The G20 encourages all industries to build resilience, including India
The G20 is an intergovernmental forum of the world's major developed and developing economies. The G20 members represent around 85% of the global GDP, over 75% of the global trade, 80% of global investments in research and development, and about two-thirds of the world population. The G20 president invites several guest countries to participate in G20 events and contribute to the agenda. As a forum, the G-20's decisions and agreements have no legal effect, but they do have an impact on national policy and international collaboration.
BDSLCCI cybersecurity framework can contribute in building secured cyberspace and resilience for maximum industries.
by Dr. Shekhar Pawar
History of G20
The Asian financial crisis of 1997 was still having effects when the G20 was conceived in 1999. In December 1999, at Berlin, Germany, the committee held its first meeting.
It was resolved to broaden the group and make it more representative at a meeting of the G7 finance ministers and central bank presidents in order to develop policies that have an impact on the economy. They made the decision to invite a number of significant emerging economies to the newly formed G20 forum of finance ministers and central bank presidents. The G20 emerged as the primary tool for addressing the crisis with the onset of the world financial crisis in 2008. And it was crucial that the highest ranking officials get involved in that. Presidents and other leaders of state then joined the G20.
Countries part of G20
The members of the G20 are Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Republic of Korea, Mexico, Russia, Saudi Arabia, South Africa, Turkey, the United Kingdom, the United States and the European Union.
Importance of G20
The G20 is both big enough to represent the vast majority of global economic production and small enough to enable practical face-to-face conversations that adapt to the emerging issues of the international agenda. It is very important initiative as the G20 invites its participant members, invited nations, international partner organizations, and affinity groups—to engage in discussion and find common ground in support of public policies that address humanity's problems.
This Group of 20, deals with a broad theme. While economic and financial issues tend to lead the agenda, other areas have gained momentum. Traditional topics include the global economy, financial markets, fiscal affairs, trade, agriculture, employment, energy and the fight against corruption. Other recent additions include participation of women in the labor market, sustainable development, global health, and fight against terrorism.
The G20 has primarily succeeded in:
- Increasing emerging nations' involvement in global issues,
- Reforming international financial institutions,
- Monitoring national financial institutions,
- Improving the regulations of the economies whose issues caused the crisis, and
- Developing safety nets to guard against problems in the future.
Additionally, the G20 specifically provided emergency funding during the 2008 financial crisis and is crucial to financing development.
G20 encourages all Industries must build resilience including India
As per news and according to India's the National Cybersecurity Coordinator, on 5th June 2023, outlined a draft called as the “Delhi Declaration,” a series of commitments to “responsible state behaviour in cyberspace” for G20 member countries, drawn from existing non-binding norms that they have already signed onto under United Nations auspices.
If adopted, G20 countries would commit to “not damage critical infrastructure or other essential systems; commit to cooperate, mitigate and investigate cyber incidents, and other malicious activities in cyberspace, in particular when it comes to ransomware; commit to protect and not disrupt software supply chains; commit to respect international law and rule of law in cyberspace; and finally commit to protecting the humanitarian sector,” as per reading out of the draft.
As long as we rely on systems that are based on hardware and software, as well as rising software-isation, vulnerabilities [in cyberspace] will persist. If vulnerabilities persist, cyberattacks will happen more quickly than they are currently for a variety of reasons, including the newest generative Artificial Intelligence (AI). Industries will need to "build resilience," which will require developing a skilled "cyber workforce," establishing standard operating procedures for businesses, and working with other nations.
Given the limited success of efforts to establish a rules-based order in cyberspace, it is time for cybersecurity to play a larger role in the G20's key priorities.
BDSLCCI can contribute in building secured cyberspace and resilience for maximum industries
Cyber resilience is a concept that combines organizational resilience, cyber space security, and business continuity. In other words, the idea refers to the capacity to carry on achieving desired results in the face of difficult cyber events like cyberattacks, natural catastrophes, or economic downturns.
