2024 was dubbed “the election year” by TIME Magazine – a simple yet accurate description.
From the UK’s general election earlier this summer, to the upcoming presidential election in the US in November, and the other 62 countries (at least) voting this year, it is time for governments to really make an impact.
When it comes to cybersecurity, governments must make it a key priority. They’re an integral part of implementing successful cybersecurity measures around the world, and so they must meet the standards that businesses and the general public expect of them.
So, what should our new world leaders be doing to strengthen their cybersecurity efforts, and what benefits should we expect to see as a result? Here are five things that governments should focus on once they’re in power.
- Increased collaboration and exchange of information
Strong cybersecurity measures rely on the efficient sharing of key information. Without this, it is impossible to coordinate cybersecurity around the world, which is necessary to prevent large-scale attacks. However, it’s not just collaboration between governments which is required – they should improve their communications with private sector businesses, too. Obviously, some government information must remain confidential, but there is still room for improvement regarding the amount of non-confidential information that could lead to greater security if shared.
Threat intelligence is only made possible by a fair exchange of information between all stakeholders so that everyone can benefit from the same insights and act on emerging threats fast. That means of course that this is a two-way street; private sector businesses must also be open to supporting the cybersecurity efforts of the public sector, too.
- Higher cybersecurity standards and tighter regulations
So far we’ve seen a multitude of regional-level data and security regulations – from NIST and GDPR to the upcoming DORA – but a more international effort is needed to provide greater protection. Not only do governments need to share information, they should also work together to create global standards and regulations that all organisations worldwide must adhere to. Unfortunately, regulatory blindspots will appear in the gaps between the current regional regulations if a more cohesive approach isn’t put into place, and this will only serve to benefit the cybercriminals.
To start on this journey, governments must collectively establish a consensus on what is required to address cybercrime on a global scale, and thereby create a benchmark for minimum standards. This collaboration is also necessary to overcome enforcement challenges – for example, the EU is currently struggling to resolve cross-border enforcement issues. A global approach would avoid this altogether.
- Greater, more skilled cybersecurity workforces
One of the problems with implementing more standards and regulations, however, is that it requires a skilled workforce to ensure organisations are compliant. The cybersecurity industry currently has a severe talent gap. A study from ISC2 estimates that this gap is around 4 million, and it will only get worse without fast intervention.
With such a lack of skilled individuals, organisations can’t implement as strong cybersecurity measures as they would like to – the manpower simply isn’t there. Governments should take a more active role in helping to alleviate this problem, for example by providing increased funding, resources, and support for cybersecurity educational programs. There’s often a disparity between existing education systems and the skills that are required for today’s and tomorrow’s cybersecurity careers. Change is happening: in the UK there are many initiatives to develop cybersecurity skills particularly in young people. TeenTech is just one of many, yet they all need better funding to continue to expand and educate.
- AI that boosts cybersecurity to the next level
It’s not just people that are a necessity for strong cybersecurity. In today’s digital world, we must invest in the latest technologies to support cybersecurity efforts in order to keep pace with the most sophisticated cybercriminals. AI has proven to be both a help and a hindrance – it is already creating increased risks due to the development of AI-powered malware for example, therefore governments must fight fire with fire. The private sector is way ahead in investing in this technology, so our new world leaders should take heed and follow suit to avoid being left behind.
It is important to note that the EU’s AI Act, which came into force just this summer, is a strong start, but as with cybersecurity standards and regulations, a more collaborative global approach is required to utilise AI to its full potential.
- The latest developments in quantum computing
AI might have been named the Collins Word of the Year for 2023, but as we approach the final quarter of 2024, quantum computing is becoming just as much of a buzzword. It is an incredibly promising technology. But as we’ve seen with AI, this potential makes it more likely that cybercriminals will seek to use it to their advantage, too, meaning that the cybersecurity risks around it will increase. Governments and businesses alike must be prepared for quantum computing to take over just as quickly as AI; as part of this, new governments should begin offering guidance on this technology as soon as possible so that all organisations can get a headstart.
As each new world leader and their governments take charge, there will of course be plenty of priorities fighting for their attention. Cybersecurity must not fall down the list, even if it seems less glamorous than other, more tangible changes that can be implemented quickly. As “the election year” approaches its final quarter, now is the time for new governments to invest in changes that will bring about greater good the world over.
About the Author
Darren Thomson is Field CTO EMEAI at Commvault. Commvault is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.