November is a month of Smart Defense and Open – Door Policy – New Synergies for Euro –Atlantic Security. Not only in Europe, but also in South-East European region as well. The following international event was organized by PanEuropa Bulgaria and it was supported by NATO. Furthermore, I was invited to take a participation as a speaker on the panel discussion Collective Cyber Defence – The Role of Newer Members and Opportunities for Specialization of Bulgaria in the Alliance Questions and answers. In details, the event main points ware to highlight the need for specialization of each member state in terms of the principles of Smart Defense and the joint participation in future military operations.
Moreover, the event had splendid video addressing in the opening session of Neelie Kroes, the Vice – President of European Commission. Emphasizing the current online spying crisis as well as the importance of cyber security strategy. In additional, she highlighted the importance of new legal threats, information norms coupled to boost the trust among the Europe. As well as, that the weakest link in the chain should be able to raise and boost the awareness, coupled with the future investments in research and innovations, and projects.
Regarding the collective cyber defense panel discussion, I was delighted to be speaker with such strong extensive and experienced experts from different fields. Such as private, public, academy and business sectors. Speaking of which, the moderator of the panel was Prof. Veselin Tselkov, D. Sc., Member of the Board, Commission for Personal Data Protection in Bulgaria. The lectures where: unfortunately Col. Associate Prof. Dr. Stoyan Balabanov, Director, Institute for Defense, Ministry of Defense Bulgaria, was not able to attend the panel, however we had representative from MoD. Also from Bulgaria was Zlatogor Minchev from Institute of Information and Communication Technologies, Bulgaria. From Macedonian was Dr. Metodi Hadji-Janev (LtC), Assistant Prof., Military Academy ” General Mihailo Apostolski”, Skopje, Macedonia. From business prospective I was the presenter of CyberSecurity.mk copmany, based in Macedonia. In addition, Mr. Robert Griffin, Director Business Development – Security Systems, RSA. From all the above, we also had video addressing from Mr. Detlef Puhl, Senior Advisor at the Emerging Security Challenges Division, NATO Headquarters, and Mr. Philippe Roggeband, Security Sales Business Development Manager, EBG EMEAR, Cisco Systems. However, due to the security measures in the building where the event was held the video addressing was interrupted.
Nevertheless, here is my short presentation notes.
Cyberspace has become one of the most essential and distinguished bridge between government and their inhabitants. Thus, the people are able to get access to government services 24/7, as well as their life becomes more easier. However, all in this has led to advance of producing cyberspace to be vulnerable, coupled with information’s that should not be available to others. For this reason I would like to share three important points that are fundamental to emphasis when we discuss about the Cyber defense in general. First, we have to understand and highlight the difference between Cyber Security vs IT Security. Second, it is the important to boost the awareness level tailored to national level, social society, private sector and indeed multistakeholder cooperation in the region. Last but not least, we have to brake the lack of communications between the neighboring countries and to create a trusted, same level, and collaboration of cyber security. Where national agencies and parties should work together.
Without further ado, first the main goal of IT security is to protect information from a wide range of threats in order to ensure business continuity, reduce business damages and maximize return on investments and business opportunity. Likewise the cyber security is protecting Information and Communication Technologies (ICT) systems and Critical Infrastructure (CI). However the most important protection element in IT security is to reduce business risk to accepted levels and the protection of entire information and information systems essential to the organizations. Alternatively, cyber security aims at assuring critical IT service for CI and CII on accepted levels, in addition to the protection of critical information. In other words the security objective determiner in information security is an organization’s business process, while in cyber security it is for the entire state. Emphasizing that states may have different or complementary interests compared to an organization’s business interests. On one hand, handling cyber security problems is considered to be both a nationally and internationally coordinated activity to protect national CII. Similarly, to information security goals: confidentiality, availability and integrity, in cyber security the additional goals are non-repudiation, authentication, information systems importance and criticality from the standpoint of state CII/CI.
Turning to awareness, I would like to share my recent research that have been published as book, title: Interactive Cyber Security Awareness Program. It is highlighting the method, approach and the importance of current awareness level in Western Balkans. Coupled how to boost the awareness on the national level. I would not like to go in details, however, just want to mention that the positive results were presented, and that the awareness level among the end users are varied. Moreover, in particular we have to create and recognize the importance of establishing cyber security awareness strategy, coupled with influence of the weakest link in cyber security, which is the human factor, or in other words, social-technical aspects. In spite of our investment in technologies and in the applications, still the weakest link in cyber defense and security will the human behavior. Therefore, we will have to conceive an awareness/education to raise the awareness on the national behalf, such as, from the young to the oldest generation, tailored through social society, private sector and multistakeholder cooperation.
Lastly, in recent years we are witnesses of acts that have taken into place between neighboring countries in the region. Such acts were followed by different motivations of attacks. Where mostly they were done through defacement’s or denial-of-service attacks. Thus, motivations where divers. Nevertheless, in this last point is I would like to stress the importance of merging the best practices learned from past event occurrence as well as to improve the role of newer members and opportunities into the collective roles of cyber defence.
In summary, I am keen that after this discussion/panel will lead into further actions. And also thanks to the organizers for the invitation and done a good job in organizing such an important event.