Skytop’s Cybersecurity Summit: Democratic Allies Set the Stage in Rome for Global Cooperation
By Annita Larissa Sciacovelli and Chuck Brooks, Contributing Authors/ September 26, 2023
Annita Larissa Sciacovelli is Professor of International law of the University of Bari ‘Aldo Moro’, Italy; she is Member of the Advisory Board of the European Union Agency for Cybersecurity – ENISA (Athens), and she is cybersecurity Researcher fellow at the Jerusalem Institute for Strategy and Security (JISS) (Israel). She is member of the Defense Innovation Office of the Chief of Defense Staff of the Italian Ministry of Defense), and member of the Cyber Security & Warfare Commission, of the Italian Society of studies on intelligence. She is Member of the Advisory Board of the International Institute for Peace, Vienna, (Austria), and a Member of the International Institute of Humanitarian Law of San Remo (Italy). She is a Contributor to SkyTop Media, and she is Editorial board member of the Review of Military Justice, edited by the Italian Ministry of Defense, and of the electronic review Anti money laundering & Compliance. She coordinates the scientific activities of the Center of international legal sciences & new technologies of the University of Cassino (Italy). She is Vice President of the Global Professional for Artificial Intelligence – GP4AI, and she teaches international law at University of international studies – UNINT, in Rome.
Chuck Brooks, President of Brooks Consulting International, is a globally recognized thought leader and subject matter expert on Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thomson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020 Onalytica “Who’s Who in Cybersecurity” – as one of the top Influencers for cybersecurity issues. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic. He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES. He has also been a featured author in technology and cybersecurity blogs & events by IBM, AT&T, Microsoft, Cylance, Xerox, Malwarebytes, General Dynamics Mission Systems, and many others. He recently presented to the G20 on Energy Cybersecurity.
Chuck is on the Faculty of Georgetown University where he teaches in the Graduate Applied Intelligence and Cybersecurity Risk Programs. In government, Chuck was a “plank holder” at The Department of Homeland Security (DHS) serving as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. He has an M.A from the University of Chicago and a B.A. from DePauw University.
Skytop’s Global Cybersecurity Summit in Rome, Italy
It was great honor to co-chair the recent Skytop’s Media Global Cybersecurity Summit in Rome, Italy. The event was held in one of the cradles of civilization and was both interactive and informative. The venue was exceptional (Rome Cavalieri Waldorf Astoria), and the speakers and attendees were illuminating. The insights delivered by those speakers are a working framework for addressing today’s increasingly risky global digital landscape. Highlights of some of the agenda were captured in the photo below.
For the full agenda to last year’s program click here: Skytop Strategies
Embracing Alliances
A key theme emanating from the conference was that we are now living in a new technological and hyper-connected digital era that has brought new cybersecurity threats, and democracies need to embrace alliances to mitigate risks and those formidable cyber challenges.
The consensus among speakers was to best prevent, mitigate, respond to, and recover from cyber incidents must include a new cooperative paradigm. And that a new global model should include information sharing, cooperative research, development ,and deployment of emerging technologies.
Cooperation and Sharing
That collaboration theme certainly rings true. In our connected world, the threats of cyber-attacks are growing in complexity and number, and they reach across continents and countries. Because of the rapidly changing cyber threat environment, it has become an imperative for democratic governments, and industry to enhance cooperation and share security frameworks, intel, and tools.
Global cooperation in protecting critical infrastructure was one of the topics highlighted. As we have discovered in the past few years, much of the global critical infrastructure is using aging legacy systems and is unprotected against sophisticated breaches. Moreover, critical infrastructure is being targeted by state sponsored hackers sharing and by criminal hacker groups using ready-made attack kits.
Infrastructure Protection
Many critical infrastructure attacks have used ransomware with success. The underlying reality energy industries, electric grids, and other critical infrastructures are vulnerable to both physical and cyber incidents. Such attacks and can lead to dire consequences as exemplified in shutdown of the Colonial Pipeline in the United States that disrupted energy supply chains for over a week.
A prevailing message was that in all cases of critical infrastructure protection, the requirements of situational awareness, and the ability to safely access, alert, and message principals and communities cannot be underestimated. The cybersecurity of critical infrastructure relies on the same security elements for protection as physical security layered vigilance, readiness, and resilience. All critical infrastructure including the electric grid, healthcare, transportation, communications, and financial networks are vulnerable to attacks by hackers and urgently need better cybersecurity protections.
Public Private Partnerships
Both the US and EU have reached out in recent years to the private sector to establish priorities, protocols for information sharing, and lines of communication to respond to potential incidents. The fact is that much of the world’s critical infrastructure is owned and operated by private sector companies, so industry needs to be a significant part of the equation and needs help to foster public private partnerships in cybersecurity.
