Cybersecurity Expert Warns: International Collaboration Key to Tackling Global Cybercrime
As cybercrime is projected to cost the global economy a staggering $23.84 trillion by 2027—up from $8.44 trillion in 2022—according to data from Statista, the FBI, and the IMF, the urgency to address cybersecurity threats has never been greater. In a recent interview with Daryo’s Tawney Kruger at the Cyber Security Summit in Tashkent, Chris Gibson, Executive Director of the Forum of Incident Response and Security Teams (FIRST), discussed the most pressing cyber threats and emphasized the critical role of international collaboration in combating these challenges.
The Evolving Cybersecurity Threat Landscape
Gibson, drawing on decades of experience managing Computer Emergency Response Teams (CERTs), outlined the multifaceted nature of cybersecurity threats. “Cybersecurity threats exist at many levels,” he stated, highlighting technical issues such as ransomware, phishing, and poorly secured software development. While some threats are primarily focused on “monetizing bad security,” others have far-reaching real-world consequences.
The impact of cybercrime is not merely financial; it can have dire implications for human life. “We’ve seen hospitals attacked, and people are dying because of this stuff. The Colonial Pipeline attack showed how half of the U.S. could grind to a halt due to a cyberattack. These threats have significant real-world impacts,” Gibson emphasized.
Emerging technologies such as quantum computing and artificial intelligence (AI) present additional challenges for cybersecurity. Gibson explained, “Quantum computing could crack today’s encryption, which is why some are already storing data, waiting for the moment they can decrypt it. If your data has a long lifecycle—like health records—quantum computing is a serious concern.”
AI, while offering vast potential to automate security systems and detect threats, also poses risks. “The bad guys are using AI because it’s cheap, it’s free, and it’s available. They don’t care about regulations, unlike us, who must follow laws and guidelines,” he noted. Gibson raised concerns about AI escalation, warning, “If one AI starts fighting another AI, and there’s no human in the loop, things could escalate very quickly. The risk of losing control is real.”
The Role of Global Collaboration
In light of the growing complexity of cyber threats, Gibson stressed the importance of international collaboration and person-to-person networking. “There’s a shortage of skilled cybersecurity professionals, and not enough time to do everything manually. Right now, networking and person-to-person communication is key,” he said.
Building personal relationships across borders is essential for effective response. Gibson cited his ability to reach out to contacts in Uzbekistan as an example: “If I’m in the UK and something is attacking me from Uzbekistan, I need to be able to call someone directly. It’s faster than going through official channels. Personal contacts are super vital.”
However, he acknowledged the challenges of scaling this model for long-term sustainability. “It’s not scalable in the long term. The goal is to build organization-to-organization relationships, but that takes time,” he explained. To facilitate this process, FIRST has implemented initiatives like the Common Vulnerability Scoring System (CVSS) and the Exploit Prediction Scoring System (EPSS) to standardize vulnerability reporting. “These tools help us quantify vulnerabilities and prioritize which ones to fix. They’ve made life much easier for organizations managing hundreds of vulnerabilities,” he noted.
Capacity Building in Developing Regions
FIRST is actively working to extend its reach into regions like Central Asia and Africa through initiatives such as the Suguru Yamaguchi Fellowship Programme. “We want a network that includes every country in the world,” Gibson explained. “We’re in 111 countries so far, but we still have gaps, especially in Africa and parts of Central Asia.”
Uzbekistan serves as a success story in this endeavor. “Uzbekistan came on board after we met them in Oman in 2019. We funded their attendance at conferences, and now they’re part of the community. It’s all about showing the value of being part of an international network,” he said. Gibson emphasized that capacity building should be driven by local experts identifying their own needs rather than external entities dictating solutions.
The Delicate Balance Between Privacy and Security
When discussing the role of platforms like Telegram in Central Asia, Gibson acknowledged the challenge of balancing privacy with national security concerns. “As a person, I want my data to be private, but I understand why governments may want access to information, especially in cases like child abuse or drug trafficking,” he admitted.
However, he expressed concern over the potential for abuse of such access. “If you put in a back door, it will eventually be abused. It’s no different from when the post office could intercept mail. The issue now is scale and ease of access. It’s a fine line to walk,” he cautioned.
Geopolitical Tensions and Cybersecurity
The conversation also touched on the geopolitical challenges complicating cybersecurity efforts, particularly in light of sanctions and international tensions. Gibson cited the example of Huawei, which is responsible for much of the internet infrastructure in Central Asia and Africa but has faced sanctions. “We want to talk to them, but sanctions complicate that,” he noted.
While acknowledging the necessity of sanctions in certain cases, Gibson emphasized the importance of communication between cybersecurity teams, regardless of political tensions. “We’re often called ‘firefighters.’ When a fire crosses a border, you don’t just stop at the border—you work together to put it out. That’s what we do, even in politically challenging situations,” he explained.
Looking Ahead
As the cybersecurity landscape continues to evolve, Gibson underscored the need for collaboration, automation, and capacity building to stay ahead of emerging threats. “Cybersecurity is a global issue, and we need to work together to tackle it. Whether it’s through personal relationships, standards, or AI, the key is to keep improving and collaborating,” he concluded.
With cyber threats becoming increasingly complex and far-reaching, the insights shared by Chris Gibson highlight the importance of both human connections and technological advancements in navigating the rapidly changing cybersecurity landscape. The call for international collaboration is not just a recommendation; it is an imperative for safeguarding our digital future.