State of the world with Sandra Barouta Elvin

From left in the picture: Linda Nieminen, Sandra Barouta Elvin, Margarita Sallinen

As the world undergoes geopolitical and economic changes, cybersecurity is greatly affected. Margarita Sallinen and Linda Nieminen, cybersecurity specialists at Omegapoint, invited Sandra Barouta Elvin, National Security Manager and Chief Security Officer at Microsoft, to discuss the tumultuous state of the world and its impact on cybersecurity.

Sandra describes how cyber threats evolve with global changes and geopolitical tensions. During stable and peaceful periods, risks are generally lower, but when societies experience insecurity and conflict, we see a clear increase in cyber threats from both criminal actors and state-sponsored cyber attacks.

Cybersecurity in turbulent times 

Sandra reflects on how global developments in recent years have contributed to a negative trend where cyber threats have increased. Historically, when conflicts flare up in the analog world, intelligence agents are sent to gather information and infiltrate adversaries. In today's digital era, we see the same phenomenon in the cyber domain, where state actors conduct sophisticated cyber attacks to gather intelligence and influence other nations. 

In addition to politically motivated cyberattacks, traditional cybercriminals are also taking advantage of the unstable environment to carry out fraud and attacks against businesses and individuals. In times of uncertainty, it becomes easier for these actors to conceal their activities and manipulate information, leading to an increased risk of breaches and financial losses. 

The new US administration and cybersecurity 

With a new administration in the United States, the cybersecurity landscape has changed, and some priorities have shifted. The US administration has issued new directives to US cybersecurity authorities, changing the focus and downplaying Russia as a leading cyber threat actor. Previously, Iran, China and Russia were the top three declared threats, but now Russia is no longer mentioned to the same extent. 

This raises questions about the strategy behind the decision and its implications for global cybersecurity. We do not know whether this is due to a possible agreement between the United States and Russia or whether there are other reasons behind it. For Europe, this is particularly relevant as Russian cyber activities are largely directed against European targets. 

How are Sweden and Europe affected? 

The consequences for Sweden and Europe may vary depending on how the global situation develops. We discussed this with Sandra and came to the conclusion that it is difficult to say exactly, but you can envision different scenarios. In the best case scenario, the US and Russia have agreed on a ceasefire, which could contribute to stability. In the worst case scenario, no ceasefire has been agreed, only that the US is not a target. This could mean that Russia reallocates its cyber resources from the US to Europe, which could lead to an increase in the threat level here. Another important aspect is that the US, or more specifically the FBI, has long played a central role in prosecuting cyber criminals and disrupting malicious infrastructure, both from criminal networks and state actors. If this work slows down, it risks weakening the global fight against cybercrime. 

How well equipped is Sweden? 

"We are better equipped than many people think, but we still have a lot to do," says Sandra. She points out that both individuals and businesses have become more aware of cybersecurity and have become better at protecting themselves. Today, more people use two-factor authentication and other security measures. Technology also helps us understand when our passwords might be compromised. 

For businesses, the high-profile cyberattacks of recent years have contributed to an increased willingness to invest in security solutions. "We see that businesses are increasingly taking cybersecurity seriously, both because of actual incidents and the new legal requirements that have been introduced," says Sandra. 

At the same time, we noted that further collaboration between the state, public authorities and private actors is needed to improve cybersecurity. We have upcoming new legislation, the NIS2 (Cybersecurity Act), which places higher demands on society-critical activities. But cybersecurity is a shared responsibility - it is not only the state and companies that have a responsibility - we as individuals must also be aware of security threats and take the right measures to protect ourselves and our workplaces. 

Increased regulation and shared responsibilities are important steps towards a safer digital environment - but to understand how best to protect ourselves, we also need to know what threats we face. Cyberattacks are becoming increasingly sophisticated, but what do they really look like today? What trends dominate? What do methods like password spraying mean? And could Sweden become a pawn in the cyber warfare of the major powers - or are we already? Stay tuned for our next article where we dive into these questions!

The interview is based on a podcast recording made by Cyber Chats & Chill, which is an initiative of the Voluntary Radio Organization (FRO) to strengthen Sweden's cyber security. You can listen to the full episode HERE.