Cybersecurity and data-driven economy: different countries but identical concerns

From 15 to 18 of July the Luxembourg Deputy Prime Minister and Minister of the Economy, Étienne Schneider, led an Official Mission to South Korea to promote national expertise and enhanced cooperation.

During this visit, SECURITYMADEIN.LU, the cybersecurity agency of the Ministry of the Economy hosted a panel about cybersecurity in the context of Luxembourg’s data driven innovation strategy for the emergence of a sustainable and trustworthy data economy.

The panelists were from various backgrounds, starting with IoT in automotive systems up to identity management for B2B as well as B2C applications.

The esteemed panelists were (as shown on the picture):

• Jaeson Yoo (Penta Security) who touched on the topic of smart vehicle security;
• Steve Clement (CIRCL) in charge of the moderation;
• Jungmin Kang (NSR) visualizing the security of industrial control systems;
• Gaëtan Pradel (INCERT) talked about biometrical authentication research;
• Povilas Zinys (LuxTrust) striving for a privacy enabled digital economy;
• Mohamed Ourdane (POST Luxembourg) who talked about fraud in the telecommunication sector.

After a quick introduction by Steve Clement about the challenges we are facing in a data-driven economy, introducing the MISP project as an example, the panelists had 5 minutes to present their respective topics then answered the questions from the audience.

From the get-go it was clear that, even-though, the 5 panelists were representing different industries, all converged on the same challenges regarding cybersecurity.

One of the most stressing issues might well be the control and trust of the modern supply chains companies. Currently most companies are only able in a limited scope to make sure their supply chains are safe from outside tempering and none of the panelists were disputing those claims.
Which also led the panel to conclude that there is no silver bullet when it comes to security.
Lessons learned, even 10-15 years ago, are still relevant in today’s data-driven economy.

Another widely discussed topic was that of information sharing and dissemination.
The panel agreed on the necessity to work together when it comes to cybersecurity breaches and that a long way lies ahead to bring all the different actors on the various platforms in a unified and standardized way.
Every company has security indicators that are not only relevant for its sector but for the business community at large. As the company does not have to protect only its systems but also understand the current overall threat-landscape.

Over 100 participants were attending the sessions and there was no lack of interaction with the attendees.
From the classical question: “why is Luxembourg’s information security ecosystem interesting for either startups or established companies?” to more technical ones about the challenges in encryption for Internet of Things (IoT) devices, the participants were well involved.
Reactions about the importance of the policymakers were also among the public, which is an area that does not want to be neglected. All the actors, technical as well as non-technical, need to work closely to share expertise and feedback on real life scenarios and strictly legal issues.

In conclusion after 45 minutes of keen discussions, the major takeaways were:

• Most companies are aware of the various security risks;
• Not all have the capabilities to mitigate, understand or even detect some risks;
• By sharing more information on various incidents, everyone will benefit;
• The threat is not going away, it will take up pace and understanding that everyone might be vulnerable, is an asset not a liability.

Fostering a culture of security, investing into human capital by giving the workforce enough time and space to understand the threat-landscape, will in the long run mandatory for a more secure global infrastructure.

The presentation of Steve Clement is available here: https://drive.google.com/file/d/1BCkMzhRmsuNCOQcMraovlyZGtR05ch4j/view

Get information about the official mission to South Korea in the articles released by:

• The Ministry of the Economy « Étienne Schneider promoted the Luxembourg digital ecosystem in South Korea » (https://gouvernement.lu/en/actualites/toutes_actualites/communiques/2019/07-juillet/16-schneider-coree.html)
• The Chamber of Commerce « Pioneering nations, converging visions, full steam ahead! » (https://www.cc.lu/actualites/detail/pioneering-nations-converging-visions-full-steam-ahead/)
• Luxinnovation « South Korean start-ups to Luxembourg: Paving the way » (https://www.luxinnovation.lu/news/south-korean-start-ups-to-luxembourg-paving-the-way/)
• Luxtrust « LuxTrust and Cambridge Blockchain Announce Private Beta for Privacy-Protecting Identity Platform IDKEEP » (https://www.luxtrust.com/luxtrust-and-cambridge-blockchain-announce-private-beta-for-privacy-protecting-identity-platform-idkeep/)