DNSC: We have around one billion connected devices across the country

Technology has taken us by storm and this has not happened against our will, on the contrary. One billion terminals are already connected in our country, informs the director of the National Directorate for Cyber Security (DNSC), Dan Cîmpean. According to the director of the DNSC: "The biggest risk for such subjects is that they (innovation, digitalization and cyber security, n.r.) are ignored, that they do not have priority on the decision-makers' agenda, and I do not think that in the case of Romania we have this risk. We observe with everyone that there is a proliferation of new and new platforms, new devices that are connected every day. Every second, somewhere around 127 smart devices are connected to the Internet. So we are talking about millions and millions, during a few days. Our estimate from the Directorate is that we probably have around a billion devices already connected in Romania. If we also add all the platforms, all the systems that the institutions manage, we get a somewhat complex picture and somehow worrying. Obviously, digital technologies come with a lot of risks related to the security of information, data, and critical or less critical infrastructures. I strongly believe that we have only one chance to address these risks and to address them successfully only as an ecosystem. When I say ecosystem, I mean actors from the government sector, the business environment, so the private environment, the academic environment, the research and development environment, our international partners and allies. Without addressing these risks related to digitalization in the cyber field, in this format, it will be extremely naive to believe that we will be successful". In the view of the head of the DNSC, globally hackers are very well financed and motivated geopolitically and ideologically: "We live not just an extremely complex technological evolution. We also live in very, very complicated times. We have a hybrid war on Romania's border. On the other hand, there are extremely complex events in the region. There is a terrorist attack against the State of Israel, a cyber component that crosses borders and transcends the region and that worries us very much. There are very well-financed, very well-trained, very motivated attackers: state actors with unlimited funding, with superb technical training, with patience and with very high-performing technical means, who are geopolitically and ideologically motivated. Factors from the field of criminal groups are the most, the ones that cause us the most headaches. A category of actors that is somehow represented by activists, people inside the organization who have access to technologies, to information. All these categories target the infrastructure we were just talking about, namely any device, any piece of relevant information that has a monetary value in the market and that together, collectively, we have the responsibility to protect". Dan Cîmpean emphasized, at the 7th edition of the Critical Infrastructure Protection Forum (CIP Forum) at the same time, that, based on the analyses, it was estimated that a cyber attacker needs 13 and a half hours between the moment when steals the data and the one in which it is used: "Analysts have shown that, at this moment, from the identification of a significant vulnerability in an infrastructure to the moment when the data is exfiltrated by an attacker, or is encrypted or sold, it takes somewhere about 13 and a half hours. This is the pace we observe and for which we must be prepared. On the other hand, let's not forget to be prepared for major national level incidents, and for us, for the Directorate, this is one of the categories that we are concerned about and that we are trying to prepare for. We believe at this point that we can, as a state, as an ecosystem, reasonably manage one national level incident per week. (...) I strongly believe that that is all digitization and cyber security are intertwined and we must have the courage to launch many more projects. I'll just give you an example from the Directorate: we have 17 ongoing projects at the moment, full-blown projects, in which we work in consortia, in partnerships with various organizations, either from Romania or from the European Union. We still have 53 more in preparation". ICI Bucharest organized the Digital Innovation Summit Bucharest (DISB) event at the Palace of the Parliament, during which both the 7th edition of the Critical Infrastructure Protection Forum (CIP Forum) took place , as well as the 3rd edition of the International Conference on Cyber Diplomacy (ICCD).