Advancing digital resilience: priorities, opportunities and challenges

Genie Sugene Gan, Director, Government Affairs & Public Policy for Asia Pacific, Japan, Middle East, Türkiye, and Africa regions, Kaspersky

Sharon Alvares, Government Affairs & Public Policy Lead for Middle East, Türkiye, and Africa region, Kaspersky

In an increasingly interconnected world, the digital landscape is both a catalyst for innovation and a battleground for security. As organizations and societies become more reliant on digital technologies, the potential for cyberthreats, data breaches, and system failures escalates. This article aims to explore the critical importance of advancing digital resilience at multiple levels, the key priorities within this endeavor, and the challenges involved. Enhanced by the invaluable contributions provided by the participants of a global roundtable hosted on the sidelines of GITEX Global in Dubai, United Arab Emirates, on the 15^th of October 2024, this paper exposes the impact of emerging technologies on cybersecurity, highlights the increasing threat of ransomware and cyber extortion, and indicates the need for transparency and multilateral collaboration to combat cybercrime.

Context

1. The world has witnessed an increase in cyberattacks alongside the digital transformation. As a case in point, 2023 was a record-breaking year for information security vulnerabilities added to the global database, with 25,000 new Common Vulnerabilities and Exposures, which meant a 15% increase compared to 2022.
2. The ICT supply chain, comprising of many parties (e.g. suppliers, distributors, customers, managed service providers, Software as a Service, contractors etc.), could very easily become susceptible to an intrusion. If any of these points of connection is compromised, an ICT supply chain attack becomes palpable.
3. If we purchase any ICT product, we are, in fact, buying a ‘black box’ with third-party components that we generally trust without question. However, with the prevalence of ICT supply-chain attacks and cyber incidents, there is a pressing need to engender greater trust at every step of the supply chain.
4. This call for greater trust necessarily prescribes a need for increased transparency as a best practice. Kaspersky, for instance, has established its own Global Transparency Initiative, which involves making its product source code available for independent third-party reviews at Transparency Centers around the world.
5. At an industry level, the European Union’s Cyber Resilience Act introduces elements of increased transparency, with requirements for manufacturers of hardware and software products to actively report exploited vulnerabilities and incidents throughout the lifecycle of the product.
6. This approach is also in line with the strategies employed by some of the world’s most cyber-resilient economies, which consistently rank high in global cybersecurity indexes due to their strong emphasis on transparency, collaboration, and proactive regulation.
7. Moreover, cyber resilience is crucial for economic growth and development. According to a study conducted by the European Economic and Social Committee, cyberattacks incur economic costs, both direct (e.g. incident response) and indirect (e.g. business disruption and reputational harm).

Thematic Highlights

Navigating Cybersecurity in the Era of Emerging Technologies

While driving innovation and connecting billions of devices, emerging technologies also introduce significant governance and regulatory concerns. A recent Kaspersky study has revealed that more than 50% of companies have implemented Artificial Intelligence (AI) and Internet of Things (IoT) into their infrastructures. Additionally, 33% are planning to adopt these interconnected technologies within two years. Simultaneously, 16-17% of organizations think AI and IoT are ‘very difficult’ or ‘extremely difficult’ to protect, while only 8% of the AI users and 12% of the IoT owners believe their companies are fully protected.

To maintain the delicate balance between innovation and security, Dr. Hoda Al Khzaimi, Co-Chair of the World Economic Forum Global Future Council on Cyber Security and Assistant Professor in the Department of Engineering at New York University Abu Dhabi, stressed the importance of trustworthy AI algorithms and comprehensive cybersecurity approaches that address device, regulatory, and human factors. She also highlighted the necessity for stringent privacy protections, particularly regarding future technologies like brain-computer interfaces. A concrete framework for ethical AI is critical to safeguarding trust in digital systems. This framework should include clear guidelines on data privacy, accountability, bias mitigation, and transparency in AI algorithms, aligning with global standards from organizations such as IEEE, ISO, or OECD. Ethical AI governance can help prevent unintended consequences and ensure the responsible AI deployment.

