 can be a estimated at 400 450 billion dollars 450 billion dollars, which is a huge amount of of money and Based on that we decided to gather representative from our partners private companies chief information security officers chief security officers as well as top representative from international organizations which are acting global worldwide and Original so we had representatives from interport from Europe or from your adjusts from several ministers of justice for example us department of justice and we decided to speak together a about the question how to address the the cybercrime and the members of this group decided to follow the the following methodology first a they decide to address the question of the threat assessment and interestingly they Rapidly came to the same result to a common result There are two main categories of cybercrimes a first category which Has to do with the crimes which already existed before Internet existed like a theft like corruption light like money laundering And the second category Comprised the types of crimes Which are directly related to the use of internet DDOS for example or Trojan's or a order a Order means which have been used and continued to be used by the hacker in order to disturb the communication the after having done that threat assessment and achieve the same results in terms of a Description of the threats the group decided to have a look at what has been done so far The idea was to really have impact not to reinvent the the wheel if you want so we discussed with several institution academics and and Public institution the question what has been done worldwide so far in the combat of against the crime what has been done on the regional level and and so on and reference document has been established which is a describing the initiatives Existing so far based on the threat assessment common threat assessment based on these reference document the group decided to discuss the Question what are the common needs what are the common needs from both for both or from both the Public sector law enforcement and the private sector and rapidly again rapidly the group came to a Common result the main needs needs in that in that field have to do with the sharing of Information there is a huge lack so far on the global level on the regional level In the field of the sharing of information and ladies and gentlemen that has to do with the lack of trust Like in sharing of information has to do with the lack of trust the companies don't trust each other There is a huge mistrust between a the states and the companies between the public sector and the and the company so based on the establishment of these Common needs the group decided to list a couple of common measures private public measures so they decided to Publish five recommendations Five recommendations for public private partnership against cybercrime and the goal the main goal of these recommendations is To enhance the sharing of information between the private sector and the public one by first establishing Global information sharing platform on on the world level if you want and it is what a Interpol is a Doing now. Mr. Nakatani will explain to you What has been done and what are the next steps in that field and second by Establishing information sharing platforms on the regional level especially in Africa and therefore our Presentation today the idea is to show to you that there is not only a need for information a better information sharing Against cybercrime on the global level. There is a need on the regional level as well Following a very important principle, which is true Especially in the field of the combat of the crime think global but also act local a couple of votes Regarding the next step these those recommendations have been endorsed during the annual meeting in Davos last last January Now the idea is to enter the phase of the implementation of these recommendations That means we will work work together again with the private sector and the public one in order to establish a couple of guidance the purpose of which will be to have a picture of what has to be shared in terms of information and how the Participants have to share their information in order again to Be practical but in order again to establish or Re-establish the trust which is so important in order to efficiently Fight the cyber the cybercrime We will promote the implementation of these recommendations on all regional during the all a regional event events we will Run this year especially in Asia, but in India as well in order to create their regional information Sharing platform as well and we will address a couple of topics as well which have to do with the question of the implementation of the existing Regulations in the field of the cybercrime especially the Budapest convention so Max and dear colleagues the Introduction and just to describe what has been done so far and what's the Initiative of the forum in the field of the cybercrime does mean I'm I think we'd like to hear from From the public sector so if minister Kone if you couldn't Outline some of your thoughts, please Okay, thank you. Thank you, Max I'm afraid I will make this press conference longer because I will speak in French and Mr. Jean-Luc Vez will translate Thank you. Thank you for that Ce que je dois dire pour commencer c'est que nos pays africains ont aussi besoin d'avoir de créer la confiance avec les utilisateurs que de créer des réseaux donc créer cette confiance est aussi importante que tout le reste de l'activité que nous menons aujourd'hui à travers la construction des réseaux à travers la facilitation de l'accès à travers la production de contenu etc etc donc pour nous l'été ici sont perçus comme un véritable catalyseur et chacun chacun le sait ici un véritable catalyseur des développements de nos pays les TIC sont au centre aujourd'hui de la vie de nos pays et nous sommes dans une vitesse qui est beaucoup plus importante en termes de progression relative que beaucoup de pays européens donc nous avons intérêt à voir un secteur de numérique qui soit fiable un secteur de numérique qui crée la confiance un secteur de numérique dans lequel les populations n'hésitent pas à aller dans lequel les populations n'hésitent pas à exercer aussi bien dans l'éducation que dans la santé que dans la gouvernance de nos états etc etc la deuxième chose que je dirais c'est peut-être l'aspect spécifique de de la cybercunialité pour les pays africains et en particulier pour mon pays la Côte d'Ivoire I