Last February, the conference held in San Francisco, gave once again the occasion for the international cybersecurity community to highlight the importance of the human element as a key-factor. The topic would deserve a detailed analysis by itself. Digital society, I believe, needs an outlook that goes beyond technical requirements to focus on humankind in itself. We require a vision in the purest sense of the word, one that puts men and women in the limelight beyond the fundamental bedrock of technical capabilities, to inform a harmonized and human-centric development of the digital ecosystem: a renewed humanism for a digital Renaissance. But our time here is limited: and we will need to focus on the role the human factor plays within the securitization aspect of cyber governance.
Human, as the decision–makers, both at national and international level, committed to regulate the entrance of technology in the rule-of-law ecosystems, and to balance freedom with security and privacy issues; human, as the security experts , who have the task of seeking solutions to prevent, detect and respond to cyber threats. But above all, human as the weakest link in a process chain, which sees the single citizen, customer, professional or employee, along with his personal devices or domains, being compromised in order to get financial gain or strategical access to more complex systems.
Shortly afterwards, the world faced the dramatic outbreak of Covid-19 epidemic, and the related increase of cyberattacks on a large scale. To that extent, we all noted how prophetic it was to focus on the human element as the basis of many serious public health and security issues. We have started to face Ransomware campaigns aimed against hospitals and public-health systems, along with DDos and data-breaches; billionaire fraud schemes targeted against the enterprises as they were seeking to procure themselves medical masks, and supplies; large-scale phishing campaigns, based on fake anti-covid alerts and governmental communications, engineered to allow infections by several kinds of new malware; plenty of Covid-named web domains, most of them created for launching fake news or scams.
This hasn’t been an unexpected wake-up call for the experts, but it does offer the opportunity to concentrate on a very significant aspect.
To pay attention to the human element, in the complexity of an emergency context like the one we are currently going through, means to be able to prevent threats by disseminating on-time cybersecurity, rapidly reach out to people and organizations. This implies a substantial responsability for cybersecurity experts, called upon to get together and enhance awareness of ongoing issues and threats, looking for common solutions for an early detection and a timely sharing of information.
For the question is, once again, how to establish an effective channel of communication and a quick information-sharing process among experts, decision makers and those responsible for critical infrastructures security
From a public power’s perspective, in the italian experience a crucial role is played by law enforcement: as more than 70% of cyberattacks are proven to be criminally-motivated, it is actually clear that the vast majority of cybersecurity issues results in a law-enforcement problem.
In this way, national police first assumed the responsibility to create a large network of relevant stakeholders, based on the idea of putting in continuous contact, on a 24/7 basis, experts from law enforcement and private sector, along with representatives for cybersecurity from the critical infrastructures of the country, in a collective defence approach.
The main advantage of shifting the center of gravity on to a police force also consists on the precious wealth of experience in the field of judicial investigation that only a LEA can express, also acting as a single point of contact for the international cooperation, as well as and for information-sharing with national intelligence and defence.
Such networks aim at creating a trusted environment among experts, as they rely on the ability to assure an early detection of ongoing threats and incidents, so that each alert can be translated into distinct IOCs, duly anonimized and ready to be disseminated, for the benefit of the entire community.
During Wannacry and NotPetya campaigns in 2017, such system contributed to prevent damages to the critical infrastructures in the Country, and today, the network of experts is working effectively to limit the dramatic consequences of cyber attacks aimed at hospitals, schools, public administrations and companies, as well as simple citizens, with regard to Covid-19 epidemic.
We are aware that this is just one of the many possible solutions, and this is the reason why it is so important to be here today, to keep the dialogue open and go on sharing different experiences.
Much still has a to be done, but we are absolutely sure that collaboration is the main road to go.
