Philanthropy has a crucial role to play in supporting societies around the world to solve pressing cyber challenges and in ensuring cyberpeace. Stéphane Duguin, CEO, CyberPeace Institute, together with more than 30 cyber leaders, calls on private philanthropy to increase funding for cyber.
It’s a common question: how many people use the Internet regularly? Or more importantly, how many people are at risk of being cyberattacked? As of January 2021, there were 4.66 billion active internet users worldwide (59.5% of the global population), and the global digital population is expected to top 7.5 billion by 2030 – more than 90% of human beings aged six and over.
We see amazing progress in the access to information, efficiency and economic growth, and the opportunities for social interaction, creativity and expression that internet technologies bring. But, given the global diffusion and rapidly changing nature of internet technology, how can we protect the majority of people from the threats and challenges that cybersecurity poses, which in many ways are more exacting even than nuclear security. And they are growing. The global challenge – to ensure that the digital tools that people rely on are trustworthy, that they are not used by malicious actors, and that they are not exploited in any way to cause harm – requires strong cooperation of all parties involved.
A lack of shared commitment to confront threats
Last year, an astonishing US$ 4.2 billion in financial losses was reported to the FBI Internet Crime Complaint Center in the U.S alone. Cyber threats have topped the U.S. intelligence community’s annual assessment for seven years running. Whether it’s hacking companies like Marriott, Target, or the European Medicine Agency, or geo-political efforts to influence democratic elections – every day brings news about cyber threats against human security, equity and dignity.
While governments and corporations are fully occupied extinguishing the latest fire, “one well-resourced and security-conscious community is oddly missing in action: private philanthropy,” state cybersecurity leaders in their open letter to the philanthropic community.
Current philanthropic funding for cybersecurity is close to non-existent, and that’s a concern. The latest data from the Peace and Security Funding Index shows that cyber grants made up less than one percent of the US$ 3.7 billion that Foundations have dedicated to peace and security issues since 2012. This is less than .007 percent of total foundation giving.
A small handful of organizations are investing in promoting peace and security in cyberspace, such as The William and Flora Hewlett Foundation, Craig Newmark Philanthropies, Gula Tech Foundation, The Ford Foundation, Microsoft and Mastercard.
“What we’re concerned by is the lack of other funders who share our passion about confronting conflict in cyberspace and promoting cyberpeace. Where are the internet and technology entrepreneurs who have profited wildly from creating an insecure internet – they’re largely absent,” said Eli Sugarman, former Director of the Cyber Initiative at The William and Flora Hewlett Foundation.
In an earlier era, Eli Sugarman continued, individuals like Andrew Carnegie and John D. Rockefeller dedicated significant funds to help American society adapt to industrialization and to address some of the ensuing societal disruptions from which they had profited handsomely.
The unique position of private philanthropy
Governments are critical players in securing internet technology, and we all rely upon them to keep us safe, but they are predominantly focused on day-to-day cybersecurity imperatives as opposed to long-term strategies. Governments also face a trust deficit – the international community and civil society often raise questions about the neutrality and legitimacy of government funding efforts.
Not surprisingly, most private sector funding is focused on new technologies and products, being motivated by commercial interests and short-term profits, and not by maximizing social benefits, or benefits to the public.
Private philanthropy entities are neutral players with flexible resources which can take long-term strategic approaches. They are not required to operate on a 12-month budgeting cycle like governments or private companies, so they are ideally suited to invest in cybersecurity and cyberpeace.
“The COVID pandemic has shown us the need and importance of flexible funding to be able to react quickly to changing needs such as setting up work programs to address growing domestic violence, that had escalated during the pandemic,” explained Laura Somoggi, Program Director, The Womanity Foundation .
CyberPeace needs philanthropy
The key to unlocking philanthropic funds is in awareness raising of the philanthropic community about cybersecurity – in particular that cybersecurity is not a single vertical component, but is a horizontal layer that cuts across society.
Cybersecurity and the promotion of cyberpeace are relevant issues for all sectors of society: for healthcare, education, environment, industry and trade. It is not a technical or national security issue, but it touches everybody.
There is plenty of room for all kinds of funders – governments, the private sector, impact investors, all with varied perspectives and goals – to come together and examine how cybersecurity interacts with, and affects, their priorities, including economic stability, innovations, personal privacy, civil liberty, the wellbeing of children, seniors, our active military and veterans. Because whatever those priorities are, cybersecurity is an important factor to consider, and the challenges it presents are both vital and vast.
Even taking all this into account, we are still missing one critical piece – private philanthropy – and this is paramount if we are to meet this urgent need for funding.
“Cyberpeace needs philanthropy. Societies around the world are struggling to address pressing cybersecurity issues that have escalated since the COVID-19 pandemic. A peaceful, safe and empowering cyberspace needs long-term but flexible investments,” said Stéphane Duguin, Chief Executive Officer of the CyberPeace Institute. “Governments, the private sector, experts and civil society organizations can’t do it alone. Private philanthropic giving is the missing piece in the action needed to make cybersecurity a public good and to ensure cyberpeace for everyone, everywhere.”
© Copyright: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.