“Cybersecurity is crucial for the protection of society and for its prosperity and the sooner citizens comprehend this the better,” executive director of the recently formed Cyprus Cybersecurity Organisation (CyCSO) Executive Director Constantinos Tsiourtos told the Cyprus News Agency (CNA).
“As our daily lives and our economy are increasingly dependent on digital technologies, our exposure to cybercrime risks is also growing. Malicious cyber-activities do not only threaten our economies and our progress towards digital single market, but also the very function of our democracy, freedoms and values. Our future security depends on adapting our capacity to protect the EU and the member states from cyber threats, our critical infrastructure is based on digital systems,” he said.
CyCSO was founded only a month ago and aims at informing companies and citizens of the risks to and vulnerability of their privacy. It is a private initiative led by the Cyprus Chamber of Commerce and Industry.
The need to set up the Organisation resulted from recent developments at European level and the preparation of a strategy to enhance cyber security as far as the economy and society in the EU are concerned, Tsiourtas said.
Tsiourtos said that the Organization aims to create a cybersecurity ecosystem to be linked to the European ecosystem, in coordination with the European Cyber Security Organization (ECSO). He said the CyCSO aims at helping the development of an innovative and dynamic cyber-security industry in Cyprus.
Studies have shown that the economic impact of cybercrime is on the rise. Between 2013 and 2017 cybercrimes rose fivefold and by 2019 they might even quadruple.
“Recent global attacks reflect the rapid growth in cybercrime. The legislative framework, which is now being developed at European level, aspires to address these threats. It is of utmost importance that this framework is efficiently implemented in the member states which must have the appropriate infrastructure through which the law will be applied,” Tsiourtos said.
The Office of the Commissioner of Electronic Communications and Postal Regulation (OCECPR) is making considerable efforts to this end and recently a Digital Security Authority was set up. The police also have a cybercrime unit.
“We want to assist all these efforts and become a valuable partner, granted that all these efforts and actions are in the right direction, Tsiourtos added.
“We have to do a great deal in order to assist the country’s authorities to enter into the era of digital economy and of a society where security and safety will be of paramount importance. As an organisation, we have already begun to design an awareness campaign with specialised seminars mainly addressing the human resources department of various organisations. Research studies have found that the absence of basic cyber security awareness is responsible for 95 per cent of the cyberspace attacks targeting businesses,” he added.
“There are basic guidelines people have to follow. Often the problem has to do with them not understanding how exposed they are, how vulnerable their privacy and personal data are in the digital world. Our goal is not to alienate people from cyberspace. Quite the opposite in fact. We want to have informed digital citizens who are aware of the dangers and know exactly how to address them.
“The truth of the matter is that we cannot possible be absolutely protected from cybercrime. What we do in practice is mitigating risks and the impact. To put it in simple terms, we would not leave our house and leave the door open, by the same token we need to take basic self-protection measures in cyberspace. Failure to follow basic rules, dramatically increases the risk and statistical probability of becoming a victim”.
A new European regulation to be adopted by the end of 2018 at the latest is ePrivacy. This will require regulatory compliance specifically for Electronic Communications Service Providers. The legislation concerns the protection of privacy in the electronic communications sector, safeguards the protection of fundamental rights and freedoms, in particular respect of privacy, the confidentiality of communications and the protection of personal data in the electronic communications sector.
Electronic communications service providers will have to inform their users about the security measures they can take to protect their communications i.e. by using specific types of software or encryption technologies.