CYBERSEC 2017 Recommendations: we need to ramp up investments in cybersecurity

We need to increase investments in cybersecurity. Higher cybersecurity spending tops the list of key nine challenges for digital security in 2018, says the Kosciuszko Institute in the CYBERSEC Forum 2017 recommendations. The report encapsulates the highlights of two-day debates engaging more than 150 world-class experts during the 3rd European Cybersecurity Forum, which was held under the banner ‘Dealing with Cyber Disruption’. Released annually, the publication offers essential recommendations for governments, international organisations and the private sector in four main areas: State, Defence, Future, and Business.

  1. Bigger investments in cybersecurity and a prudent plan for the utilisation of designated funds. Governments must show leadership in this matter and become a shining example for other sectors to follow. Public procurement law should impose on manufacturers and ICT service providers the obligation to meet specific security requirements, so that their solutions are created with security and privacy by design in mind, which strengthens the cybersecurity and privacy of data in the entire value chain, particularly end devices. Such a change will contribute to increased security within the Internet of Things, including dynamically growing Smart Cities, to which billions of devices are already connected around the world.


  1. A special system of penalties and incentives to spur the implementation of sectoral cybersecurity standards and a well-designed certification system for IT and ICT products and services. Critical infrastructure operators specifically should be obliged to implement cybersecurity standards. The implementation of mandatory standards tailored to the needs of countries, sectors and organisations should go hand in hand with a system of incentives for business to introduce the norms.


  1. The cooperation between the private sector and the state to develop capacity-building measures in cyberspace,including attribution of cyberattacks (establishing the attacker’s identity) and design of a coordinated vulnerability disclosure policy.


  1. Information warfare in cyberspace as No 1 threat to democracy. Securing elections against ‘hacking’ should happen through:
  • comprehensive risk assessment that goes beyond technology
  • creation of the right regulatory framework (e.g. the inclusion of electoral infrastructure into critical infrastructure) and technological environment (traffic monitoring, vote count verification)
  • creation of analogue backup ballots
  • raising candidates’ awareness about methods to secure IT systems


  1. Enhanced NATO’s cybersecurity: achieving mission assurance and strengthening member states’ cyber defences. NATO’s capabilities in cyberspace should be developed at doctrinal, political and organisational levels. The priority issues in this area are the following:
  • Development of strong competency base through diversified training as well as civil and military exercises
  • Support of member states in developing their national capabilities
  • Bringing innovation to NATO, for example in the area of advanced data analytics, including algorithm-based machine learning

The Alliance has already taken steps to increase its cybersecurity. It is necessary to put emphasis on continuing those activities and tightening cooperation between the member states, especially when it comes to attribution, and capabilities and offensive tools.


  1. The upsides and downsides of Artificial Intelligence (AI). The more humans become dependent on AI and the less control they exercise over the technology, the more concerns people will have about its use. Some of the greatest threats involve:
  • lack of sufficient transparency and a risk of ‘bias’ in AI algorithms
  • risk of falsifying AI’s decision-making process through input data interference
  • high likelihood of using AI to conduct disinformation campaigns

AI may turn out to have a positive impact on relieving shortages of qualified ICT security expert.Therefore, it is recommended that innovation in this area be supported while overregulation be avoided.


  1. An effective cyber insurance system should be embedded in the security culture founded on cyber risk management and a partnership with customers that aims to build their capabilities, awareness, organisation and procedures. Cyber insurance that will play an important role in establishing appropriate cybersecurity standards and will be one of the economic incentives to drive change in the business sector (complementary to the proposed changes in public procurement) should:
  • be tailored to the customers’ needs, particularly those in the critical infrastructure sector
  • be founded on a fact-based risk assessment taking into account a comprehensive view of the organisation and its conditions (both internal and external)


  1. Further development of security in the business sector
  • Comprehensive approach to internal network architecture and external connections
  • IT system users education about risks and threats in the network
  • Security Operations Centre (SOC) and Security Information Management (SIM), analytics and collection of threat intelligence (SOC enables preparing for, detecting and responding comprehensively to an attack)
  • Procedure and security audits
  • Building attribution capabilities
  • Protection against insider threats by implementing solutions based on profiling and behavioural analysis while respecting privacy rules
  • Implementation of cloud-based solutions that can bring positive effects in the health sector


  1. Building regional competence centres underpinned by strong and effective cooperation between different ecosystem participants. The key aspects in this context are the following:
  • Government support of regional projects with the highest educational and innovative potential through special funds
  • Close cooperation on a global scale, for example via the Global Ecosystem of Ecosystems Partnership in Innovation and Cybersecurity (Global EPIC), which was initiated during the CYBERSEC Forum 2017. The agreement was signed by 14 regional innovation centres from 10 countries, including CYBERSEC HUB, a Polish platform run by the Kosciuszko Institute.

The recommendations will be discussed with the key policy-makers, representatives of the business sector and expert circles at the concluding session of the Brussels conference that will be held on 27 February 2018, under the banner ‘Dealing with cyber disruption – Brussels leaders ‘ foresight’.

The full publication is available here: CYBERSEC 2017 Recommendations


The CYBERSEC Forum is a one-of-a-kind public policy event in Central and Eastern Europe devoted to the strategic cybersecurity challenges. It is also one of the top five cybersecurity conferences in Europe. In recognition of their efforts to launch the project, Izabela Albrycht, the Chair of the Organising Committee and dr Joanna Świątkowska, the CYBERSEC Programme Director, have been listed among the most promising innovators from Central and Eastern Europe in the prestigious ranking ‘New Europe 100 Challengers 2017’, published by the Financial Times, Res Publica, Google and International Visegrad Fund. Attracting more than 1,000 delegates, the conference has been organised by the Kosciuszko Institute annually since 2015 in Krakow. Throughout the year, the forum is accompanied by smaller events in Brussels and Warsaw.


The Kosciuszko Institute is an independent, non-governmental research institute that was founded in 2000 as a non-profit organization. The institute drafts expert reports and policy recommendations for European and Polish decision-makers. Read more about the think tank: VISIT WEBSITE