According to the latest research published in 2022, "LCCI: A Framework for Least Cybersecurity Controls to be Implemented for Small and Medium Enterprises (SMEs)" in Elsevier’s JJIMEI international journal, one out of every two SMEs is facing a cyberattack. It costs more than $2.2 million a year on average; 43% of cyberattacks target small businesses; and 60% of small businesses shut down within six months of a cyberattack. According to Dr. Shekhar Pawar, hackers are developing new methods to improve their ability to commit cybercrime. "An earlier ransomware attack was only encrypting the computers, and asking for a ransom for the decryption key,” says Dr. Shekhar Pawar. "Following the decryption key ransom, cybercriminals began threatening victim organizations with selling the hacked data on the dark web. It is double extortion. Now, recent cyber news is talking about triple extortion, where hackers can further use the hacked information to perform a Distributed Denial of Service (DDoS) attack to flood the victim's server with traffic, etc.”
Dr. Shekhar Pawar, founder and CEO of SecureClaw Inc, USA, having diverse international work experience in cybersecurity, software development, and teleservices, took the initiative to dig into the root cause of the problem faced by the top management of the SME while implementing cybersecurity controls. He had conducted an analysis of the various inputs from the top management of SME companies in 19 countries during his doctoral studies on the cybersecurity of the SME segment at SSBM Geneva, Switzerland. The participating SMEs were from Australia, Bangladesh, Cyprus, Ghana, Hong Kong, India, Indonesia, Israel, Malaysia, Nigeria, Norway, Russia, Singapore, South Africa, Sri Lanka, Sweden, the United Arab Emirates, the United Kingdom, and the United States. According to research, existing leading cybersecurity standards appear very expensive for SMEs, as they demand hundreds of controls to be implemented. Also, SMEs do not have enough resources to adequately implement those. More importantly, existing standards are providing a common, generic set of cybersecurity controls for all the business domains, where top management can’t see relevance to their business priorities and ROI. It has caused many SMEs to either not go ahead with the cybersecurity controls implementation or to choose any random controls as their own.
As an outcome of the international research studies, Dr. Shekhar Pawar has invented and published internationally “Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI)” which provides tailored cybersecurity controls for each business domain of the SME segment, reducing the number of controls to be implemented, the required time, and the overall implementation cost, and hence increasing the return on cybersecurity implementation investment (ROI). Via BDSLCCI logic, it possible to identify a set of cybersecurity controls for a particular SME depending on its business domain requirements. It means that SME working in e-commerce must implement certain controls, while SME working in manufacturing must implement their own set of cybersecurity controls, and so on. There are three stages of the BDSLCCI journey of SME, known as Level 1 through Level 3. It helps the top management of SME businesses to invest stage-wise with direct protection for the mission-critical assets of their business. SecureClaw Inc. has developed BDSLCCI.com, an AI and machine learning-based web platform. Any SME representative can sign up by visiting a web portal and utilizing its user-friendly functionality.
When a SME representative logs in to the BDSLCCI web portal, an AI-ML based software algorithm shows the recommended stage-wise cybersecurity control journey. SME can implement those, upload evidence showing effective implementation, and get a certificate of the BDSLCCI level attained after an online audit performed by the BDSLCCI auditors.
Additionally, SecureClaw is developing simple-to-use cybersecurity tools for small and medium-sized businesses to help them stay one step ahead of online threats.
BDSLCCI is expanding its network of certified lead auditors and member organisations worldwide, which will provide SMEs with consulting or more assistance in the successful adoption of BDSLCCI to secure their cyberspace.
Below is the sample illustration of BDSLCCI certificate awarded to the organization after successful assessment.
Below is the sample illustration of BDSLCCI trascript shared with the organization after successful assessment.
Below is the sample illustration of BDSLCCI controls implementation effectiveness online analytics report shared with the organization after successful assessment.
Conclusion
To sum up, because of the economic and geopolitical ramifications, cybersecurity has emerged as a crucial facet of world affairs that need proper attention. Given the limited success of efforts to establish a rules-based order in cyberspace, it is time for cybersecurity to play a larger role in the G20's key priorities. As 90% of businesses worldwide are small and medium companies, BDSLCCI kind of cybersecurity frameworks can easily be adopted and can contribute in maximum impact.