There was broad agreement at the panel debate called Is the Future of Cyberspace Only as a Domain of Conflict?, moderated by Dr Uroš Svete, Director, Information Security Administration of the Republic of Slovenia (ISA), that common cyber security should be boosted in order to protect individual countries from attacks, and that public-private cooperation should be strengthened. It was also noted that cyberspace is about strategic competition rather than conflict.
The introductory word was delivered by Mr Boštjan Koritnik, Minister of Public Administration of the Republic of Slovenia, who said that building a resilient European infrastructure was the key. “We must work together to protect our countries from malicious cyberactivity.”
According to Mr Koritnik, the protection of public services is based on a sustainable European digital infrastructure, and it is necessary to strengthen international cooperation, which is why he is looking forward to the emerging European cybersecurity unit.
The only other in-person speaker at the event was Mr Karel Řehka, Director of National Cyber and Information Security Authority (NÚKIB) in the Czech Republic. He noted that in his country, there had been a significant increase in attempted and real cyberattacks during the Covid-19 pandemic, most of them on hospitals, and that was a real healthcare problem.
Mr Řehka said it was quite an interesting lesson and that cyber security of the healthcare sector had become a top priority of the prime minister. “This was the biggest wake-up call in terms of cybersecurity.”
In this respect, Mr Casper Klynge, Vice-President for European Government Affairs at Microsoft, said that cooperation between the private and public sectors was on the rise, and that digitalization was not an option, but “something you have to do”. “Responsibility of the private sector is increasing,” he said, adding that cybersecurity was more important than ever before and that the first-line responders were digital companies, which have the best information about cyberattacks.
Mr Juhan Lepassaar, Executive Director at the EU Agency for Cybersecurity (ENISA), noted that incidents and attacks during the pandemic had not been fixed on one sector, but hospitals and research institutions were an initial target.
Mr Lepassaar believes that Europe has been able to build up a security framework and find strategies to raise the overall level of security – individual member states have taken action and raised their capabilities, and national and European actors have built stronger mechanisms.
Taking a look from the US perspective, Mr Richard Harknett, Professor and Head of the Department of Political Science at the University of Cincinnati, Co-director of the Ohio Cyber Range Institute, and Chair of the Center for Cyber Strategy and Policy, said that cyberspace was about strategic competition rather than conflict. For him, the “core question is how to manage competition” and how to “anticipate the exploitation of vulnerability and take away the attack before it happens”.
Mr Arne Schönbohm, President of the Federal Office for Information Security (BSI) in Germany, raised the question of what the proper level of information security is, and stressed that a precondition for successful digitalization was information security.
Ambassador Heli Tiirmaa-Klaar, Ambassador-at-Large for Cyber Diplomacy at the Ministry of Foreign Affairs of the Republic of Estonia, spoke about responsible state behavior in cyberspace, saying that the starting point was for states to observe existing international law.
“We have not seen cyber incidents that have exceeded the threshold of armed conflict;” she said, while adding that diplomats were also planning deterrent activities, and that there was hope that state behaviors would become more predictable.