• Successfully fighting cybercrime requires collaboration between the public and private sectors.
  • There is a genuine appetite on both sides to enhance cooperation.
  • A global alliance could provide the scale needed to tackle this problem.

Cybercrime is one of the greatest risks to prosperity in the Fourth Industrial Revolution. Nation-state cyber activities tend to garner most international attention, but in fact cybercriminals are responsible for the majority of malicious cyber activity - about 80% by some estimates. In addition to direct damages, which are projected to cost the global economy $6 trillion (or 6.3%) annually by 2021, cybercrime is a colossal barrier to digital trust. It drastically undermines the benefits of cyberspace and hinders international cyber stability efforts.

In response, the international community has taken commendable action to enhance national law enforcement capabilities and facilitate international cooperation on cybercrime – INTERPOL’s Global Cybercrime Programme and Innovation Centre in Singapore, Europol’s European Cybercrime Center and the Joint Cybercrime Action Taskforce are leading results of these efforts, as are international policy dialogues such as the United Nations Open-ended Intergovernmental Expert Group on Cybercrime and the Council of Europe Budapest Convention.

Conventional government-to-government criminal justice efforts, however, are proving too limited to meet the challenge. Recent reports highlight a “stunning enforcement gap” for cybercrime, citing that even in the US, the likelihood of successfully prosecuting a cybercrime is estimated at 0.05%, far below the 46% rate of prosecution for violent crime.

Cybercrime cannot be systemically curbed without confronting the source of cyber-criminal activity, reducing the payoff and making the risk of prosecution real to offenders. With government efforts alone proving insufficient, successful approaches require a convergence of transnational public-private efforts and resources. To date, government cooperation with private-sector actors, both locally and globally, has been fragmented. Cybercriminals exploit these gaps to act with near impunity. We need to close them.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust aims to spearhead global cooperation and collective responses to growing cyber challenges, ultimately to harness and safeguard the full benefits of the Fourth Industrial Revolution. The platform seeks to deliver impact through facilitating the creation of security-by-design and security-by-default solutions across industry sectors, developing policy frameworks where needed; encouraging broader cooperative arrangements and shaping global governance; building communities to successfully tackle cyber challenges across the public and private sectors; and impacting agenda setting, to elevate some of the most pressing issues.

Platform activities focus on three main challenges:

Strengthening Global Cooperation for Digital Trust and Security - to increase global cooperation between the public and private sectors in addressing key challenges to security and trust posed by a digital landscape currently lacking effective cooperation at legal and policy levels, effective market incentives, and cooperation between stakeholders at the operational level across the ecosystem.Securing Future Digital Networks and Technology - to identify cybersecurity challenges and opportunities posed by new technologies and accelerate solutions and incentives to ensure digital trust in the Fourth Industrial Revolution.Building Skills and Capabilities for the Digital Future - to coordinate and promote initiatives to address the global deficit in professional skills, effective leadership and adequate capabilities in the cyber domain.

The platform is working on a number of ongoing activities to meet these challenges. Current initiatives include our successful work with a range of public- and private-sector partners to develop a clear and coherent cybersecurity vision for the electricity industry in the form of Board Principles for managing cyber risk in the electricity ecosystem and a complete framework, created in collaboration with the Forum’s investment community, enabling investors to assess the security preparedness of target companies, contributing to raising internal cybersecurity awareness.

For more information, please contact us.

Public-private cooperation is the way

Traditionally, law enforcement agencies (LEAs) run the entire criminal justice process – responding to an incident, investigating the crime and prosecuting the perpetrators. When it comes to cybercrime, the private sector plays an instrumental role due to a combination of factors.

Preventing and investigating cyber incidents requires significant technical skills and capabilities. LEAs have either lagged behind the private sector in developing these skills, or do not have the necessary resources at the same scale as private-sector organizations.

Cybercrime incidents often result in personal data theft or customer service disruption, which may amount to a crime or lead to regulatory actions in many countries. There are a number of reasons why companies subjected to attack may not want to report cybercrime to law enforcement, and will turn instead to the private sector.

Jurisdiction is often murky for cybercrime investigations. In the physical world, a crime occurs at a location with the criminals physically present, but in cyberspace criminals can live in one country, carry out crimes in another and leave evidence in a third. In these instances, government agencies often do not have jurisdiction to investigate all the aspects of crimes committed online, whereas private companies with global operations regularly operate across national boundaries. Moreover, cybercriminals abuse privately-owned infrastructures to carry out their crimes. Therefore, the private sector may provide significant assistance in countering criminal activities.

At the same time, the private sector cannot replace law enforcement. Private-sector companies can prevent, investigate and mitigate criminal activity, but they cannot impose sanctions on malicious actors. Only LEAs have the mandate to arrest, prosecute and take other appropriate measures against cybercriminals. The only way forward in the new context is to enable stronger operational collaboration between the public and private sectors to fully avail the parties of all the tools and jurisdictions needed to successfully reduce cybercrime.

The power of alliance…

At the World Economic Forum Annual Meeting on Cybersecurity in Geneva in November 2019, leaders from the public and private sectors explored how to meet the new challenges that cybercrime presents. While acknowledging the substantial efforts made by both public and private-sector actors, the discussion also highlighted a number of barriers to cooperation.

These include legal and privacy challenges, cultural differences, a lack of shared standards around evidence collection and fear of losing competitive advantage. The lack of clear frameworks or standards for public-private cooperation could potentially cause confusion on roles, responsibilities and the purpose of collaboration. Liability and anti-trust concerns could add another layer of complexity. These as-yet unresolved issues compound the difficulties of implementing effective collaboration.

At the same time, there is genuine appetite in both the public and private sectors to intensify this cooperation. INTERPOL, Europol and several national LEAs have stepped up their efforts to foster partnerships with the private sector. Another promising approach is to bring together different stakeholders in a joint framework of cooperation on a shared goal, as do the Cyber Threat Alliance, the Cyber Defence Alliance and the Global Cyber Alliance.

Applying this approach on a much broader scale by forming a global public-private alliance against cybercrime could help to achieve a level of cooperation capable of meeting current and growing needs. An alliance could facilitate cooperation by creating and innovating mechanisms to overcome barriers, and at the same time promote a shared agenda.

A global alliance could leverage the platform provided by the World Economic Forum in partnership with INTERPOL, the Cyber Threat Alliance and other leading actors to provide a neutral and impartial environment in which to foster public-private cooperation on cyber investigations. Partners would include cybersecurity companies, tech companies, service providers and international corporations, as well as LEAs, computer security incident response teams, international organizations, information-sharing communities, action-oriented alliances and other non-profit groups. The alliance would complement and enhance ongoing partnerships, not replace or duplicate existing efforts.

A first step is to define the principles for optimal public-private operational collaboration on cybercrime investigations, capturing “what good looks like”. This would be followed by promoting the implementation of practices and mechanisms needed – including operational concepts and technological enablers – to facilitate and support multilateral cooperation. Equally importantly, we need to present a united front, to inspire hope and a collaborative approach on the one side, and fear and restraint on the criminal side.

…at speed and scale

Is the need for new approaches to addressing cybercrime surprising? Policy, law and behaviours in the physical world have developed over centuries; cyberspace is only 50 years old. As a global network evolving at lightning speed, cyberspace operates in a different dimension from the physical world. Policies, laws, institutions, standards and frameworks must effectively adapt to and address this evolving environment. We can choose to create a global public-private alliance to jointly and effectively fight cybercrime. The time to do so is now.