SAETI: State-Actor Empowered Threat Intelligence… A Good or a Bad thing?
State-Actor Empowered Threat Intelligence (SAETI) represents a potent blend of government resources and cybersecurity expertise aimed at identifying, assessing, and mitigating threats in cyberspace. On the positive side, SAETI can significantly enhance national security by providing comprehensive insights into potential cyberthreats from hostile states, criminal organizations, and terrorist groups. Governments can leverage their vast resources, including advanced technologies and intelligence networks, to gather and analyze data more effectively than private entities can. This level of threat intelligence can lead to more robust defense mechanisms, better-prepared responses to cyber incidents, and a more secure digital infrastructure for both public and private sectors.
But the empowerment of state actors in threat intelligence also raises several concerns. One major issue is the potential for abuse of power and overreach. State actors with extensive surveillance capabilities might infringe on citizens’s privacy and civil liberties under the guise of national security. The “centralized” control over threat intelligence might lead to a lack of transparency and accountability, making it difficult to ensure that such powers are not misused. There is a risk that the focus on national security could lead to the suppression of dissent and the targeting of political opponents, thereby undermining democratic values. And it can also cause private organizations to lose visibility as they will lose telemetry possibilities, such as with the EU regulated “electronic IDentification, Authentication and trust Services”, or short: eIDAS.
A significant drawback is the international implications of SAETI. When state actors engage in cyberoperations, it can escalate tensions between nations and contribute to an ongoing cyberarms race. Countries might feel compelled to enhance their own cybercapabilities in response, leading to an environment of mutual distrust and increased cyberconflict. This can also complicate diplomatic relations and international cooperation on cybersecurity issues; Instead of fostering a collaborative approach to securing cyberspace, the involvement of state actors may lead to a fragmented and adversarial global landscape. Information professionals in the public sector have the Code of Ethics, established by the International Federation for Information Processing (IFIP) in 2020. Almost all affiliated organizations for information professionals endorse this code as a basis and guideline for methods, best practices, standards, and frameworks. The question is whether state-affiliated actors can and will use a code similar to the one that provides confidence in the private sector. Join us while we take a tour having a look at all the good and bad things of SAETI, where of course a flashback to ancient and historical intelligence services is not forgotten, as we always must learn from past mistakes, right?
Righard Zwienenberg – ESET
Zwienenberg began his work with computer viruses in 1988 after encountering his first virus issues at the Technical University of Delft. This experience sparked his interest in virus behavior, leading him to study and present solutions and detection methods ever since. Over nearly four decades, he has worked for various companies, including CSE Ltd., ThunderBYTE, Norman, and ESET. He has also held or continues to hold positions in several industry organizations, such as AMTSO, AVAR, the WildList, IEEE ICSG, and serves on the Advisory Board for Europol’s European Cyber Crime Center (EC3) and Virus Bulletin. He also runs his on computer security consultancy company (RIZSC).
Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences, including Virus Bulletin, EICAR, AVAR, FIRST, APWG, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, government symposia, SCADA seminars, and other general security events. Beyond his professional work in security, his hobbies include playing drums, performing magic, modeling balloons, restoring ancient computers, and much more.
Eddy Willems – WAVCi
Eddy Willems is a worldwide known cyber security expert from Belgium. He is a board member of 3 security industry organizations, EICAR, AVAR and LSEC, and is independent Security Evangelist at WAVCi, his own company. Since 1989, he is Belgian’s internationally most quoted cyber security expert. He became a founding member of EICAR in 1991, one of the world’s first security IT organizations. Eddy has been working for over 3 decades as cyber security expert for several security companies like G DATA, Kaspersky and Westcon. He is also COO of CSA (Clean Software Alliance) since 2024. In 2013 he published his first book ‘Cyberdanger’ in English, German and Dutch. He is also co-author of the recent Dutch SF cyberthriller ‘Het Virus’ (English version coming soon). Eddy is a known inspiring speaker and is giving lectures and presentations (including TEDx) worldwide for a very diverse audience from children to experts.