- In the innovation race, digital technologies are introducing vulnerabilities faster than they can be secured.
- This imbalance between the time to market and the ‘time to security’ is a cause for concern among consumers: 85% said they mistrust companies with their data.
- Industry leaders and security experts have co-designed a new cybersecurity check list for entrepreneurs to build a security baseline and a guide to help investors spot companies prioritizing security and long-term growth.
- Read the full report here.
Geneva, Switzerland, 25 June 2020 – The rapid increase in cyberattacks and increased pressures from the shift to digital prompted by COVID-19 has shifted consumer behavior. New emphasis on the role of cybersecurity in technological development and how companies can reduce risk will be a necessity, not a nice to have. These are the findings of a new report released today from the World Economic Forum Centre for Cybersecurity.
Incentivizing Responsible and Secure Innovation highlights the shift in consumer behavior and outlines how entrepreneurs can develop cybersecurity capabilities. The report provides a checklist of the essential cybersecurity requirements for developers, a risk assessment tool and a guide for investors on how to validate them. It was developed by the World Economic Forum, executives from technology companies, investment firms, credit rating agencies, entrepreneurs, academics and public-policy experts.
“There is a serious imbalance between the time to market and ‘time to security’ as the market pressures for shiny new products and gadgets,” said Algirde Pipikaite, Cybersecurity lead, World Economic Forum. “With the rapid increase of cyberattacks, companies need to prove to consumers the security of their data. As the market shifts, we expect to see more investment in companies prioritizing security and their longer-term success.”
The cyber essentials are the core principles and requirements for new companies and products. They represent what the Forum’s Centre for Cybersecurity and its partners consider to be the most important requirements that, if implemented, will provide a robust cybersecurity framework encompassing organizational, product and infrastructure security.
“For startups, in particular, finding the right balance between objectives, such as secure design and showcasing novel functionality can be challenging. Taking these proposed cyber essentials into account is crucial to prevent an unacceptable level of risk at a later stage of company’s and product’s development,” said Einaras von Gravrock, CEO of CUJO AI.
The cyber essentials need to be tailored to an organizations size, nature and type of product. The report details each followed by practical steps on their implementation and guidance for investors on how to validate them.
a. Organizational security:
ii. Cybersecurity governance
iii. Cyber resilience
b. Product security:
ii. Privacy by design
c. Infrastructure security:
ii. Third party security
With the economy and society growing ever more dependent on technology and particularly so in the COVID-19 pandemic, the security and privacy of our digital tools are more important than ever. With the dissemination of the cyber essentials in this report, the World Economic Forum Centre for Cybersecurity seeks to provide guidance to entrepreneurs and investors determined to develop responsible, sustainable and secure technology and practices.
About World Economic Forum: The World Economic Forum, committed to improving the state of the world, is the International Organization for Public-Private Cooperation. The Forum engages the foremost political, business and other leaders of society to shape global, regional and industry agendas. (www.weforum.org).
About CUJO AI: Powered by proprietary artificial intelligence models and uniquely built on billions of real-world data points, the CUJO AI portfolio of products is designed to gain a clear insight on how data moves across networks and to digitally protect people and devices, creating a safer smart-living experience in homes, businesses and connected communities. Network, mobile and public Wi-Fi operators around the world utilize the CUJO AI portfolio of products to provide users with a seamlessly integrated suite of value-added services, covering network monitoring and protection, advanced connected device identification, real-time network security, privacy protection, content access control, and digital parenting.