think I will make a first step stop here Yes, Minister Kone mentioned the fact that the trust I mentioned as well is in Africa to one of the main aspects of the collaboration and it is one of his goals to develop this trust there is no development of networks without trust ITC are a chance of course for everybody for the African population in general for every state but these technology is accompanied by again also by a dark aspect which have to be dealt with and it is a huge challenge for every state to address these aspects but the Ivory Coast and Minister Kone is ready to accept this challenge and to go ahead In Africa and mainly in Côte d'Ivoire we have to know that this cybercuniality mainly has an image which is that of a small escroquerie the cybercuniality is the definition it is for example the intrusion in an informatic system it is for example to respond to spam in systems it is the pornographic pedo but what we can see in our countries and in particular in Côte d'Ivoire is the use of tools which are communication tools to actually make small escroqueries we see it in the sample on the heritage we see it for example in what is called the love chat where people actually use these equipment only in the purpose of killing others so the tool itself is not really determined in the act of cybercuniality as it was in our environments It is interesting to note that it seems that the image of the cybercrime in Africa is rather related to the first category of crimes I just described before that means with the crimes which already existed before internet existed like for example a small bribery or so-called love chats and internet is also used, just used as a tool in order to commit crimes which existed and still exist without internet if you want, a facilitator, a kind of facilitator We had a lot of sites of payments, we were even blacklisted on a lot of online shopping sites, online payments the image of the Côte d'Ivoire was negative in terms of cybercuniality and unfortunately we had a lot of young people who regularly gave themselves to this type of activity and were obviously caught in infraction and were often caught, so we had the obligation to put an end to it and to bring solutions that would completely eradicate the cybercuniality of our own country The Ivory Coast was in a certain sense obliged to do something because in the end the image of the country has terribly suffered from these use of internet to commit crimes So there was a need from the political side to do something and it has been decided to act in order to eradicate this type of crime to be noted the fact that young people, very young people were normally involved by the committing of these crimes Okay, maybe I will come later on the solutions we've used in Côte d'Ivoire to fix this problem We can have questions on that I think we'd like to hear from the perspective of law enforcement Mr. Noboru Nakatani Thank you, good evening ladies and gentlemen I'm happy to be here to discuss and further develop the 2016 Davos recommendations for the public-private partnership against cybercrime which was outlined by Mr. Jean-Luc Bates In fact, the collaboration with private sector and academia by leveraging their technology and expertise is at the heart of the Interpol strategy to combat cybercrime As you know, cybercrime is becoming increasingly organized, sophisticated and industrialized and produces a high profit with a low risk of arrest So cybercrime has obviously become attractive business model for the criminals worldwide The challenge we have or we are facing is that law enforcement is currently the closed system based on nation-states What set we are facing, cybercrime, is global So policing inherently does not scale globally across national borders Surely it doesn't scale in cyberspace either And the top of that, the power has been shifting from the nation-state to the non-state sector If you see the encryption case between the API and Apple it represents the current situation So this is a very challenging situation in which law enforcement must operate in order to identify and arrest criminals This is why there is a crucial role for Interpol to play as a global facilitator to address cybercrime Given this situation, the Interpol Global Complex for Innovation was created last April 2015 as one stop shop to assist our member country to combat cybercrime So our response must be coordinated, multilateral and global So multistakeholder approach is the most effective way to combat cybercrime Let me give you one example of how Interpol works with a private company The currently 10 experts from the private companies are working with our staff, Interpol staff in IGCR On a daily basis, they provide us with the analytical support on the specific cyber threat and work on the specific police research project So working together is the easiest way to build a trust So actually, the private sector has their own business culture and law enforcement has another one So knowing each other is a fast step to build the trust Actually, one of the outcomes from that is that Interpol actually developed the training modules on the darknet for law enforcement together with Netherland-based research institute TNO, some of you may know that and they jointly delivered the training on the darknet in the last year So we are also in the process of getting the support from the telecommunication industry Actually, BT is one of them, our colleagues next to us, next to me So this is how we develop the public-private partnership based on the mutual trust Well, I just mentioned a few, but actually there are more I'd like to highlight again that much stakeholder approach Actually, solidarity of the good people is now most needed to effectively counter unprecedented challenges caused by criminals in the cyber space The internet cyber space is actually more unsafe than we think So much need to be done now and together And the Interpol is committed to enhance information sharing in law enforcement and private sector through the Global Complex for Innovation in Singapore because that is designed at DNA level to work together with private companies to address cyber crime, thank you Larry Stone, our voice from the private sector Well, thank you very much Good to be here and thanks for joining us We wholeheartedly endorse the report as a company where a telecoms company headquartered in the UK, but we operate in 170 countries and one of our growth businesses is working with companies and others on cyber