The key is to increase the levels of cooperation between different communities, thus creating an infrastructure that can reduce the effects of a cyber attack as effectively as possible. To achieve this, it is necessary to integrate sectors, vectors and interest groups; and, in order to achieve this with greater solvency, it must be accepted that the existing cooperation measures, despite their good intentions, fall short. They explained to us "why"; The challenge, as we move forward in this debate, is to determine which cooperation, among whom, should be institutionalized in the most effective way.
The previously mentioned list reflects the wide range of potential targets of an attack, as well as highlighting the extent of its impact in terms of secondary victims. It also highlights the important issue of 'who is responsible'. Cooperation cannot be considered a "good thing", but a necessary means to protect the victims of a cyber-attack, whether intentional or accidental. To state the obvious: the number of people affected by the hacking of any of the entities mentioned above is staggering. In addition to being an extraordinary economic cost, it brings the municipality to a standstill, affects the hospital, endangers air travelers and has terrible consequences for people who need public services. Naturally, it justifies the cooperation between the parties involved.
Mutual cooperation or security does not mean agreement on all issues, nor does it indicate a convergence of interests, values and goals. However, it recognizes that some threats, based on their potential consequences, justify the search for a common position, even if the parties have conflicting interests. The two principles (self-defense and collective security) can be considered complementary. On the one hand, individual action is justified; on the other hand, it is accepted that in some cases they need cooperation to facilitate protection.
The measures taken by members exercising their right to legal defense shall be immediately reported to the Security Council, and shall in no way affect the authority and responsibility of the Council under this Charter to carry out any action deemed necessary at any time. to maintain or restore international peace and security.
According to Article 5 of the North Atlantic Treaty Organization (NATO) Treaty:
The Parties agree that an armed attack against one or more of them, whether in Europe or North America, shall be considered an attack against all of them, and therefore agree that in the event of such an attack, each of them shall: exercising the right to collective action, it will help the attacked party or parties, then individually and in agreement with the other parties, taking the measures it deems necessary, among others. the use of armed force to restore security in the North Atlantic area. Any armed attack of this nature and all measures taken as a result thereof shall be immediately reported to the Security Council. These measures will end when the Security Council takes the necessary measures to restore and maintain international peace and security.
Applied to cybernetics, the two principles reflect an integrated approach that allows us to address what should be the primary interest of the potential targets of a cyberattack: to avoid it, if possible, or, if successful, to minimize it. its influence From the point of view of the potential victim (e.g. a client of a large financial firm), this approach would reflect the duty to protect and the application of consequential measures. Likewise, governments have a duty to protect their civilian population.
In the fight against cyber-terrorism, the concept of "customer as collaborator" - through which a triangular relationship is created between the company, the customer and law enforcement - is much more effective than the unnecessary minimization or denial of the threat itself.
It is cheaper for a company to respond to a hack or manage its consequences than to invest in defense and protection systems. and we have to learn from it. It's a missed opportunity for both the company and other actors, which represents a double win for the hacker: the intrusion has been successful, and the companies cannot learn from each other. Although different companies have interests to protect, their similarities and common values would justify accepting and facilitating the exchange of information in the event of an intrusion or attempt. But the truth is that most companies are very reluctant to come forward and admit they have been hacked. In that sense, they are not being fair to their customers, shareholders or law enforcement. Furthermore, other companies are unable or unwilling to protect themselves. Perhaps they are embarrassed to be vulnerable despite spending heavily on firewalls and IT equipment. However, given the vicious nature of cyber attackers and the damage they cause, companies should put aside their shame and be much more transparent.