RSS:

Newsletter subscribe:

Cyber Security

ESPAS Report 2019 : Global Trends to 2030

Date of Editorial Board meeting: 
Publication date: 
Friday, April 5, 2019
Abstract in English: 
For something as unknown as the future, it appears to have become surprisingly predictable. A Google search of ‘future 2030’ yields more than 97 million results, all more or less claiming similar things: that 2030 will see a more connected, yet fragmented world, with hazardous shifts in demography and energy, and dangerous changes in technology, environment, and politics.
The future, while overall negative, appears to be a rather certain place.
This illusion of definitiveness is created by two dynamics: first, the pessimistic tone that runs through the vast majority of foresight reports. This is a common feature when it comes to future thinking, with one study showing that all studies undertaken on the future over the last 70 years have one thing in common; pessimism. The reason for this is simple: although both optimism and pessimism are natural human dispositions, the latter is more prevalent by far. Humans are, genetically speaking, biased towards the negative – some studies even indicate that this is particularly the case for Europeans. Second, pessimism in foresight is encouraged by the grave air that surrounds it: in general, negative statements are given more attention than positive ones. That said, more pessimism in foresight does not equal greater accuracy, as one study shows.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
52
Share: 

Strengthening the EU’s Cyber Defence Capabilities

Date of Editorial Board meeting: 
Publication date: 
Monday, November 26, 2018
Abstract in English: 
Cyber defence is critical to both the EU’s prosperity and security. Yet, the threat space it faces is vast in scope, highly interconnected, deeply complex, and rapidly evolving. The EU’s current cyber defence capacity remains fragmented across and siloed within various institutions, agencies. In order to secure its own use of cyberspace, the EU must be bold. The CEPS Task Force on Strengthening the EU's Cyber Defence Capabilities identified a clear EU-wide interest for greater coordination and cooperation in this space. After a comparative analysis of alternative scenarios, the Task Force concluded in favour of creating an EU Cyber Defence Agency with executive competencies and therefore, the ability to develop and utilise strategic and operational capabilities at the EU level. This would mark a critical step towards a more effective and collaborative approach to enhancing cyber security and resilience in the EU.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
88
Share: 

IBM Security: Future of Identity Study - Consumer perspectives on authentication: Moving beyond the password

Date of Editorial Board meeting: 
Publication date: 
Monday, January 15, 2018
Abstract in English: 
The concept of granting digital access to users based on proper identification has been the very core of how people access online services since the emergence of the public internet in the 1980s. The power of confirming an identity and being granted access to services of value has attracted billions of users to the internet, and as society moved to this parallel universe, so have other parts of it, namely fraudsters, con men and organized crime. In the past six years, USD 112 billion has been stolen through identity fraud, equating to USD 35,600 lost every minute. The more services are offered to the general public—with additional features for convenience and usability that rely on the internet—the wider the window of opportunity for attackers. Javelin Strategy Research expects fraud related to the creation of new online accounts to rise as much as 44 percent by 2018, increasing losses from USD 5 billion to USD 8 billion in a matter of four years. While consumer personal information has been compromised on an ongoing basis for years, the massive data breaches of 2017 removed all doubt: Criminals clearly have access to the very information that many banks, companies and other businesses use to grant their users remote access to services. Even social security numbers, which are considered highly private and sensitive personal information, were exposed for hundreds of millions of consumers in 2017. Recent data breaches have been a resounding wake-up call to the fact that new methods are needed to validate our identities online. In an era where personal information is no longer private, and passwords are commonly reused, stolen or cracked with various tools, the traditional scheme of accessing data and services by username and password has repeatedly shown to be inadequate.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
27
Share: 

Cyber Resilience Playbook for Public- Private Collaboration

Original Language: 
Date of Editorial Board meeting: 
Publication date: 
Friday, January 12, 2018
Abstract in English: 
States have taken a variety of approaches to securing their digital domains. These policy approaches share a significant commonality: success depends on collaboration between the public and private sectors.
However, effective collaboration is uniquely difficult in the domain of cybersecurity. Cyberthreats are complex, with an ever-expanding and exposed surface for malicious actors to exploit. Each new innovation brings with it new and sometimes unexpected vulnerabilities.
Despite these challenges, advancing cyber resilience requires the public and private sectors to collaborate in new and innovative ways. This Playbook is recommended for use by the public and private sectors, together, as a tool to facilitate discussions on building the institutions, frameworks, policies, norms and processes necessary to support collaboration in this vital space.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
72
Share: 

