber secure product to the market would result in significantly improved returns.
- Singapore’s initiative to certify products based on cybersecurity ratings, which enables companies dedicating stronger efforts to cybersecurity to charge higher prices for devices or services.
- Governments can take a relevant role to provide transparency on cybersecurity incidents which would ensure recognition to successful companies and use the power of embarrassment to incentive companies to take the issue seriously.
Another key theme was the fact that cybersecurity is a people’s challenge. Technology is important but, in the end, it is people working against people. Therefore, it is important for companies and governments to invest in the right people and skills to overcome the challenging reality of cybersecurity.
Cybersecurity should evolve to see what is happening in real time. Currently, breaches can take more than 200 days to be discovered, and around 280 days to be solved.
Finally, and most importantly, it was made clear that no organisation and no country is big enough to solve the cybersecurity problem alone. A collective defence is needed. It is of utmost importance to move to an cyber environment build on trust and supported by collaboration among law enforcement. It was reported that only 1% of the cybercriminals are prosecuted. We need collaboration from both public and private organisations, and among nations. Information sharing is crucial for all stakeholders. In order to achieve that, we need leadership that brings us all together to face this challenge.
For any further information please contact our Cybersecurity Policy and Regulation experts in the following email: firstname.lastname@example.org