security that our practice in that area grew 24% in the last year So we think that sort of information is not power People think information is power We think information sharing in this context is power I'll make two points, really, if I may One is to underscore what a growing threat this is We've seen 1,000% increase in attacks on our network in the last 18 months Four years ago at the Olympics we were having malicious attacks at 11,000 per second On the Olympic sites we were running and that will obviously only get bigger for Tokyo 20 for the next Olympics, obviously That spans across a range of things we do Antivirus, parental controls, managed security solutions, ethical hacking We think businesses are starting to take notice but only perhaps some of the bigger businesses We surveyed 100 boards with KPMG recently and I think about 73% of them said they were talking about cyber security quarterly which is good So we need more partnering I think during a time of enhanced interconnectivity There's a lot of issues about connectivity in Africa but it's growing very fast all around the world and also about moving to the fourth industrial revolution internet of things So it's something of a patchwork in terms of collaboration and I endorse what's been said already about how we might move forward on that I would take one recent African example three months ago through hacktivists anonymous operation Africa where there was a tax under an anti-corruption label against a number of governments and we think about 75 or so websites were impacted or taken down There's both a national and a pan-African impact there I think the second thing I just mentioned which I think has been touched on before is around skills Because to address this issue we need a focus on STEM skills we need a focus on tech literacy and digital skills and we need a focus on coding in schools We have about 2,500 people working on the security area in the company and we announced recently we wanted to recruit another 900 around the world but there's a real good competition for resource but not enough resource in the overall pot Thank you Thank you We'd like to hear questions from the floor Do we have any? Yes sir Can we get the microphone here and I think we have another one just after as well Could you say your name and organisation and who your questions addressed here as well I'm called Moses Kahiji and I write for the East African and quotes My question goes to everyone on the panel You've mentioned that there's been mistrust between the private sector and the public sector Why is this happening? Why does the private sector not trust the public sector? I think you've done some researches and you've gone extra miles in understanding this And then the other question is you mentioned three months ago when some governments were attacked and some information was released but the public sometimes finds doesn't trust some of their governments and they believe that by these attacks by this information coming out on the internet, they get to understand what happens behind the closed door They get to understand some of the they believe that their government sometimes still hide away some of the money that they're supposed to enjoy in the economy So is this an issue you've also noticed in your researches? Thank you Thank you So a question there on motivations but also on mistrust between public and private sector I think we also had a question Did we? Okay If we can... I'm Luca Silganga from the Guardian in Tanzania Mine was just a request if we can get the recommendations Okay, we will do that Okay, I think first if we... if we go to John Lee Clay It is a very big question Why the mistrust? As you know trust is something which is very difficult to achieve and which is very easy to lose and I think if you have a look at the recent history especially the affair of Snowden you have to accept that there are a couple of issues which can only lead to mistrust The problem I have personally realized is the fact that between the companies that means mistrust between the companies if you are running a bank and if you have been hacked on the large scale like US banks have been hacked in the latest years it is not necessarily in your interest to share your experiences with other companies and if you don't share your experiences with other companies you don't further the trust between the other companies If you are addressing now the question of mistrust between the companies and the states I think we have to accept that a couple of states are acting and observing their own citizens So it is creating a situation of mistrust and what I realized as well is that for the private sector especially for the citizen it is quite difficult to make the difference between the national security needs which could allow in a certain circumstances could allow an observation and in other circumstances not allow and the needs from the law enforcement law enforcement are acting only to protect the citizens so the law enforcement really have to have the possibility to observe in order to combat the criminals which are in fact using the ICT in order to commit the crime So it is difficult for the citizen to make the difference between the needs of the national security and the law enforcement needs and therefore from my point of view the huge debate around for example the case Apple versus FBI Can we hear from Interpol? Okay thank you so much With regard to the lack of the trust between the public sector law enforcement and the private industry I think we need to step back a little bit and then put it into the perspective In fact the ultimate goal of the law enforcement is to bring criminals into justice The private sector's ultimate goal is to make a profit So actually both the goals are different However the private companies have corporate social responsibility So they understand they need to cooperate with law enforcement So actually there is a certain degree of trust between two sectors However that trust is based on the personal relationship So I know you then I trust you so I share information with you but not somebody else So actually the challenge we have is that that personal trust between the industry or between the government and industry need to be actually institutionalized But this process is very challenging because we are human being and then that's actually the personally trustful relationship is not easy to be institutionalized So how can we better address that issue Actually we need