Is this how to build a more inclusive cybersecurity strategy?

As technology and the digital economy play an increasingly integral role in our daily lives, cybersecurity is now a critical issue worldwide. The World Economic Forum 2023 report on Global Risks, states: “widespread cybercrime and cyber insecurity” among its top ten global risks for the next two and ten years. Addressing this challenge, however, has been a top concern of the World Economic Forum for much longer.

The World Economic Forum Centre for Cybersecurity was established six years ago — with Fortinet as a founding partner — to drive global public/private action to address systemic cybersecurity challenges. Since then, we have developed several key initiatives that have brought global leaders together from private companies, public agencies, academia and law enforcement to develop research, share critical insights and identify and respond to current and future cyber risks.

The Cybercrime Atlas, a joint initiative launched by Fortinet, Microsoft, PayPal, Santander and the World Economic Forum and announced at the Forum's 2023 Annual Meeting, includes cybersecurity companies, international and national law enforcement agencies, academic analysts and global businesses working together to map the cybercrime landscape. It brings together global leaders to fight cyber threats by sharing critical threat intelligence to develop insights into criminal operations, structures and networks — something only possible through private-public collaboration.

The result is an ever-evolving and expanding database of cybercriminal activity that allows interested groups to identify threat actors based on profiles and cyber fingerprints, to correlate and trace criminal activity, identify vulnerabilities being actively targeted and bolster pursuing criminals across international borders. The initiative identifies chokepoints to systematically disrupt cybercrime and is a significant step forward in addressing the flourishing multi-trillion-dollar cybercrime industry.

That’s just the start. Because technologies and cyber systems are increasingly intertwined, an event anywhere can have far-reaching ramifications. An attack on a supply-chain provider can affect companies — and their customers — worldwide. When critical infrastructure providers are compromised, the impact can go well beyond financial losses, putting the safety and well-being of people at serious risk.

At the same time, cybercriminals are targeting vulnerable individuals and privately-owned systems to create launch pads for targeting enterprises and governments. Because of this, cyber awareness and cybersecurity are now everyone’s responsibility. The challenge is how to raise the bar for everyone — businesses, governments, academic institutions and individual citizens alike.

To start, we need to open a larger dialogue that includes civic leaders to identify these broader challenges and launch and support initiatives to address them. This needs to be a two-pronged approach. First, we must introduce essential cyber hygiene and security best practices to the general population. Cybersecurity needs to be part of every child’s education. At the same time, we need a process that can quickly bring end users with varying levels of cyber awareness and education up to speed on protecting themselves from cybercriminals. And second, we must effectively engineer cyber risks out of the applications, devices and technologies people use every day. Security must be woven into everything from the beginning, rather than as an afterthought so critical protections are transparent to users.

The World Economic Forum is the right place to begin and continue pushing forward these conversations and to establish platforms and groups made up of global experts across business sectors, governments and international organizations willing to address these challenges to action collective ideas into impactful cybersecurity change. By expanding the conversation and broadening our strategies to include everyone who relies on technology, we can significantly lower the impact of cybercrime — not just on individual users, but across the entire global digital ecosystem.