The digital transition goes hand in hand with optimal information system security, explains Rear Admiral Dominique Riban, Director of the Monaco Cyber Security Agency, the authority responsible, since 2016, for protecting the State and operators from a failure that could endanger the Principality’s essential interests.
Does security act as a brake on the digital transition?
No, it doesn’t. Digital transformation projects are there to promote sharing, make it easier to access information and encourage mobility; they offer more transparency for citizens with – why not? – the opening up of public data about the smart city, and create simpler procedures for individuals and companies as a result of data sharing between administrative departments. Not forgetting that these projects should also improve the functioning of the State.
On the other hand, without confidence, digital will lead to reluctance and mistrust on the part of citizens and administrative departments to engage with this transformation.
On this note, one of the missions of the Agency, which is aware of the risks and challenges, particularly with regard to personal data, is to create the necessary security rules to guarantee the integrity, availability and confidentiality of data and automated services.
What is the cost of security in a digital project?
When security is built in at the design phase, the additional cost is estimated in the region of 7% to 15%. Security is a cost, but it is a very small one compared with the price of becoming a victim of a computer attack. The cost of direct damage can be enormous: man-days for engineers to conduct repairs, the equipment that must be bought, indirect damage (loss of reputation for the victim organisation), impact on the value of the business (the British operator Talk Talk, which was the victim of a cyber attack in 2015 when the details of 4 million clients were stolen, lost 23% of its stock market value in five days – Ed.) and administrative penalties (particularly following the entry into force in Europe of the General Data Protection Regulation, where financial sanctions can rise up to 4% of the global annual turnover of a company or EUR 20 million, whichever is the greater, in the event of a failure to comply with the regulation – Ed.).
Is electronic signature part of the digital transformation and associated security?
Of course. It contributes to making digital transactions more secure and giving digital documents probative value. The Agency has therefore published around ten regulations in the form of ministerial decrees, enabling the implementation in the Principality of an electronic signature which is compatible with the one planned in Europe under the eIDAS regulation (regulation primarily concerning public sector bodies and trusted service providers within the European Union that introduces a framework for electronic identification in order to facilitate the emergence of a single digital market – Ed.).
Originally published at Monaco Economic Board