the indispensable component of cyber security: the dynamics of an effective cyber cooperation prof....

S

The Indispensable Component of Cyber Security: The Dynamics of an Effective Cyber Cooperation

Prof. Nazife BaykalDirector of METU Informatics Institutebaykal@metu.edu.tr

Cooperation

What is ‘cooperation’?

‘Togetherness’

‘for their mutual benefit’

Cooperation in cyber security

The magical concept of ‘trust’

Cooperation: Why so important?

Cyberspace: Extremely connected

Security & Safety: Impossible to provide alone

Maintained & developed by private sector, regulated by governments, research & development by the academia.

Cooperation: Emphasized

US President Obama’s Executive Order: Improving Critical Infrastructure Cybersecurity emphasized cooperation

Initiatives by NATO, EU and other international organizations.

An Irony: Cooperation Exists But Always Talked

About

Cooperation examples everywhere yet we still talk about the ‘need’ for cooperation.

The need for cooperation repeated – Only minor examples are shown

Many cooperation efforts are piecemeal & target specific issues, not the ‘big picture’

Mostly born out of necessities – Quick and small consequences

Problematic Aspects Preventing An ‘Ideal’

CooperationGovernment

AcademiaIndustry

Reluctance for Information Sharing& Lack of Trust

Focusing on short-term economic gains

A Lack of Full Trust

Required for Cooperation:Sacrifice

Sacrifice: A radical yet proper concept

Not focusing on short term results and interests

Cooperation needs compromises

A compromise where everyone wins

Dimensions of an Ideal Effective Cooperation

TrustRisk-Sharing

Cost-Sharing

Commitment

S

Government

Industry

Academia

Citizens

Dimension I: Trust

Basic dimension

The foundation and starting point of effective cyber cooperation

Can be built upon the existing experiences of having securely and effectively worked with each other.

Dimension II: Risk-Sharing

Every step brings about risks

All the parties should be ready and willing to face and share risks

Examples: investments might fail in the short run or violations of data privacy might occur

Even the success itself might be a risk

Dimension III: Cost-Sharing

Cost-sharing: third major dimension of the ideal cooperation

Necessary steps of the cooperation in the cyber domain involves costs

All the actors should be ready to take on economic responsibilities on their part.

Example: The industry should be willing to work with research and development projects

Dimension IV: Commitment

Commitment of the actors: the last dimension of the ideal cooperation

The commitment to the responsibilities till the end is a major component of the process

Commitment helps the other dimensions be carried out into real life and gain their full meaning.

Four Major Dimensions:Cooperation Process

Trust

Risk-Sharing

Cost-Sharing

Commitment

Results of Effective Cooperation

Such a cooperation is full of promises

A better capacity building to combat the threats we face on cyber arena

A strong cooperation vision

Better awareness

Sharing lessons learned

Increased research and development

Thank you.