ŠAVŠ/TAČR Digital Czechia in a Digital Europe

144

Unfortunately, the vast majority of companies today are often not ready to face the threats of the 4th generation (cyberattacks that began to appear around 2010 – typically characterized by malware in email communication or documents, for example) 12 let alone the threats of the so-called 5th generation (cyberattacks that began to appear around 2017 – usually combining several types of attacks, able to significantly paralyze the functioning of the target entity and obtain critical data). 13 Nevertheless, most cyberattacks – especially those based on well-known practices and anti-virus programs are already aware of them – are relatively easy to prevent. An estimated 80% of currently successful cyberattacks are easily averted by regular antivirus updates. 14 Continuous updating of these software should thus become a mandatory minimum protection against cyberattacks (albeit a trivial, often disregarded element). An important aspect of this step is therefore to set up a consistent control mechanism to ensure that mandatory security software updates are complied with without exception. According to the European Commission, a mistake on the part of a person, the so-called human factor, is the cause of a breach of cyber security in 95% of cases. 15 The above step must therefore be accompanied, in particular among officials, by regular training in cyber threats and the proper handling of the job computer. Annual retraining should take place after the necessary introductory cyber security course. Training each employee once a calendar year is a generally recommended and applied rule. Regular updates of anti-virus programs, regular training of all employees and continuous (diligent) monitoring of these two key mechanisms should ultimately successfully eliminate most of the current cyber threats.

ENSURING COOPERATION BETWEEN THE PRIVATE AND PUBLIC SECTOR

As mentioned above, active cooperation between the public and private sectors plays a key role in the context of cyber threats. Yet the ways in which such cooperation takes place in European countries vary greatly.

12 Shacklett Mary, 10 ways to develop cybersecurity policies and best practices – Series A Winning Strategy for Cybersecurity, ZDNet, 03/04/2018, see https://www.zdnet.com/article/10-ways-to-develop- cybersecurity-policies-and-best-practices/. 13 Stepping Up to Gen V (5th Generation) of Cyber Security, Check Point Software Technologies LTD, 2018, see https://www.checkpoint.com/downloads/product-related/brochure/gen_v_brochure-.pdf. 14 The UK Cyber Security Strategy Protecting and promoting the UK in a digital world, Cabinet Office (the United Kingdom), 11/2011, see https://assets.publishing.service.gov.uk/government/uploads/system/ uploads/attachment_data/file/60961/uk-cyber-security-strategy-final.pdf. 15 Resilience, deterrence and defence: building strong cyber security for the EU, European Commission (JOIN(2017) 450 final), 13/09/2017, see https://eur-lex.europa.eu/legal-content/CS/TXT/PDF/?uri =CELEX:52017JC0450&from=en.

Made with FlippingBook Publishing Software