As part of our cyber wafare focus at TEISS, we speak with Jonathan Luff, Co-Founder of CyLon, the world’s leading cyber security accelerator and seed investment programme, about where he thinks the power and responsibility of national governments should begin and end in cyber space and how we can build a more stable cyber world.
When I ask about which recent cyber attack has worried Jonathan the most, he points to last year's Wanacry attack, which he believes was a huge wake-up call. Not because it was unexpected or came as a great surprise to the experts, but more because of its impact on a national service that people use and rely upon daily.
Regardless of whether it's an incredibly complex attack and directed from a nation state or a more simple one carried out by a nonstate actor or individual – the result, for Jonathan, is the same – a loss in confidence in the utilities we use daily or the financial infrastructure which supports the economy.
Also of interest: Iranian hackers targeting UK universities
The cyber dilemma
Jonathan explains that there are two factors which make the response to an attack challenging, the provenance and severity of the attack.
"I think without attribution, it is quite hard to respond. So unless you can be certain who has taken action - it's very hard to have a legal and a proportionate response," he says. Equally, he adds, it's not always clear and it's not always immediate. "The impact can be spread over time rather than happen in a flash and a bang, as with a conventional kind of attack," he adds.
So where should the power and responsibility of national governments begin and end in cyberspace?
Jonathan thinks the government and its institutions have had and should continue to have the authority for the responsibility to understand strategic threats to our security and to develop the capabilities to defend against and respond to those threats at the national level.
"There isn't really a very clearly understood set of protocols, legalities and practices around cyber as there is with nuclear deterrents," he explains. For example, he expands, whereas over 50 years ago, a very complicated set of protocols and procedures were put in place which people understand and are supported by all kinds of layers of institutions, legalities and practice that go around the nuclear deterrents, those things haven't yet been consolidated in the cyber area.
Also of interest: Are we in a new Cold War?
National level cyber security
Jonathan believes that it's helpful to think about national level cyber security. "I don't want to make that sound overly dramatic it's just that these are capabilities have the potential to do significant harm or to have significant impact on societies and individuals," he points out.
How can we build a safe stable world?
This is something Jonathan and his team are trying to do at CyLon. "I think for most people and for most businesses they will be more assured when know they will be able to operate in a safe environment as effective, new innovative solutions become available," he states.
Jonathan wants to see a thriving entrepreneurial private sector in the UK and more broadly. He sees this as an opportunity for innovators and entrepreneurs to produce really effective and simple, user friendly tools that enable people to go about their lives and do the things that they want and need to do, secure in the knowledge that they are using systems that they can trust and are secure.
"Let's encourage those entrepreneurs. Let's give them the support that we can. Let's find interesting and innovative new technologies that people will actually want to use. That's our take on it," he adds.
I don't think we can disagree.
CyLon is the world’s leading cyber security accelerator and seed investment programme. Based in London, they help entrepreneurs from across the globe to build cyber security businesses, raise investment, and develop their commercial partnerships.
Also of interest: Can we still trust the rail industry?