
“Increasing pressure” and “critical minds necessary”
Mr Mayencourt and Mr Such, you are both currently working on organising the next Swiss Cyber Security Days. In your opinion, what are the biggest global challenges in the area of cybersecurity?
"Cybercriminals have long discovered a business case that is as efficient as it is lucrative."
Is Switzerland doing enough compared to other countries when it comes to cybersecurity?
Mayencourt: It is, of course, always possible to do more. Compared to other countries, Switzerland is certainly not the one making the fastest and most decisive progress in the area of cybersecurity. Other nations are still far ahead of us and we should try to reach at least the same level. But Switzerland now has a “Mister Cyber” and an organisation dedicated to cybersecurity. However, it’s still too early to say what measures this organisation will implement.
"Even the most secure application is always at risk if users use a weak password."
Such: Switzerland cannot be compared with its large neighbouring countries – especially because we don’t take an offensive approach to security. Numerous pragmatic approaches are being taken and are beginning to bear fruit. It’s not yet possible to say whether the measures that have been taken are effective.
What development do you hope will result in a major leap towards greater security on the Internet?
Such: I’m not banking on any one particular measure, but rather on several combined changes and technologies. I’ve been working in the cybersecurity industry for 20 years now and I no longer believe in miracle products.
"There is an urgent need for clear international rules, such as a Geneva Convention on cybercrime."
Mayencourt: I could name many technical issues, but that would be taking too narrow a view. What we really need – and we’re lagging behind in this area by about 20 years – is social awareness, a modernisation of the political responses to the challenges and a better understanding of the threats. We’re talking here about new rules for industry, fundamental digital rights, an understanding of digitalisation and adapting the old social norms to make reality cyber-suitable. At the moment we’re in the Wild West. It’s time to find a way out of this situation, to introduce product liability in the cyber area, to set minimum security requirements and thus to guarantee society’s fundamental rights and basic security.
What developments or trends concern you?
Such: Cybercrime will be a very important source of income for criminal organisations in the future, the attacks will be extremely well planned and may target all levels of society.
"The financial sector is an area where trust plays a key role."
Mayencourt: What worries me most is the danger of attacks or espionage by criminal organisations or even by countries. There is an urgent need for clear international rules, such as a Geneva Convention on cybercrime. This lack of rules combined with the ever-increasing pace of digitalisation and new possibilities such as 5G, artificial intelligence or even decisive war machinery is really worrying.
How exposed is the financial sector when it comes to cybersecurity?
Mayencourt: The financial sector’s exposure is huge. On the dark web you can find all kinds of business cases for carding portals, theft at cash dispensers, e-banking trojans, SWIFT hacking and so on. Cybercriminals are making a fortune with these.
Such: The financial sector is an area where trust plays a key role. A secure IT system is therefore a fundamental requirement.
What are your concrete expectations of the SCSD on 12 and 13 February 2020 in Fribourg?
Such: To bring security professionals, politicians, business leaders and students together under one roof, so that everyone will act in concert.
Mayencourt: We’ll have highly valuable controversial discussions about socially relevant issues at the highest level. On the first day, the event will be opened by government officials. We’ll have the opportunity to welcome Mister Cyber and the Chief of the Armed Forces, who will inform us about the nation’s situation in terms of cybersecurity. Smartrail, the new models for rail transport, will also be a topic. And we’ll hear about the experiences of organisations that have been attacked, such as hospitals that have been hacked and the luxury brand IWC. On the second day, we’ll address the topic in a more global context and discuss cyberwars and other international issues. For this segment, we’re working with the Geneva Centre for Security Policy and with the World Economic Forum’s Centre for Cybersecurity, which we’re particularly proud about. On both days, the Tech Tracks will feature leaders in international cybersecurity research who work for renowned companies such as GitHub, Intel, Trend-Micro and many others. In short, it’s safe to say that the Swiss Cyber Security Days are Switzerland’s most important event and platform in this area and that they make an important contribution to a safer Switzerland and a safer world.