Articles

Cybersecurity: 2023 in Review

The National Cybersecurity Coordination Centre (NCC), under the auspices of MITA, organised the fifth and final CYBER Breakfast event of the year, ending the series of successful events for this year. Held on Friday, 15th December 2023, at the AX The Palace Hotel, it stood as a ‘Year in Review’ to provide an overview of the past year, and the objectives for the years to come.

Vice-Chair of the Consultation Council for the Community , Mr Donald Tabone, presented the Community’s visions and objectives at the event, giving his debut speech as Vice-Chair. All the objectives were at first proposed to Community Members for feedback, to ensure that the objectives are synonymous and relevant.

The National Cybersecurity Community’s goal is to secure the Maltese and EU cyberspace by bringing together knowledge, competency, and experience within one community, while encouraging active participation and contribution in research and educational programmes to build next generation cybersecurity solutions.

The National Cybersecurity Community, being the first of its kind, is a major step forward for the Maltese community in general. They have organised a string of successful events throughout the year, culminating in this final event.  In this manner, four objectives for the term to come have been established, being:

1. Increase Figures within the National Community

2. Raise Awareness and Outreach beyond the Community

3. Address Gaps in Skills within and outside of the Community

4. Address Coordinated Vulnerability Disclosure at a National Level

The goals are many, and the road to achieving these objectives lie in things such as encouraging more participation to increase awareness, more young professionals to enter the field, and facilitating safe & responsible vulnerability disclosures. The cybersecurity awareness and education towards the younger generation is also a big question mark, where it should be introduced as much as possible consistently from an earlier age. These are some of the many things that need to be addressed.

CVD (Coordinated Vulnerability Disclosure) aims to have a vulnerability disclosed in a safe environment, in a way that it doesn’t backfire without necessarily seeking bounties but using ethics, though ethics in itself is a grey area. The Community’s goal is to have a system put in place for vulnerabilities to be disclosed.

The Community is composed of 487 individuals and 68 entities and counting, with the most prominent expertise of these individuals and entities being Security Management & Operations. The Community is represented by 13 Consultation Council members, and throughout 2023, three memorandums of understanding were signed, aimed at eliminating duplication of efforts, maximising resources, and offering optimised reference points to the National Cybersecurity Coordination Centre and Community, collaborating with MCST, MDIA and NCC Cyprus.

The second part of the event involved splitting into ten different groups, to answer 3 discussion points in relation to every objective, being:

1. What actions and initiatives should the Council prioritise to reach this objective?

2. For the actions and initiatives identified in (1), identify tangible key performance indicators (KPIs).

3. What are the top 3 challenges in relation to this objective that may hinder its achievement, and how can the Council and Community work on overcoming these?

The outcomes of these discussion points were outlined by the groups, with notable comments about the standards of cybersecurity being enforced at a government level, to incentivize smaller companies to comply with certain cybersecurity standards.

Cybersecurity in itself needs to be made more attractive to younger generations, focusing on its most incentivising aspects. Generally speaking, the sector needs to be ‘marketed’ in a way that makes it more appealing, to help reach these objectives.

In light of all that’s being said, there are schemes in place to help foster the growth of this sector, such as the CYBER+ALT Grant Scheme which aims to aid local entities in the uptake of cybersecurity solutions, targeting small to medium sized enterprises, with a grant reaching a maximum of €60,000 co-funded through the Digital Europe Programme (DEP)

There is also the Cyber Assess Scheme which aims to bolster business’s security and resilience through specialised cybersecurity expertise and services, focusing on the private sector, which is funded by the Recovery and Resilience Facility (RRF) fund.

For more information on these schemes, visit ncc-mita.gov.mt

The cybersecurity landscape is vast, and with 2023 coming to a close, 2024 sets goals ever higher to cement the importance of cybersecurity knowledge and implementation.

This article is co-funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Cybersecurity Competence Centre. Neither the European Union nor the European Cybersecurity Competence Centre can be held responsible for them.