Our vision for Luxembourg EU leadership in state and enterprise cybersecurity

It is yesterday’s news that top staff of France presidential candidate Emmanuel Macron have been unable to procure IT devices that prevent an unquantified number of criminal actors to continuously read and alter their communications without detection and cover their traces making sufficient attribution impossible; just as it happened to the US  Democratic Party in last elections. There is wide evidence that top enterprises are in no better shape, let alone ordinary citizens, and that such increasing vulnerabilities extend to financial transactions.

There is a clear need of international leadership to establish new standards to protect our democratic institutions, enterprises and citizens! We believe Luxembourg is uniquely placed to lead other nations and leading stakeholder to achieve such feat.

The European Cyber Fund,Luxembourg Future Fund,  LuxTrust, “Security made in Luxembourg” initiative, “Hosted in Luxembourg” label, LuxInnovation, and of U. Lux Interdisciplinary Centre for Security, Reliability and Trust (SNT), seem to converge in the aim of attracting and retain businesses, and promoting economic development, by affirming a World/EU leadership in cybersecurity for communications and transactions, through suitable  legislations, certification/labeling, infrastructure and R&D and startup ecosystem.

Are things really that  bad?! Wikileaks recent revelations, about the widespread availability of CIA hacking tools in the deep Web, has made it clear that large corporate, financial and public institutions are much more exposed to scalable and targeted endpoint attacks by innumerable competitors, criminals, states and stalkers than thought before 2013. What is often unreported – but well known in top board rooms – is the impressively low cost and high scalability of carrying out such attacks. State tools like NSA Turbine and NSA FoxAcid, or their private equivalents like Hacking Team RCS, are capable to automate or semi-automate the exploit and management up to hundreds of thousands of exploited mobile devices. Average annual costs of these debacle are 9.5M$ per enterprise.

Since the last 4 weeks – thanks to the intercession of a former Minister of Defense of Luxembourg – we have been proposing public agencies of the Luxembourg government (e.g. LuxTrust, National Security Authority, GovCert, LuxInnovation, etc.) to join and contribute to a elections for Trustless Computing that we agreed with Univ. Luxembourg SnT, to jointly make such ambition a reality. We received amazing interest and increasing traction from the Luxembourg government, and most recently personally from the Prime Minister.

Through our startup TRUSTLESS.AI, the non-profit from which it spun off, Open Media Cluster, its non-profit global event series Free and Safe in Cyberspace, its emerging non-profit Trustless Computing Consortium and Trustless Computing Certification Body – we are uniquely positioned to play a key role by helping Luxembourg to:

  • (A) attract and retain global enterprises offering on radically unprecedented levels “confidentiality and integrity protection from competitors and hackers” – through public and private IT service offerings, advanced legislation and unique Trustless Computing based labeling – complementing and the current locational advantage of “confidentiality protection of corporate tax planning from other nation states’ tax agencies”. In fact, upcoming EU tax transparency rules, historical US tax reforms, and unpredictable Brexit outcomes, may, in the near future, reduce the latter locational advantage.
  • (B) increase by orders of magnitude its protection against hacking ,such as that of the US Presidential and France presidential elections. The selective public release of such internal party communications merely highlights a widening of the actors capable of a deep persistent subversion of democratic and electoral process, as detailed by Snowden and Wikileaks revelations. Our CivicPod, Trustless Computing Certification Body were proposed as new standard for state secret handling since last April 2016 together with Italian ISCOM and Austrian A-SIT , equivalents of Luxembourg National Security Authority, with the aim of making it available or even mandatory for high levels state officials, party officials, electoral candidates and their staff. In fact, the CivicPod not only provides radically unprecedented levels of security, but also reliably enables the intervention of civil courts if probable cause of illegal activity is ascertained.
  • (C) foster and lead the creation – in the mid-term – of a local ecosystem that leads a few other EU members states – such  as current members of the Consortium, such as Italy ISCOM and Austrian A-SIT & CIO – to create the EU Trustless Computing Cluster, the World 1st ultra-high assurance IT cluster.
  • (D) lead Europe in cybersecurity and its standards (such as SOGIS, eIDAS, and intelligence exchange), for economic growth, political leadership and social impacts.

Join our vision!

Rufo Guerreschi