Keeping up with cybersecurity threats is often daunting. Several speakers at the conference noted that information sharing helps allow both government and industry to keep abreast of the latest viruses, malware, phishing threats, and especially denial of service attacks. Such information sharing also establishes working protocols for resilience and forensics that are critical for the success of commerce and enforcement against cyber-crimes. Global information sharing that includes intelligence on the latest tactics of threat actors is integral to better cybersecurity protection.
New Threat Landscape
On that topic, Mark Kelton, Partner at the Five Eyes Group, and a retired senior Central Intelligence Agency (CIA) executive with 34 years of experience in intelligence operations who concluded his career as Deputy Director of the National Clandestine Service for Counterintelligence (DDNCS/CI), provided insights into the new threat landscape. In an interview with Emmy award winning producer, Mike Moran, he highlighted the investments and capabilities that both China and Russia are putting into cyber capabilities and why the West needs to match those efforts and be vigilant.
Russia and Ukraine
In a special panel on geo-political threats, Annita Sciocovelli, Michael Moran, Jeffrey Furgal, Mark Kelton, and I discussed the latest implications of cyber-attacks coming from Russia and relating to the Ukraine conflict.
New Technological Era
Technologies were also a major part of conversations at the conference. As we are entering a new technological era, cooperative research and development in innovative technologies such as hardware and software algorithms are needed just to keep up with the evolving global threat matrix. It was agreed that would be prudent to utilize the collective talent and research and development arms of allied countries. Promising emerging technologies such as artificial intelligence was the focus of several of the panels.
AI as an Enabler
Artificial intelligence (AI) was described as an enabler for cybersecurity as it can automate network monitoring, threat detection, and utilize smarter analytics. Like most technologies, AI has a dual positive and negative aspect because hackers can also use artificial intelligence to find vulnerabilities and launch malware and phishing attacks.
Augmenting Capabilities
Other emerging technologies were mentioned for their role in being able to augment capabilities in encryption, biometrics, and incorporating Next Gen layered hardware/software technologies for the enterprise network, payload, and endpoint security. All are components of what can be improved via cooperative efforts, research and development efforts.
Dr. Alessio Pecorario
Another highlight of the Rome Conference was the keynote presentation of Dr. Alessio Pecorario. He is a Vatican official, and a cybersecurity and new tech expert working for the Holy See to promote development and peace in the digital age.
Dr. Pecorario delivered a talk on a topic often overlooked at most cybersecurity conferences, on the ethical and moral aspects of emerging technologies and security solutions. He observed that globally we need in-depth moral reflection on the risks and possibilities associated with scientific and technological advances. Such cooperation needs not only be in information sharing and technology areas, but also in internet freedom/human rights, governance, and privacy, all areas where cyber connects.
Dr. Pecorario also spoke of seeking a future where analyses and decisions, as well as scientific and technological achievements, go hand in hand with philosophical and ethical values. And one that invites partnership and collaboration, particularly among religions, who can guide humanity to a greater pursuit of wisdom and the common good. He noted that a takeaway from the conference is that “we consider our natural environment as a common home, shared by everyone on earth, to be protected for the well-being of the entire human family. In a similar way, we should consider the artificial environment that technology has developed in the modern age.”
Rapid Increase
The activities in cybersecurity for Italy and the European Union were a focus of several of the sessions. In both Italy and the EU, the number of cyberattacks has rapidly increased in the past four years, targeting several sectors, from governmental to ICT (information communication technology) sectors.
The View from Congress and the White House
JC Boggs, Esq. provided excellent insights from the view from Congress and the White House and highlighted the implications of legislation and executive orders on cybersecurity.
International Norms
A recognition from those discussions on the EU and the US is that there are not enough established international norms to collectively combat cybercrime against free nations, critical infrastructures, and industry on the global scale. The consensus was there a need to include governments and industries to discuss scenarios and establish protocols for policy and action to address the evolving threat matrix and the potential spiraling effects of cybersecurity incidents.
The conference was action packed and there were many other insights delivered.
A Big Step Forward
In summary, the conference was a big step toward embracing global public/private cybersecurity alliances as an imperative for mitigating harm in an increasingly connected and precarious world. The meeting of minds certainly was a positive step in making us all safer and I look forward to 2024 in Rome!
P.S. We have a date for Rome on March 23 and 24, 2024! For more information please contact Christopher P. Skroupa, Founder & CEO, Skytop Media Group at cps@skytopmediagroup.com.