CDA Remarks at Fortinet Security Day Event
Thursday, October 5, 2023,
Good morning. I am delighted to be here today at the beginning of Cybersecurity Awareness Month to recognize the critical work of U.S. companies like Fortinet. I want to thank Mr. Yacine Djemaiel, the Director General of Tunisia’s cybersecurity agency, and other Tunisian business leaders and stakeholders for making it a priority to join us today. I would also like to express appreciation to Fortinet Vice President Perry Hutton and the entire Fortinet team for inviting me to speak and for holding this important event.
Cybersecurity has become indispensable as our networked world has expanded. From denial-of-service attacks and data breaches to ransomware and hacks of critical infrastructure, the frequency and range of online threats have increased significantly. I’m sure we all know someone who has suffered online fraud or been locked out of an account. Many of us have been victims ourselves. And many countries, including the United States, have endured cyberattacks. Such events are far too common and impose financial and human costs. They disrupt economic activity, social services, and livelihoods. They harm national security, undermine business competitiveness, and put personal data at risk.
In a way, today’s cyber threats are the result of our success connecting the world online. Today, we can transact complex business deals across time zones with a click of a button. Today, individuals with shared interests can form communities across national borders and exchange views in blogs and chatrooms. During the COVID-19 pandemic, many of us learned that, to some extent, we can move our classrooms, our workplaces, and even our family gatherings online.
Networked technologies have delivered incredible benefits to our shared human knowledge and potential. The years ahead hold even greater promise, as artificial intelligence and the Internet of Things become realities and offer us innovative new tools to generate growth, employment, and social dynamism. At the same time, the wealth of online data and new vectors for attack create opportunities for criminals, hostile governments, and other bad actors. And with network links and capabilities increasing, it is easier than ever for them to evade detection.
This is what makes cybersecurity so important: we have so much more at stake now. A vital part of all our lives has been uploaded to this global network: our projects, our finances, our identities – even our hopes and dreams. In the end, cybersecurity is really self-defense. But because we are connected, we are vulnerable wherever there are weak points in the system.
How can we tackle this challenge effectively? Part of the responsibility lies with individual users. We can encrypt our data and use strong passwords and multi-factor authentication. We can run anti-virus software and download the latest security updates for our devices. And we can be aware of common tactics that attackers use over email and online to try to compromise our networks. Just as many of us lock our doors at night to protect our families and belongings, we must all be vigilant now in our online behaviors.
But individuals cannot do this alone. Companies, institutions, and governments also play an important role in deploying reliable cybersecurity tools on their networks and raising awareness about best practices. They can educate their employees and citizens about emerging risks. They can also develop response plans to react quickly when there are cyberattacks or data breaches. And they can invest in and procure secure equipment and software only from reputable companies we can trust.
There can be no cybersecurity without trust in our networks. And this is where governments and companies have the greatest responsibility. As individuals, we can bar the doors and lock our windows. But flawed or compromised equipment and software from untrusted companies simply gives bad actors the keys to the front door. And the costs to all of us are enormous.
Without trust, the most talented members of our societies become reluctant to share ideas and data. They rely on vulnerable networks only when they must, stifling innovation and artistic expression. Without trust, aspiring entrepreneurs keep their project ideas to themselves. Foreign investors look to establish their business presence elsewhere, where they can be confident their intellectual property will be safe. Without trust, governments can never be sure that bad actors cannot access national security data, sabotage their critical infrastructure, or infringe their sovereignty. And without trust, our data, our savings, and our lives can be held hostage to bad actors who steal and wreak havoc with impunity.
Tunisia is well positioned to reap the rewards of a digitized economy. It has a dynamic society with a motivated, highly educated youth population. When I speak with Tunisian students and youth entrepreneurs, I am consistently inspired by their creativity and drive to realize their different visions. But true innovation requires confidence in our networks. And Tunisia will find it difficult to foster a supportive innovation ecosystem unless it partners with trusted companies.
That’s why I’m excited to see U.S. companies like Fortinet active in Tunisia and eager to help its clients achieve their goals. U.S. companies that are focused on cybersecurity are unparalleled in defending against, and forensically identifying the bad actors behind, cyberattacks, ransomware, and attempts to expropriate intellectual property and sensitive data. Fortinet and others are global leaders in offering cutting-edge solutions to safeguard our data while driving innovation.
What I find especially impressive about Fortinet is its commitment to educate the next generation of global talent and offer free online courses to help ambitious future engineers obtain professional cybersecurity certifications.
Companies like Fortinet can help Tunisia become a trusted regional innovation hub. The United States hopes to partner in this effort too. Our Embassy is proud to have supported Tunisia’s entrepreneurs for the second year in sending large delegations to attend the renowned Consumer Electronics Show – or CES – in January, and the SelectUSA Investment Summit in May. We have worked with the Ministry of Communication Technologies to set up a Cybersecurity Center of Excellence to focus attention and resources on this society-wide challenge.
And for more than a decade, the United States has worked with partners globally to help secure connected technologies, combat cybercrime, and implement the UN-affirmed Framework of Responsible State Behavior in Cyberspace. We have offered capacity building programs, promoted rights-respecting best practices online, and helped partners develop and implement national cyber strategies and effective, whole-of-government approaches to cyberspace policies.
Every country has a choice to make in developing its digital ecosystem. Reliable cybersecurity does often require extra investment. But the costs of a ruinous cyberattack are much greater. Cutting corners only exposes everyone to more risk. Government agencies and companies know this. And customers and citizens know this too. I hope today’s Security Day event will be an opportunity for thoughtful discussions and valuable insights. Thank you again.