Showcasing Dubai's approach to cyber resilience amidst rapid technological advancements, Mr. Abdulhakim Al Olama, Director of the Cyber Security Services Department at the Dubai Electronic Security Center (DESC), UAE, highlighted the establishment of an AI policy, guiding government entities that regulate the use of AI, and the development of an application, which identifies safe and unsafe URLs. By implementing AI in their Security Operations Center (SOC), Dubai aims to proactively detect threats while maintaining a balance between adopting new technologies and enforcing appropriate security measures. Mr. Al Olama emphasized the importance of not rushing to create laws around AI, advocating instead for policies that guide its use without stifling innovation, and noted the role of digital governance in ensuring responsible AI deployment across various entities.

In turn, Dr. Ahmed Ali Abdel-Hafez, Vice President for Cyber Security Affairs, National Telecommunication Regulatory Authority of Egypt, explained that while AI can enhance efficiency and accuracy in business, it also presents challenges, particularly regarding the accountability for its use. In this context, he underscored the need for a dynamic regulatory framework in Egypt to address the ethical application of AI and the rapid emergence of new technologies, given AI’s psychological and social impact on young people.

Policy recommendations:

• Ensure that newly-developed AI governance is proportionate to the risks posed by AI systems, as over-regulation can affect the speed of innovation.
• Promote mechanisms such as self-regulatory ethical codes of conduct for the use of AI by developers and deployers
• Raise awareness of the need for comprehensive cybersecurity measures to address the new risks posed by the proliferation of AI, by defining specific minimum cybersecurity requirements.
• Tailor recommendations on the use of AI for each sector (healthcare, finance, energy, government, etc.) to reflect their different risk profiles and regulatory landscapes, ensuring that cybersecurity measures are both relevant and effective.

Collaborative Approaches to Cybersecurity Resilience

Strengthening cooperation with diverse stakeholders—such as governments, the private sector, academia, and civil society—is crucial to enhancing cyber resilience worldwide. This collaboration facilitates the exchange of best practices in the ICT domain, contributes to raising public awareness, and supports capacity-building initiatives.

Collaboration is key to envisioning the future of digital transformation, as emphasized by His Excellency Dr. Mohammed Al Kuwaiti, Head of the Cybersecurity Council of the UAE. Multi-stakeholder cooperation should be in place to realize world-changing ideas, contributing positively to humanity and the systems that underwrite it. In addition, interaction at the global level is important due to the transnational nature of cybercrimes, which obliges us to find joint solutions to the problem of raising cybersecurity awareness and strengthening the economics of society. Key actionable initiatives supported by a network of partners, such as the development of a national SOC, are paramount. This collaboration symbolizes the commitment to achieving security and resilience in the face of evolving challenges, reinforcing the message that collective efforts are crucial for safeguarding infrastructure and data.

Referring to efforts made at the national level, Dr. Abdel-Hafez mentioned Egypt's newly launched National Strategy for Cybersecurity (2023-2027), which highlights the importance of collaboration among the government, private sector, and citizens, in developing a comprehensive and measurable approach to cybersecurity. This strategy includes initiatives focused on technical advancements, public relations, and capacity building through public-private partnerships (PPP). Dr. Abdel-Hafez reiterated that cybersecurity is a continuous journey requiring shared responsibilities and risks among various stakeholders and he noted that Egypt's young workforce could serve as a valuable asset in enhancing cybersecurity efforts.

As an additional example, Mr. Süleyman Kara, Director of Public Policy at INVIST Strategic Consulting in Ankara, described Türkiye’s cybersecurity framework. This policy protects public institutions and the private sector while enhancing national awareness and securing critical infrastructures such as banking and healthcare. Established in 2013, this strategy emphasizes cooperation between government agencies and private companies in detecting and responding to cyber threats. Notably, Türkiye successfully thwarted a major DDoS attack on its banking sector through coordinated action. Mr. Kara specified that the policy includes awareness campaigns and training for small and medium enterprises, as well as collaboration with international organizations like NATO and the EU to address future cybersecurity risks, including the development of AI-based threat detection systems.

By contrast, Mr. Basuki Erwin, Cyber Threat Intelligence Team Leader, Directorate of Cybersecurity Operation of Indonesia, revealed that the unique cybersecurity challenges for his country are the availability of human resources and requisite knowledge. With a population of nearly 270 million, and an internet penetration rate of 80%, Indonesia is witnessing a significant gap in cybersecurity literacy among users, leading to widespread malware infections. Therefore, there is a growing need to raise public awareness to build resilience, especially against threats like FIDA, Raccoon, and Redline. Mr. Erwin also endorsed a collaborative approach between the public and private sectors to enhance awareness and shared responsibility in cybersecurity efforts.

