We interviewed Florian Schuetz, from the Swiss Federal Office for Cyber Security and OECD Working Party on Digital Security, on the sidelines of the first Common Good Cyber Workshop in Washington D.C., which brought together 120 key players in the global cybersecurity field. Common Good Cyber is a collaborative effort aimed at building sustainable funding models to support those who secure the Internet for everyone.
You can watch the full interview here.
What was the message to the cyber community?
My message to the cyber community is that the Internet is functioning because a lot of different groups contribute to its functioning, among them NGOs and not for profits, and it’s important to keep them running. It’s important to discuss how we ensure that they can actually contribute towards a free and open Internet.
Why do you think it’s so difficult for orgs to find funding?
I think there are different forces at play. One is that there is not a lot of transparency. Quite often, we don’t see what they do and what’s the threat they protect us against. And secondly, it’s also difficult for them to promote what they do; after all, they are in an environment where they sometimes have to operate silently.
And I think one is that we need to have a better understanding – also with non-cybersecurity people – of what is needed to keep everything running and also enable them to make decisions. Where should priorities go? Where should investments go?
What are your hopes for this gathering and this effort?
We have a very diverse crowd here and I really hope that together we can find solutions to have a balanced investment in the different players in the Internet, especially NGOs, and we can also show better where is an NGO contributing and what is the value? I think one very important step is quantifying value and quantifying what the benefits are for everyone.
I really hope we find some solutions here and some common agreement. How we could actually use that to make everything more transparent.
What’s the risk if we can’t find more funding for these cyber nonprofits?
If we can’t find more funding for the NGOs and nonprofits, one of the risks is that they can’t operate.
I would like to differentiate two broad categories. One is NGOs. They are not for profits that operate infrastructure. If they lack the funding, they can’t operate the infrastructure. There will be a void in a service that will be filled either by a commercial entity or by someone else. And there the question is: Is that a bad thing? How does that influence the set up? Does that lead to censorship? Does that lead to less freedom and that needs to be carefully analyzed? Should we get there? I think it’s better to find upfront solutions to not get there.
The other one is more on the research side, on the policy making side. If we lose funding there, I fear that we do not discuss the big theories, and we will miss opportunities in the future and be in a reactive mode… That’s the biggest risk there.