Insights from a Global Conversation on Cyber Resilience

Recently, I had the honor of attending the World Economic Forum Annual Meeting on Cybersecurity in Geneva, Switzerland, on behalf of our CEO, François Locoh-Donou. The meeting brought together 140 cybersecurity executives—representing 95 global companies, 19 governments and international organizations, and 21 representatives of not-for-profit organizations and academia—around the theme of Leadership for a Resilient Future with a focus on three key pillars:

1. Building cyber resilience
   
2. Strengthening global cooperation
   
3. Understanding future networks and technology 

As CISO at F5, my job is to manage our cyber risk, which means every day I am leading, managing, and collaborating across our organization to keep our products and services, partners, customers, and employees safe. For me, this meeting proved to be a great opportunity to gain new perspectives from security experts from different sectors and regions and contribute to a larger discussion on cybersecurity resilience. Because, as we know, cybercrime and cybercriminals have no borders and their destruction shows no boundaries.

So, how much impact could a group of global security experts make in a three-day meeting, when most have come together for the first time? I wondered that myself so I thought I would share a few insights:  

• First, cybersecurity is a global issue that requires global collaboration to give the broader industry its best chance at keeping pace with the complexities involved in combating cyberthreats. The headlines only confirm that attacks continue to grow in both size and scale, reaching beyond borders and the parties impacted. So, just as these attacker communities share and collaborate on their modes and methods, it only makes sense that we adopt a similar way of working to help shore up our defenses globally. Government sanctions, financial penalties, and the sharing of threat intelligence and technology solutions must be considered to make any progress.
• Second, this meeting was just the beginning, as the work of this group needs to continue to make any sort of impact. What gave me confidence that this will happen was the unique structure of the 19 sessions, as they were designed to be working, problem-solving interactions. Facilitators provided a brief topic introduction, which for my session was Preventing a Cyber 9/11. I served as a panelist, and our role was to act as “fire starters” to contribute our expertise and perspectives to spark conversation. The session attendees were then dispersed into breakout groups to discuss the steps that should be prioritized to prepare for a systemic cyber event. That work was then brought back to the larger group to be summarized into insights that will be taken forward.

I would encourage you to read a report that was released at the meeting, Systemic Cybersecurity Risk and Role of the Global Community: Managing the Unmanageable. The report outlines how the technology and cybersecurity landscape is changing, why these changes make cybersecurity risk management a systemic issue, and how governments, international organizations, the private sector, and civil society must collaborate to make the world more resilient to systemic cyber events.

Looking ahead, I plan to maintain a global perspective as I continue to tackle F5’s cyber resilience challenges, knowing these learnings will ladder up to enhanced global collaboration.