Colonel (retired) Gabriel Mazilu is currently an independent national expert in cyber security, but in the last 7 years (2009-July 2016) he has been acting as Deputy Director for CyberIntelligence Operations of National CYBERINT Center, within Romanian Intelligence Service (SRI).
In his previous position, he has been the national coordinator of identifying, investigating and countering cyber attacks performed by state entities against National Critical Infrastructures (NCIs) and by cyber organized crime targeting infrastructures from financial-banking, national health, energy production and transportation, public administration and e-government.
Having a experience of 21 years in the National Security field, he has been the national coordinator for establishing strategic analysis, assessments and estimations regarding Cyber Threats to Romania’s National Security, that have been disseminated as intelligence reports to the National Decision Makers.
His extensive knowledge regarding cyber threats to national security allow him to perform as Chairman of Cyber Conferences within NATO (2015) and European Intelligence Services (2010, 2012, 2013, 2015), but also as briefer to NATO’s „Cyber Defense Away Day” (2013, 2016) and to more than 30 National Cyber Conferences (e.g. “Cyber Threats” – Bucharest, “Cyber Security Congress” – Sibiu, “Black Sea Defense and Aerospace” – Bucharest).
He also acted as briefer to National Bank of Romania regarding cyber threats and attacks targeting Romanian’s NCIs from financial and banking system.
Missing (more or less) the Romanian Cyber Security market – reasons and solutions
Since the beginning of this decade, when the global community became aware (on July 2010) about cyber attacks that have the capability to compromise and disrupt the national industrial IT infrastructure, states with a developed digital society decided to establish a consistent national cyber security market in order to protect the core of their economy and
governance: the National Critical Infrastructures (NCIs).
So, first of all we should be confident that Romania is a part of the global landscape of cyber threats that can affect a nation, by answering to the next questions:
Q: Is Romania targeted by the same cyber threats as are the other countries from the Alliances that we belong (European Union, NATO)? Is Romania a targeted country by these cyber threats or is just a collateral victim? Are the private entities from Romania aware of their own cyber risk matrix and the profile of their potential cyber aggressors?
A critical element of a strong cyber security strategy is having an effective legal and institutional framework, the right technical capabilities to address cyber attacks and the skilled people at every level to identify, build and staff the defenses and responses.
Q: Does Romania have public and private capabilities to address cyber attacks against NCIs? Is the Public-Private Partnership an effective concept in the Romanian realm?
Q: How close is Romania to have an effective legal framework regarding cyber security? Should Romania use an incentivizing or a sanctioning model to enforce a national cyber security threshold? Should the private sector provide the requirements to establish a national cyber security standard?
Q: Does Romania have a shortage of the highly technically skilled people required to operate and support systems already deployed?
Strongly related to this, in order to assess where Romania is on the path to establish an effective and reliable national cyber security market, we also should answer to the following questions:
Q: Is the Romanian public or private sector capable to provide people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect and mitigate cyber attacks?
Q: Does the private sector should be the driving engine to establish the national cyber security market? Are the domain CERTs the solution to answer more appropriate to the cyber security needs?
Q: How many startups in cyber security domain have been launched in the last few years in Romania? To whom we should be looking more to encourage and support these startups, to public or private sector?
I am confident that this presentation will give each of you the particular answer that you are looking for, and will seed not just the hope, but the inception of a will and synergy for the private sector to establish a robust Romanian cyber security market.