Policy recommendations:

• Consider establishing national SOCs with the involvement and active contribution of private sector cybersecurity partners.
• Design tailored frameworks and capacity-building initiatives aimed at raising public awareness about threats.
• Promote cooperation between the public and private sectors further to improve the cybersecurity and cryptography skills of law enforcement personnel and national cybersecurity agencies through specialized technical training programs.
• Explore the integration of cyberliteracy courses into school programs.

Building Trust Through Transparency

The demand for greater digital trust is increasing amid a growing tendency toward digital sovereignty worldwide. The overall attitude regarding risks associated with the use of third-party software is shifting, as businesses and regulators are keener to assess the safety of the software they utilize.

The rising threat of supply-chain attacks is a catalyst for transparency requirements, including vulnerability management and secure software development procedures. Another key condition for transparency is sharing a Software Bill of Materials (SBOM), a critical component of supply-chain risk management and an industry standard that all companies should adopt, because knowing what comprises a product provides a powerful tool for identifying and mitigating risks. However, producing an SBOM remains a challenge for many software development companies, as it requires significant effort to identify, list, and track all dependencies. Hence, regulators should consider implementing additional incentives as a reward for responsible companies that adopt such best practices.

In this context, Mr. Timur Biyachuev, Executive Vice President for Corporate Business at Kaspersky, reaffirmed the company’s commitment to building trust through independent testing along with the Global Transparency Initiative (GTI), which allows customers to scrutinize Kaspersky's code and internal processes. In particular, Mr. Toufic Derbass, Managing Director for the Middle East, Türkiye, and Africa at Kaspersky, outlined that the company has established 12 Transparency Centers globally as part of this strategy backed by a significant investment of USD 8 million to USD 9 million. Furthermore, Kaspersky rewarded 62 vulnerability reports with a total of USD 88,250 as part of its bug bounty program which helped attract top researchers. Additionally, the company presented its ethical principles for the development and use of systems employing AI to ensure the reliability of machine learning models.

Putting the principles of transparency into practice could be hindered in different regions and territories. For example, Ms. Anna Collard, SVP Content Strategy, KnowBe4 Africa, emphasized that the absence of a national cybersecurity strategy in South Africa represents a significant barrier to progress. She advocated for the establishment of accountability, governance structures, and a culture of transparency within organizations, and voiced her support for creating psychological safety for employees to report incidents without fear of penalties, which fosters a more open and proactive cybersecurity environment. These efforts should be accompanied with a mindful approach to cybersecurity education, promoting a zero-trust mindset among users and encouraging vulnerability reporting from the external hacker community. Ms. Collard also endorsed initiatives like a security academy in South Africa aimed at providing cyber training and life skills to underprivileged youth, underscoring the importance of collaboration and transparency for building trust and resilience.

Meanwhile, Mr. Al Olama asserted that emerging technology developers in Dubai are on a journey toward transparency. However, there is still a need for promoting greater awareness and adopting best practices, as well as avoiding overly restrictive controls with regard to these startups, which could hamper their potential. In his opinion, established companies in the market should act as role models by adopting transparency more swiftly, thereby setting a standard for new entrants and helping to cultivate a sustainable technological environment.

Policy recommendations:

• Consider motivational programs for developers who invest in secure software development practices and transparency programs.
• Promote best practices such as SBOM and vulnerability management as part of minimum cybersecurity guidelines for businesses.
• Require suppliers to adhere to recognized security standards and obtain relevant certifications, such as ISO 27001.
• Enable ICT vendors to invest in an effective supply-chain risk management framework. This could be done, in particular, through the implementation of self-assessment mechanisms and increased transparency for potential customers.