institutional mechanism to pass information at certain point But once again we are now building it from the personal level So actually it takes time but up to certain points we really need to put it into some framework So I think this requires both sides the understanding about each other So I think that's my point And also private companies So it's very concerned about reputation if they are related to the cyber attacks resulting in the leakage of the personal information So that is another concern which we need to take into consideration Thank you And then Mr Stone Yeah, just three things Obviously the focus here is on crime There's obviously a huge hint to land about personal privacy and sometimes the issues can get confused or sometimes overlap And that's very variable in terms of laws per country I think the second thing which I endorse what Mr Nakatani said is that the issue that's following is an institutional framework for effective information sharing which allow people to feel comfortable and credible And part of the background to that is very variable laws and policies in many different parts of the world just in Europe telcos have traditionally had requirements in terms of security platforms and reporting and monitoring and disclosure to their agencies But that's not been the case for the energy industry or for other critical infrastructure like financial services So I think that's one area that Europe is trying to address And perhaps the third thing is to some extent the scale of the issue in terms of its scale So I think the value of these recommendations is to put in place a structure for people to feel comfortable with addressing these things on a global scale Thank you And I think to the minister I understand you also wanted to add some comments on the the value of the recommendations Yes On the aspect of trust I would say that there is a very strong expectation of the private sector in the public sector And this expectation comes from the fact that it's the public sector that defines the laws It's the public sector that regulates the TIC sector It's the public sector that has in principle the strength to follow for example the infractions or the people who are in delights Obviously the public sector is not always used to do the right job And this is perhaps the other aspect that makes the trust between the public sector and the private sector Because the private sector is often much more advanced than the public sector is more competent than the public sector and more user in general than the public sector And then there are the security imperatives in most cases We need to use these networks for the use that we all have and unfortunately this creates the friction with the private sector whether it's the private sector or the companies etc. Now to come back to the recommendations What we have done in Côte d'Ivoire is several levels of recommendations several levels of measures The first level of measures is the legal and regulatory framework So we have taken laws that deal with cybercriminality and laws that impose on the level maybe we should talk about it According to the minister Kone his point of view is that there are huge expectations from the private sector towards the public one and the challenge the public sector is confronted with has to do with the fact that he is the regulator the natural regulator and the challenge has to do with the fact that everything which has to do with internet has to do with the speed and the actual regulation processes are not able anymore to find regulations in accordance with these speed issues and the private sector needs new regulations and I think it is something that the recommendations are furthering the fact that there is a need for a better collaboration private public in order to find new ways of collaborations as substitute if you want in a certain sense to the normal natural regulation processes Thank you We have to finish I will try to say that in English so we have a different level of in our fighting of cybercrime the first level for us is the regulatory frame you have to have good laws most of African countries don't have clear law actual actual laws laws taking into account the speed and the evolution of cybercrimes so this is the first thing to do in Côte d'Ivoire we have such law now and we have also a law fighting against all the law promoting the protection of networks and systems which put commitments on government and on private sector second thing is all the environment you have to create first we have a CI assert like many countries in the world but we have created a platform to fight against cybercrimes a platform which have technicians in digital and which have also specialists in security from the minister of security and then we have created links between this platform and the banks the transfer of money money transmitters we have created this link because all the most of the cybercrimes have the end in these money transmitters so we have now permanent information on what people are doing and when transaction is suspected we try to know about it and we can go to the cybercrime and the last thing I think is to be very rigorous and severe in the punishment of infractions and in this sense in Côte d'Ivoire we have texts today which strongly sanction the act of cybercrime we have 20 we have 20 years of prison we have pensions that go up to 100 million francs which represents a lot of money 100 million francs beyond the prejudice that is suffered by the other and then the last thing I think is important to insist is the sensation many of our countries, many of our games give this activity because they are not sufficiently sensitive enough on the pain they have in case of problems and they are not sufficiently sensitive enough on the risks they take when they give this type of act so our countries need to be sensitive, to form the games and to make sure that there are less and less acts of cybercrime so I'm going to stop there a little while we have two sentences to summarize what the minister said I will request not only intent to develop measures in terms of prevention but also to develop the repression by developing the quartz of the pens but the idea is not only to develop the penal code but also to enhance the awareness of the population of the citizen so it is interesting to see that I will request is developing whole set of measures of preventive nature, representative nature and sensibilization in order to better combat cybercrime thank you thank you