How is CPLI closing the cybersecurity gap?

Last week, we asked Ramy Houssaini (Chief Cyber & Technology Risk Officer, & Group Privacy Officer, at BNP Paribas) why cyber poverty is a serious concern in 2024 – you can read that article here. 

We’re talking to Ramy again today – to find out what the Cyber Poverty Line Institute (CPLI) is doing to help close the cybersecurity gap. 

Who does cyber poverty affect? 

Cyber poverty has an impact across organisations and communities – affecting individuals, small businesses, local governments, and critical institutions including community hospitals and schools. 

“These organisations often lack the resources and expertise needed to defend against sophisticated cyber threats,” said Ramy, “making them easy targets.” 

Small businesses are targeted by threat groups who know they can’t afford robust cybersecurity measures. Rural community hospitals are vulnerable to ransomware attacks, because they’re less equipped to protect sensitive patient data than larger, better-funded healthcare services. 

“Such breaches can have devastating consequences, not only for the affected institutions, but also for the broader supply chains and communities they support.” 

Creating a global cyber enablement platform

The Cyber Poverty Line Institute (CPLI) has established a global cyber enablement platform which, according to Ramy, “serves as a catalyst for boosting cybersecurity capabilities in these vulnerable sectors.”

Through partnerships with governments, private companies, and international organisations, CPLI “seeks to deliver customised cybersecurity solutions tailored to specific regional and sectoral needs.” 

“For example, the platform may provide training programs for small business owners on cybersecurity best practices or offer low-cost, scalable security solutions to community hospitals. In developing countries, where digital infrastructure is still evolving, CPLI could collaborate with local governments to establish foundational cybersecurity frameworks, ensuring these nations can safely engage in the global digital economy.”

CPLI aims to strengthen cyber governance 

“A key mission of CPLI is to enhance cyber governance on a global scale,” Ramy said. 

Effective governance will enable international collaboration to establish policies, standards, and practices that will boost cybersecurity’s efficacy around the world – and narrow the gap between those who have access to robust security, and those who don’t. 

“CPLI will focus on educating board members and executives in both public and private sectors about the critical importance of cybersecurity, enabling them to understand risks and make informed decisions. For example, the institute might organise workshops for city officials in small municipalities, providing them with the knowledge needed to safeguard their communities from cyber threats.”

By working to elevate governance practices in cybersecurity and include marginalised communities and organisations in educational opportunities and decision-making discussions, “CPLI aims to create a positive feedback loop that promotes continuous improvement and resilience in cybersecurity worldwide.”

And combat the disparities in cyber economics

There’s a disconnect between how much organisations spend on cybersecurity, and how much risk reduction actually comes with that spending. And this problem is highlighted when high-profile attacks hit well-funded organisations. 

It’s increasingly important for organisations to understand the credentials and efficacy of the vendors, tooling, and services they’re investing in, and make sure they’re solving the right problems in an effective way. 

“CPLI will work to ensure that cybersecurity investments are both efficient and effective, particularly in resource-constrained environments,” said Ramy. 

How? 

“This could involve developing metrics to help organisations assess the true impact of their cybersecurity spending or advocating for policies that promote smarter, more targeted investments in cyber defence.” 

At the same time, CPLI will support initiatives that aim to reduce the risks of interconnected supply chains – “by enhancing cybersecurity across entire supply chains. This might include fostering partnerships between large companies and their smaller suppliers to share cybersecurity resources and expertise or developing industry-wide standards for supply chain security.” 

What could the future look like if we close the cybersecurity gap?

“CPLI envisions a future where robust cybersecurity is accessible to all, regardless of geographic location or economic status. In this future, small businesses, local governments, and community organisations will have the tools they need to protect themselves against cyber threats, contributing to a more secure and stable global economy.”

“By addressing the root causes of cyber poverty and promoting a collaborative, inclusive approach to cybersecurity, CPLI aims to prevent isolated vulnerabilities from escalating into widespread crises, ultimately creating a safer digital world for everyone.”

Thanks to Ramy Houssaini at BNP Paribas. There’s still time to register now and attend Black Hat MEA 2024, where you’ll learn directly from the industry’s leading experts.