Donate
The State of Cybersecurity in Europe – Should We Reboot? Thumbnail
‹ Back
Improving Technical Security 17 June 2016

The State of Cybersecurity in Europe – Should We Reboot?

Maarit Palovirta
By Maarit PalovirtaFormer Senior Manager, Regional Affairs Europe

During last week’s EuroDIG, Olaf Kolkman and Tatiana Tropina moderated two animated and interactive sessions on the state of cybersecurity in Europe. The first session looked at the current initiatives in the area of cybersecurity, while the second focused on the possible ways forward.

Cybersecurity remains a topic that is hard to define. The discussion touched upon technical, governance and rights elements, and flowed between baseline principles and different operational aspects. The lack of clear definition makes the assessment of European cybersecurity efforts difficult, but our moderators succeeded in teasing out some of the good practices, concerns and frustrations that the participants had.

The participants recognised openness and transparency as fundamental, underlying principles for cybersecurity and as building blocks for trust. The multistakeholder model and rule of law based on democratic decision-making processes are already mainstream practices in most parts of Europe, but to what extent do they really prevail in the area of cybersecurity? The recent EU regulatory and policy initiatives on cybersecurity are a result of a democratic process. Open standards and the Internet Engineering Task Force (IETF) represent a good practice as a transparent way of setting a global technical baseline for security. However, it was not so easy to find good practices reflecting these overarching principles in the world of governance. Many, especially government-led, cybersecurity platforms or partnerships are still not by default open to all, and those that are open tend to be fragmented and publicized within trusted communities.

So how can we continue to build trust between the different communities in Europe for the benefit of a more secure Internet? Users worry about identity and control of their own data, which raises questions vis-à-vis the private sector and government. The European public appears to partially expect that Internet security is a matter to be dealt with by governments. In the real world, however, Internet operators and companies are the first line of defence against cyber incidents. And users carry an important responsibility over their own behaviour and actions on the Internet. Hence, awareness raising and capacity building are key elements of a more secure Internet. The technical community can also help build bridges between different communities through training of, for example, law enforcement and other government departments.

During the sessions a couple of participants asked: should we reboot cybersecurity in Europe? Building common security strategies and solutions is a slow process, but there are clear signs of improved collaboration between the different stakeholder groups. The Internet is a decentralised network of networks, and there is no one-size-fits-all solution to cybersecurity and no single party that can provide the solution. Building trust in the Internet; shared responsibility; and solutions built by consensus are in the heart of the Internet Society’s Collaborative Security approach, and these characteristics are reflected in the European discussions. So should we reboot? This is not necessary – we are already on the right track.

Image credit: Olaf Kolkman on Flickr

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Proposed APEC Cybersecurity Framework gains momentum at TEL 52
Building Trust11 November 2015

Proposed APEC Cybersecurity Framework gains momentum at TEL 52

APEC’s forthcoming cybersecurity framework continues to take shape following the recent 52nd Telecommunications and Information Working Group meeting in Auckland,...

Workshop 151: Cyber Security R&D: Developing a Vision & Road Map
Internet Governance8 December 2009

Workshop 151: Cyber Security R&D: Developing a Vision & Road Map

It was a very bright and early morning, 9:00 a.m. on the first day of the IGF, in the Biblioteca Alexandrina....

APT CSF-6 focused on essential and urgent issues for cybersecurity
APT CSF-6 focused on essential and urgent issues for cybersecurity
Improving Technical Security29 October 2015

APT CSF-6 focused on essential and urgent issues for cybersecurity

Recognizing the growing importance of cybersecurity, delegates at the Asia-Pacific Telecommunity (APT) 6th Cybersecurity Forum in Bangkok, Thailand exchanged opinions...

Join the conversation with Internet Society members around the world