Strengthening Resilience Against Ransomware and Cyber Extortion

Ransomware attacks continue to be one of the biggest contemporary cybersecurity threats, affecting organizations and individuals alike on a global scale. Kaspersky's research, covering 2022 and 2023, revealed a worrisome escalation in targeted ransomware gangs. The data indicated a staggering 30% increase globally in the number of these malicious actors compared to 2022, along with a 71% surge in known victims of their attacks. From high-profile breaches in the healthcare and industrial sectors – compromising huge volumes of sensitive data or halting production entirely – to attacks on small businesses that have become relatively easy targets, ransomware actors are expanding their sphere of influence.

The severity of ransomware incidents could be exemplified by the Colonial Pipeline case that paralyzed the U.S. gas supply for two weeks in the spring of 2021. In this situation, the decision to pay the ransom immediately did not guarantee the prompt restoration of operations. Thus, Dr. Genie Sugene Gan, Director of Government Affairs & Public Policy for Asia-Pacific, Japan, the Middle East, Türkiye, and Africa regions at Kaspersky, underlined a core necessity for effective data protection measures and public awareness about the dangers of ransomware, urging individuals not to succumb to ransom demands and to utilize available resources for recovery instead. She explained that the payment of ransoms only serves to fuel the ransomware economy and incentivizes illegality, while there are always better solutions available such as "No More Ransom", which is a great example of effective PPP. This initiative provides free decryption tools to victims, advocating for the importance of data recovery, effective backups, and building cyber resilience as essential strategies to combat ransomware threats. Additionally, the dissemination of educational resources to raise cybersecurity awareness among youth and the broader community helps mitigate the social risks of cybercrime.

At the same time, there is an urgent need for concerted efforts at the international level to safeguard individuals from violations and abuses of their rights in the digital space committed using sophisticated technologies. On this subject, Dr. Abdel-Hafez highlighted the UN's Counter Ransomware Initiative, which fosters international cooperation to combat ransomware attacks effectively. In his view, addressing the challenges of ransomware requires a shared responsibility between governments and the private sector, along with collaborative efforts to enhance cybersecurity resilience.

Another threat that is currently on the rise is the overexposure of explicit content, leading to blackmail and extortion. A Kaspersky study, conducted among more than 9,000 respondents from over 10 countries in Europe, Latin America, and the USA, revealed that an increasing number of individuals – including younger adolescents aged 16 to 18 years old – are sharing intimate images without considering the long-term impact. According to Ms. Collard, the alarming rise of financial sextortion, particularly among teenagers, entails serious consequences, including the tragic possibility of suicide. Therefore, she called for increased awareness and empathy in addressing these crimes, stressing the need to educate young people about the risks of sharing personal images online and the resources available for victims seeking help, such as the Coalition Against Stalkerware website.

Policy recommendations:

• Implement robust data protection policies across government agencies and private organizations.
• Advocate responsible online behavior and increase public awareness of cyberthreats, especially among the younger generation.
• Promote a shared multi-stakeholder approach to protect against cyberthreats and facilitate assistance to victims of cybercrime.

Attendees & Contributors:

His Excellency Dr. Mohammed Al Kuwaiti, Head of the Cybersecurity Council, UAE (Guest of Honor)

Dr. Genie Sugene Gan, Director, Government Affairs & Public Policy for Asia Pacific, Japan, Middle East, Türkiye, and Africa regions, Kaspersky (Host)

Mr. Abdulhakim Al Olama, Director of the Cyber Security Services Department at Dubai Electronic Security Center (DESC), UAE

Dr. Ahmed Abdel-Hafez, Vice President for Cyber Security Affairs, National Telecommunication Regulatory Authority, Egypt

Ms. Anna Collard, SVP Content Strategy, KnowBe4 Africa

Mr. Basuki Erwin, Cyber Threat Intelligence Team Leader, Directorate of Cybersecurity Operation, Indonesia

Dr. Hoda Al Khzaimi, Co-Chair of the World Economic Forum Global Future Council on Cyber Security and Assistant Professor in the Department of Engineering at New York University Abu Dhabi

Mr. Süleyman Kara, Director of Public Policy at INVIST Strategic Consulting in Ankara, Türkiye

Mr. Timur Biyachuev, EVP, Corporate Business, Kaspersky

Mr. Vasily Vaganov, VP, International Business, Kaspersky

Mr. Toufic Derbass, Managing Director for the Middle East, Türkiye, and Africa, Kaspersky

Ms. Sharon Alvares, Government Affairs and Public Policy Lead, META, Kaspersky