Annual Meeting of the New Champions 2013

  • Protecting the Digital Economy

    Thursday 12th September 2013 - 12:00pm - 1:00pm CST

    Download PDF

  • As people, processes and things become more connected, how should cyber risks be managed?

    Key Points


    •    Cybersecurity involves protecting individual, national and global security and privacy. Central to cybersecurity is the need for trust and transparency.
    •    Cybercrime is transnational and transborder, which means cooperation among all stakeholders is critical if we are to make our world cyber safe.
    •    An international regulatory framework is needed.
    •    A shared understanding of risk is essential to cooperation.

    Synopsis



    News on all fronts over the past year has stepped up the public debate aboutcybersecurity – protecting individual, national and global security and privacy. A leitmotif of the debate is the need for trust and transparency in today’s increasingly hyperconnected world.

    Panellists discussed the inextricable linkages between privacy and security, and noted that tension between the two tends to paralyze governments. However, the private sector appears to have no trouble distinguishing between the two, opting for the technological solution for security if privacy is not compromised. Panellists agreed that cooperation is critical if we are to make our world cyber safe. The global economy is networked, but so is every aspect of our personal and professional lives. Trust – among stakeholders and consumers – is paramount.

    Ali Abbasov, Minister of Communication and Information Technologies of Azerbaijan, joined panellists in calling for an international regulatory framework for cybersecurity. But policy-makers are still grappling with the tension at national level. “All governments should have a legal framework for cybersecurity … but [they] have trouble with this issue because they are committed to protect individual data privacy. Governments must provide a balance between these two issues,” he said.“Cyber crime is transnational and transborder. Cooperation among governments is very important. We have no international framework on this issue.”

    Cyber risks abound, particularly in the financial services sector. For Chris Clark, Group Executive, Asia-Pacific, Visa, Hong Kong SAR, cybersecurity is fundamental to hiscompany’s business model. He described a system of shared responsibility through different levels of protection. “Staying one step ahead of cyber criminals is really difficult. Organized [criminals are] very smart and they have a lot of money. We have to stay one step ahead all the time to be on top. The only way to be on top is to work together,” he said. “Education and collaboration are key.”

    A shared, more sophisticated understanding of risk is needed, according to Kevin Mahaffey, Chief Technology Officer and Co-Founder, Lookout Mobile Security, USA. Currently, there is no way for service providers, the private sector and governments to exchange information. “It is very ad hoc. There is not a lot of trust in the world. We need to treat this as a risk issue and treat it in a more systematic way,” he said. “My fear is that we won’t figure out the trust issue and won’t understand that every country has more to gain from cooperation than from building more walls and mistrust.”

    Vic Mankotia, Senior Vice-President, Corporate Strategy and  Solution Sales, CA Technologies, Singapore, told participants that the digital economy will thrive in a “trustful” environment. “Industry is getting a second chance to earn trust back… The right people with the right access to the system with the right device helps to build an ecosystem of trust,” he said. “Technology and the evolution of the digital economy will be faster than the legislation. The genie is out of the bottle. There is no perfect way. We need a paradigm and mind shift.”

    China experienced a serious cyber attack last August when the country code top-level domain for Mainland China was hacked. “[This was] the first time hackers attacked a national system directly. We need very close cooperation between government, industry, service providers and NGOs… I have a dream that in the future we will have a trustworthy network,” said Lee Xiaodong, Chief Executive Officer, China Internet Network Information Center, People's Republic of China. “To build trust, network law enforcement is very important… and very important for governance.”

    Protecting infrastructure is the government’s job, most panellists agreed. To do this, partnerships with internet service providers (ISPs) and other private sector actors is the way forward. Another area for fruitful cooperation is risk management. The private sector has taken the lead in this and often comes to government with solutions. In India, for example, it was not against the law for hackers to attack a non-government website. Clark and his team worked with the government to change the law.

    Industry often takes the lead in the privacy-security nexus. “We want to create a world where security enables countries to trust and share,” added Mahaffey. “When there is no trade-off between privacy and security, we should take the technological solution that provides security.”

    In response to a question from the audience concerning transparency, panellists noted that it is essential, but at the same time people’s data must be secure and protected. People have the right to know the process, who is involved and the duties of ISPs and governments.

    One solution to this dilemma is already being provided by the private sector. Mahaffey noted that a “good check and balance” is the trend for companies to providereports when they are asked to provide data.

    Disclosures


    This summary was written by Dianna Rienstra. The views expressed are those of certain participants in the discussion and do not necessarily reflect the views of all participants or of the World Economic Forum.

Session objectives

As people, processes and things become more connected, how should cyber risks be managed?

Dimensions to be addressed:

  • Developing effective response mechanisms
  • Adopting legal frameworks against cyber criminals
  • Protecting critical infrastructure

Speakers

  • Lee Xiaodong Lee Xiaodong
    Chief Executive Officer, China Internet Network Information Center, People's Republic of China

    Many years' experience in information industry and Internet development in China. Formerly in charge...

  • Ali Abbasov Ali Abbasov
    Minister of Communication and Information Technologies of Azerbaijan

    PhD in Microelectronics, Academy of Sciences of Ukraine. 1991-2000, Director, Institute of Informati...

  • Kevin Mahaffey Kevin Mahaffey
    Chief Technology Officer and Co-Founder, Lookout, USA

    Degree (Hons) in Electrical Engineering, University of Southern California. Entrepreneur and technol...

  • Chris Clark Chris Clark
    Group Executive, Asia-Pacific, Visa, Singapore

    BCom, University of Melbourne, Australia; executive programmes, INSEAD, France and Stanford Universi...

  • Vic Mankotia Vic Mankotia
    Senior Vice-President, Corporate Strategy and Solution Sales, CA Technologies, Singapore

    MBA candidate in Global Business Context, Royal Melbourne Institute of Technology; credentials in Su...

Moderated by

  • Gady Epstein Gady Epstein
    China Correspondent, The Economist, People's Republic of China

    1994, graduate, Harvard. Since 2002, covering China and Asia, with a sub-speciality in North Korea. ...

Gallery