CPB: government should play a leading role in encryption and authentication

Jul

6

2016

CPB notes in his “Risk Reporting Cybersecurity Economy ‘on the increasing risk of cyber crime aimed at financial gain. The government should take a leading role in the field of encryption and authentication to mitigate this risk.

The report of the Central Planning was drafted jointly with the NCSC and provides insight into economic problems of cybercrime and the consequences for Dutch businesses and consumers. One of the findings of the report is that increases the risk of this type of crime, because the probability of detection is low and the returns are high.

The CPB discusses encryption and authentication, in which it establishes that these techniques in many cases are not used because there is coordination failure. “Encryption can only be used effectively for communication as a large group of users uses the same method,” the report says. In addition, as an example, referring to WhatsApp in that for all users end-to-end encryption deployment. The government must act according to the CPB as a lead user of encryption and authentication by itself to provide public infrastructure and to require standards. The aim is to coordination failures be prevented.

CPB Idensys cites as an example of such an infrastructure. Moreover, governments should improve the security of communication via e-mail by themselves using safe standards such as TLS, dkim, DMARC and spf. A recent survey showed that the vast majority of Dutch municipalities secures his email poor. In response, announced Minister Plasterk recently that municipalities until the end of 2017 have the time to turn on DNSSEC and TLS on their e-mail servers.

Also clear from previous figures that the number of reports of cyber crime remains low, although eleven percent of the Dutch victim thereof. This CPB recommends declaration of eg phishing and ransomware to allow over the internet. At present, citizens would namely still have to go to the police station. There are often present intake workers who have little knowledge on these subjects. Better training could contribute to their knowledge, something the police have already started with. In addition, encourages the Agency to use a central desk where reports of Internet crime can be compared.

Another problem area is the fragmented market of security services. Providers of such services often only within their own borders or regions are active. One of the solutions of the CPB is the creation of a Dutch or European certificate for these companies, allowing small and medium enterprises gain a reputation and more easily across national borders may be active. A similar initiative was this week presented by the European Commission.

The problem of leaks in software also plays a role in the report. This CPB carries the ability to allow developers liable for vulnerabilities as they have taken enough precautions.

The report was presented Wednesday to Secretary of State Klaas Dijkhoff.

Viewing:-89

In: Technology & Gadgets Asked By: [15775 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »