Above photo: Dr. Jean-Luc Vez moderating the WEF Cybercrime Dialogue at INTERPOL World 2017. Photo by Dean Koh/OpenGov Asia.
At the sidelines of the INTERPOL World Congress 2017 held in Singapore from July 4 to 6, OpenGov had the opportunity to interview Dr. Jean-Luc Vez, who moderated the World Economic Forum Cybercrime Dialogue at the opening of the Congress. Dr. Vez has held senior security positions with the Swiss Federal Government and Police for many years prior to becoming the Managing Director, WEF, Head of Security Policy and Security Affairs, in April 2014.
In this interview, Dr. Vez shares his thoughts on WEF’s role in tackling cybercrime, the emergence of IoT-related threats and how increased public-private cooperation can contribute towards the fight against cybercrime.
Could you tell us more about your role as Head of Public Security Policy and Security Affairs at the World Economic Forum?
Firstly, my role is to secure the events we are organising worldwide – that means to speak to the local military, local police forces, local governments, presidential guards, and so on so forth in order to assure the physical security of the meetings. As you know, there are not only many CEOs or Chairmen who are supposed to attend the meetings but also government representatives, heads of states and so on.
The second mission has more to do with security policy as content. So for example, we addressed during the last 2 years, cybersecurity as one of the most interesting issues where we gathered CISOs from WEF partners, representatives from law enforcement agencies which are acting globally like INTERPOL, regionally like EUROPOL and nationally such as national ministries of interior and justice. This community of CISOs and representatives of law enforcement discuss cybercrime, especially how to tackle cybercrime in common by furthering better collaboration between the private and public sectors.
What do you think are the biggest cyber threats and how do you think they are evolving?
The community I just spoke about address these questions, which is a really important one as of the beginning of the discussion. They decided not to enter a complicated discussion around definitions but try to describe the phenomenon. They have identified 2 main categories of cybercrimes. The first category of crimes are those which already existed before the Internet such as blackmailing, theft of data, corruption, illcit economy such as counterfeiting and so on.
The second category of crimes are the types of crimes which are directly related to Internet as a tool. Examples are hacking, intrusion of systems, DdoS and trojans. I am still convinced that those 2 categories are the main categories for the moment for now. After having discussions with a couple of people, I think one new category might appear in the next month or year, which might be linked to the Internet of Things (IoT). That’s probably a huge challenge which is coming up on us all.
I got a couple of examples during the last month in this regard. You know the famous example of the teddy bear? These days, the teddy bear will probably be moved by the Internet and behave like small robots. In my time, teddy bears are simply just toys but today, it would be possible to drive your fridge, television and why not, your PC through the teddy bear. So IoT and crimes linked to them will probably become more important in time to come.
What role does the World Economic Forum see itself playing in the cyber risk arena?
We had, since about 1.5 years ago, an international institution for public-private collaboration has been recognised by the Swiss government – that means it is an international global player which is impartial and neutral and the vision of which is to improve the state of the world. In this field, the WEF will play a role of catalyser so by helping states and companies which are not necessarily speaking to each other, openly address issues both confronted with and help them find common solutions.
I am convinced that there is a space for such an international institution especially in a time where the mistrust is quite high on the top of the political agenda and the competition between companies. I think there is space for helping those partners I just spoke about restore the trust among them.
You spoke earlier about public-private cooperation. Do you see adequate public-private cooperation happening around the world? What are the challenges in encouraging more public-private cooperation?
I think the main challenge is mistrust, which is existing, which I have observed, mistrust between companies which are in a very competitive environment and the mistrust between the private sector and the public agencies or governmental structures. We’re not speaking about the natural mistrust between states, that will always exist.
What we realised with the project we run on cybercrime, with the recommendations and guidance we have launched on the field of information sharing, promoting creation of information sharing platforms between the private sector and public one. What we realised is that it is possible to establish or re-establish the trust. I’m convinced that as soon as the minimal amount of trust will be re-established, it will be possible for law enforcement agencies to better work together and find common solutions, for example, by sharing more information. Sharing of information is one of the keys to success against crime in general but in particular, in the fight against cybercrime.
If the information is circulating fast and efficiently according to clearly defined rules, the work will be more efficient.
How do you think cooperation between governments can be enhanced towards combating cyber threats/crimes?
It is again an excellent question because here you address not only the typical aspects the fight against cybercrime, but more generally elements we use to relate to cybersecurity. I think we decided so far, not to focus on the cybercrime because we were convinced that by addressing cybercrime, the interests are the same, regardless of the partners, the states or private sectors.
On the contrary, as soon as you are addressing questions around original national security, we think it will be more difficult to identify common interests and consequently to find common measures. This is because it is in the logic of the relationships between states that there are national interests which are not often possible to align.