The Global Risks Report 2018

Date of Editorial Board meeting: 
Publication date: 
Wednesday, January 17, 2018
Abstract in English: 
Last year’s Global Risks Report was published at a time of heightened global uncertainty and strengthening popular discontent with the existing political and economic order. The report called for “fundamental reforms to market capitalism” and a rebuilding of solidarity within and between countries. One year on, a global economic recovery is under way, offering new opportunities for progress that should not be squandered: the urgency of facing up to systemic challenges has, if anything, intensified amid proliferating indications of uncertainty, instability and fragility.
Humanity has become remarkably adept at understanding how to mitigate conventional risks that can be relatively easily isolated and managed with standard risk management approaches. But we are much less competent when it comes to dealing with complex risks in the interconnected systems that underpin our world, such as organizations, economies, societies and the environment. There are signs of strain in many of these systems: our accelerating pace of change is testing the absorptive capacities of institutions, communities and individuals. When risk cascades through a complex system, the danger is not of incremental damage but of “runaway collapse” or an abrupt transition to a new, suboptimal status quo.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
80
Share: 

Munich Security Report 2018: "To the Brink - and Back?"

Date of Editorial Board meeting: 
Publication date: 
Friday, February 16, 2018
Abstract in English: 
For international security, the year 2017 was marked – among others – by signs of a continued erosion of the so-called liberal international order and an increasingly unpredictable US foreign policy. Tensions in many parts of the world have been growing: the rhetoric between the US and North Korea has escalated, the rift in the Gulf has become deeper, not only between Saudi Arabia and Iran, and major arms control treaties are at stake. In the last year, the world got closer – much too close! – to the brink of significant conflict, and we must do whatever we can to move away from the brink.

It is in this context that the Munich Security Conference Foundation publishes its annual Munich Security Report (download the report as a PDF here). Under the heading "To the Brink - and Back?", the Munich Security Report 2018 provides an overview of major security policy issues and features data, analyses, maps and infographics. As a companion and impulse for the 54th edition of the Munich Security Conference, the Munich Security Report serves as background reading for conference participants, but is also made available to the general public. The last report was downloaded close to 35,000 times and received ample press coverage in both German and international media.

This year's main topics include the crises of the liberal international order and the impact of the first year of Donald Trump’s presidency. It also looks at the new momentum in European defense policy and the potential impact of Brexit. In addition, the report analyses regional developments in Central and Eastern Europe, Africa, and the Middle East. It also provides insights into the state of global nuclear disarmament and non-proliferation efforts, the issue of environmental and climate security as well as cyber security.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
88
Share: 

Rethinking Cybersecurity

Date of Editorial Board meeting: 
Publication date: 
Tuesday, January 9, 2018
Abstract in English: 
Despite all the attention, cyberspace is far from secure. Why this is so reflects conceptual weaknesses as much as imperfect technologies. Two questions highlight shortcomings in the discussion of cybersecurity. The first is why, after more than two decades, we have not seen anything like a cyber Pearl Harbor, cyber 9/11, or cyber catastrophe, despite constant warnings. The second is why, despite the increasing quantity of recommendations, there has been so little improvement, even when these recommendations are implemented.
These questions share an answer: the concepts underlying cybersecurity are an aggregation of ideas conceived in a different time, based on millennial expectations about governance and international security. Similarly, the internet of the 1990s has become “cyber,” a portmanteau term that encompassed the broad range of global economic, political, and military activities transformed by the revolution created by digital technologies.
If our perceptions of the nature of cybersecurity are skewed, so are our defenses. This report examines the accuracy of our perceptions of cybersecurity. It attempts to embed the problem of cyber attack (not crime or espionage) in the context of larger strategic calculations and effects. It argues that policies and perceptions of cybersecurity are determined by factors external to cyberspace, such as political trends affecting relations among states, by thinking on the role of government, and by public attitudes toward risk.
We can begin to approach the problem of cybersecurity by defining attack. While public usage calls every malicious action in cyberspace an attack, it is more accurate to define attacks as those actions using cyber techniques or tools for violence or coercion to achieve political effect. This places espionage and crime in a separate discussion (while noting that some states use crime for political ends and rampant espionage creates a deep sense of concern among states).
Cyber attack does not threaten crippling surprise or existential risk. This means that the incentives for improvement that might motivate governments and companies are, in fact, much smaller than we assume. Nor is cyber attack random and unpredictable. It reflects national policies for coercion and crime. Grounding policy in a more objective appreciation of risk and intent is a first step toward better security.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
50
Share: 

