Securing the Digital Economy: Reinventing the Internet

1. SECURING THE
DIGITAL ECONOMYReinventing the Internet for Trust

2. Internet Today:
We Are More Dependent… But More Concerned
Businesses, Individuals and Societies Are Increasingly Dependent on Internet…
Source: See note for references
Individuals Businesses Societies

3. … But Only 30% Are Very Confident in the Internet and This Drops to 25% in 5 Years
“How confident are you in the security of the Internet for your business?” (N=1,700)

4. Why the Internet is Under Pressure
Internet
Today
Authentication is getting harder,
as no individual has just one single
identity in the digital world.
3. Identity and Data Veracity
The global spread of data
localization laws can depress
economic activity across all industries.
4. Digital Fragmentation
Internet Security was
designed to prevent physical
failures, not attacks.
1. Inherent Flaws
More end-points and more
Internet connected devices
to protect expands the
surface area of attack.
2. The IoT Effect

5. The Risk to the Digital
Economy and Society is High
Risk for the Society
With computers and networks
so deeply embedded in most
critical infrastructures, the
risks are becoming extremely
high.
Cybercrime threatens not only
many of the benefits we have
realized, but also our health and
societal safety.
Risk for the Economy
(Value at Risk* due to direct and indirect attacks,
Cumulative 2019-2023, $Bn)
* Expected foregone revenue cumulative
over the next 5 years. Calculations over a
sample of 5,640 global public companies*
Source: Accenture Research
$5.2Tr
23%
77%
Direct attacks
Indirect attacks

6. How CEOs Can Help Fix the Internet
Standards and
Best Practices
ABOVE GROUND:
BELOW GROUND:
Technology Investments
Governance:
Join Forces with Other Companies
75% No one organization can solve the
cybersecurity challenges of the Internet
economy on its own; it will require an organized
group effort.
Business Architecture:
Commit to a Business Model That
Runs on Digital Trust
80% Protecting companies from
weaknesses in third parties is
increasingly difficult given the complexity
of today’s sprawling Internet ecosystems.
Technology:
Progress and Prepare
79% The rate of adoption and innovation has
outpaced the security features needed to
ensure a resilient cyber economy.
Source: Accenture

7. ABOVE GROUND:
BUSINESS
INITIATIVES

8. Governance
Join Forces with Other Companies
Promote a formal
educational system able to
train software professionals
to deal their new technical
and ethical responsibilities.
1.
Create an Internet
security code of
ethical conduct
for each industry.
Lead discussions seeking to
design security standards for
devices, data, algorithms,
networks, and protocols
(especially CEOs of
technology companies).
2.
Design
principle-based
standards for
Internet security.
Participate fully in the
debates that are already
starting to take place as
regulators discuss how
countries and regions must
protect people’s digital
identities.
3.
Promote consumer-
controlled digital
identity adoption to
increase trust.
Accept the short–term costs of
transparency and work with
institutions and other
companies to better
understand how to prevent
new attacks.
4.
Commit to sharing
information about
cyberattacks and
data breaches.

9. Business Architecture
Commit to a Business Model That Runs on Digital Trust
Manage the trade-off
between time to market and
ensuring secure sustainable
growth through technology,
and always choose secure
growth.
1.
Articulate a security
by design vision.
Align the individual, short-
term incentives of business
line managers to the longer-
term cybersecurity interests
of the company (e.g.
adjusting rewarding system).
2.
Hold line-of-business
leaders accountable
for security.
Educate fellow board
members, helping them
become more cyber-savvy
and better risk managers.
3.
Bring the CISO
to the board.
It is in the interest of large
organizations to help smaller
business partners operate in a
trustworthy digital environment
and help to facilitate the same
levels of security.
4.
Close off areas of
exposure in the
company’s value chain.

10. BELOW GROUND:
INTERNET
INFRASTRUCTURE

11. Technology
Progress and Prepare
Invest in and demand the
adoption of new Internet
protocols as they only
produce benefits if enough
networks commit to them.
1.
Resolve
vulnerabilities
in basic Internet
protocols.
Ensure that software
security and update
functions are embedded
in “edge” devices—such
as mobiles and IoT
devices—from initial
design.
2.
Strengthen
security at the “edge”.
Make network
environments dynamic, so
that they exist only for the
time needed to complete a
specific task, making them
almost impossible to
attack.
3.
Embrace Software-
Defined Networking.
Keep the evolution of quantum
computing on the radar to
make IT systems quantum-
ready as soon as the
technology allows.
4.
Tackle the
quantum challenge.

12. THREE CONCRETE
AREAS OF ACTION
FOR CEOs

13. Accept the short–term costs of transparency and
work with institutions and other companies to
better understand how to prevent new attacks.
Join Forces with Other Companies and Govern Globally
Governance
Create an Internet security code of
ethical conduct for each industry:
Design principle-based standards for
Internet security:
Participate fully in the debates that are already
starting to take place as regulators discuss how
countries and regions must protect people’s
digital identities.
Promote a formal educational system able
to train software professionals to deal with
their new technical and ethical
responsibilities.
Lead discussions seeking to design security
standards for devices, data, algorithms,
networks, and protocols (especially CEOs of
technology companies).
Promote consumer-controlled digital
identity adoption to increase trust:
Commit to sharing information about
cyberattacks and data breaches:

14. Business Architecture
It is in the interest of large organizations to
help smaller business partners operate in
a trustworthy digital environment and help to
facilitate the same levels of security.
Connect and Protect with a Model Run on Digital Trust
Manage the trade-off between time to
market and ensuring secure sustainable
growth through technology, and always
choose secure growth.
Align the individual, short-term incentives
of business line managers to the longer-
term cybersecurity interests of the
company (e.g. adjusting remunerations).
Educate fellow board members, helping
them become more cyber-savvy and
better risk managers.
Articulate a Security by Design
Vision:
Hold Line of Business Leaders
Accountable for Security:
Bring CISOs to the Board:
Close off Areas of Exposure in the
Company’s Value Chain:

15. Technology
Keep the evolution of quantum
computing on the radar and be ready to
make IT systems quantum-ready as soon
as the technology allows.
Advance Business and Enhance Safety
Invest in and demand the adoption of
new Internet protocols as they only
produce benefits if enough networks
commit to them.
Ensure that software security and
update functions are embedded in
“edge” devices—such as mobiles and IoT
devices—from initial design.
Dynamic network environments only exist
for a limited time to complete a specific task
making them almost impossible to attack.
Resolve Vulnerabilities in
Basic Internet Protocols:
Strengthen Security at
the “Edge”:
Embrace Software-Defined
Networking:
Tackle the Quantum Challenge:

16. Reinventing the Internet for Trust
CEO
Engagement
is Needed
to Reinvent
the Internet
90%
of C-levels believe a
trustworthy digital economy
is very or extremely critical
to their future growth.
Benefits for
Businesses
Individuals
Society