Cyber corporations, cyber intelligent, cyber secure
The concept of intelligence has acquired a polysemic nature beyond the connotations that were historically associated with security and defence. In this article, we link it with the new capacities that information technology and communications (ICTs) have entailed and the disruptive change they are causing within public and private organizations, by creating an expert field known as Economic Intelligence (EI) to distinguish it from other areas of massive data processing.
For the European Commission EI is “the coordinated effort of collection, processing and dissemination of useful information for economic operators, including efforts to protect sensitive information for involved companies”. It is a rather sound approximation to the concept which leaves an open space in which public and private entities need to learn to collaborate to be able to meet these new challenges.
People, businesses, organizations, public administrations and States already depend on the capabilities of our digital technology for both the most complex functions and our everyday tasks. This is an irreversible path which facilitates social and economic development, but also entails fragility and vulnerability and makes us face new phenomena that we have not always evaluated correctly and whose negative effects might catch us unprepared.
For the European Commission EI is “the coordinated effort of collection, processing and dissemination of useful information for economic operators, including efforts to protect sensitive information for involved companies”
While the aforementioned point is relevant at an individual level (living in predictable, efficient, secure environments, having privacy, etc.) or at an economic level (secure transactions, preservation of the company assets, reputation and brand, etc.), it is much more significant from a collective point of view in which we could include citizen’s security, national defence, critical networks and infrastructure, databases, public organizations, etc.
What are the main risks and threats we are facing? Which are our new vulnerabilities? What means do we have to eliminate or reduce them? The answers show that besides the conventional risks and threats, since they are well-known and have already been evaluated, we are facing a new range of risks and threats that seek to attack our cyber systems: any information system can be cyber attacked and must be cyber defended.
It is necessary to promote and support a cybersecurity strategy in which public and private organizations share information
The parties involved in these attacks include a wide range of actors: diverse information and intelligence services and agencies, criminals, terrorists, hackers, mere competitors… The type of these attacks and their common objectives are very varying as well.
The intervention models at our disposal to face these threats and attacks are still weak for several reasons:
• Artificial intelligence advances at a great pace and its implications are not appropriately determined.
• Victims of this kind of violence do not usually report the attacks and intrusions as they think their users might be sensitive.
• The authorship of such intrusions and attacks is often unclear, as they usually are transnational and lie outside the jurisdiction and scope of our prevention and correction systems.
• The legislation is not appropriate and the extremely necessary international institutional collaboration is still non-existent.
• User awareness about this problem is low and the means to avoid these situations are insufficient.
It is therefore necessary to promote and support a cybersecurity strategy in which public and private organizations share information about this problem, generate intelligence and prevention and response models and create protection and reaction environments.
Until recently, public systems were responsible for managing intelligence models for public institutions mainly aimed at the collection and processing of sensitive information regarding the general interests of the State and its strategic assets. The development of ICTs has completely changed the original scheme by making available to private operators capabilities that facilitate their strategic positioning in the new global contexts.
That being said, the intelligence model has changed as well. In these new contexts, it is mandatory for the public and private spheres to learn how to dialogue to ensure the most of our collective assets and capabilities and reduce the gradually increasing risk we are facing. The Spanish Government launched the System of Economic Intelligence (SIE) as a mechanism to coordinate these efforts. The objective is to collect and provide information to all institutional and strategic actors, sharing strategies, creating new capacities for private organizations and promoting initiatives which disseminate and extend these potentialities to the greatest possible number of operators. It is true, however, that an institutional model must be created and managed to develop this strategy.