Cyber Handbook 2018: Perspectives on the next wave of cyber

Date of Editorial Board meeting: 
Publication date: 
Wednesday, November 1, 2017
Abstract in English: 
Over the last year, we have reached a new and important turning point in the struggle to manage cyber risk. In the war between cyber attackers and cyber defenders, we have reached what Winston Churchill might call “the end of the beginning.”
Three characteristics mark this new phase. First, global cyber-crime has reached such a high level of sophistication that it represents a mature, though illicit, global business sector in its own right.
Second, with near-ubiquitous technologies now connecting the digital and physical worlds to an unprecedented degree, new potential exists for individual cyber-attacks to devastate critical business and operational processes.
The third characteristic taking shape today is the rising importance of institutions—governments, regulatory authorities, law enforcement agencies, the insurance industry, and others—as a critical to counter the global cyber threat. Cyber risks can only be effectively dealt with if there is a common understanding of their importance and increased interconnected nature.
Against this backdrop, the 2018 edition of the MMC Cyber Risk Handbook provides insights on the shifting cyber threat environment, emerging global regulatory trends, and best practices in the journey to cyber resiliency. The handbook features articles from business leaders across Marsh & McLennan Companies and our expert and notable collaborators. We hope this handbook will help you better understand what it takes to achieve cyber resiliency in the face of this significant and persistent threat.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
75
Share: 

Big Data: A Twenty-First Century Arms Race

Date of Editorial Board meeting: 
Publication date: 
Tuesday, June 27, 2017
Abstract in English: 
We are living in a world awash in data. Accelerated interconnectivity, driven by the proliferation of internet-connected devices, has led to an explosion of data—big data. A race is now underway to develop new technologies and implement innovative methods that can handle the volume, variety, velocity, and veracity of big data and apply it smartly to provide decisive advantage and help solve major challenges facing companies and governments.
File: 
Country of publication: 
Cover page image: 
Number of pages: 
90
Share: 

Analyse du marché et des acteurs de la filière industrielle française de sécurité

Title Original Language: 
Analyse du marché et des acteurs de la filière industrielle française de sécurité
Original Language: 
Date of Editorial Board meeting: 
Publication date: 
Thursday, November 19, 2015
Abstract in English: 
Depuis le début du 21ème siècle, de nombreux risques ont mis la sécurité à l’ordre du jour des préoccupations des citoyens et des pouvoirs publics. Depuis le début des années 1980, le besoin de sécurité est ressenti avec de plus en plus de force en France et en Europe, et encore plus aux États-Unis. La filière de la sécurité répond à ce besoin, et elle comprend, outre le coeur des industries de sécurité, des services privés et surtout un important secteur de services publics de sécurité non marchands (police et gendarmerie nationales, douanes, polices municipales, sécurité civile dont certaines unités militaires, pompiers, justice, administration pénitentiaire). La filière de sécurité répond à un besoin fondamental des citoyens, cela ne fait aucun doute, et elle constitue une activité majeure. Elle est cependant mal connue faute d’un instrument adéquat de suivi statistique par exemple. C’est pourquoi les pouvoirs publics ont lancé une étude visant à affiner les premières estimations de l’importance économique du secteur de la Sécurité contenues dans le Livre Blanc sur la Défense et la Sécurité nationale publié en 2013. En parallèle, la Commission européenne a lancé une étude sur la filière de la sécurité au plan européen. La filière de la sécurité, et plus particulièrement sa composante industrielle, est en plein développement depuis les années 2000. Elle représentait au total en France en 2013 un volume d’affaires de 60 milliards d’euros et près d’un million d’emplois publics et privés. Le secteur marchand et industriel s’appuie pour sa part, sur un tissu d’entreprises comprenant de grands groupes internationaux et des PME innovantes et fortement exportatrices. C’est une filière en forte croissance. Entre 2003 et 2013 le chiffre d’affaires des produits et services de sécurité s’est développé sensiblement davantage que le PIB, au rythme soutenu de 5% par an jusqu’à la crise de 2008 et réduit à 2% par an ensuite. Dans la période à venir (de 2013 à 2020), la croissance devrait repartir et retrouver sensiblement le même niveau qu’avant la crise (à 5,1% par an selon nos estimations). C’est une filière en mutation. Ces chiffres moyens cachent en réalité une mutation de la filière. La partie traditionnelle des activités de sécurité (protection physique, services de gardiennage) stagne, alors que des domaines nouveaux comme les produits et systèmes numériques et robotiques, ou la cybersécurité, sont en très forte croissance. Cela traduit une mutation de la société elle-même qui se "numérise" et se prépare aux évolutions telles que les réseaux intelligents, les villes intelligentes, les automobiles et les objets connectés, et plus généralement, l’utilisation exponentielles de capteurs toujours plus performants et miniaturisés dont les informations nécessitent stockage et traitement. Toutes leurs applications nécessitent d’être fortement sécurisées et d’intégrer des dispositions de protection de la vie privée dès leur conception (ingénierie de type "privacy by design"). Ces évolutions offrent de formidables opportunités pour l’industrie et les entreprises françaises et européennes, qui nécessiteront de la part de tous les acteurs impliqués des visions audacieuses et une grande rapidité de mise oeuvre pour être saisies.
File: 
Country of publication: 
File Original Language: 
Cover page image: 
Number of pages: 
32
Country Original Language: 
Share: 

Pages

Subscribe to RSS - Cyber Security