Remaining focused on the exposition rather than the exposure

Expo 2020 is now just two years away from being hosted in Dubai, under the main banner of “Connecting Minds, Creating the Future”, and with sub-themes around Sustainability, Mobility and Opportunity. These are highly relevant and emotive topics of discussion and exchange, and early indications are that the Middle East debut of this high-profile international trade show will be a rousing success.

Investment in infrastructure and facilities in preparation for a successful expo continue to be well-documented – from the growth in hotel rooms and extension of public transport networks, to the site itself being prepared to comfortably absorb the anticipated 25 million plus visits.

What does not receive as many headlines, however, is the essential work that needs to be carried out behind the scenes to safeguard digital systems and information. Expo 2020 is set to be the highest tech installment in the history of the event, and with the expanding threat surface of interconnectivity comes the corresponding exposure to digital threats. As such, the highest level of cyber security resilience needs to be embedded across activities at Expo 2020 and beyond, seamlessly plugging into the operation of existing critical infrastructure in Dubai and across the UAE.

The understanding of cyber security resilience has been improving in recent years as technological advancement and global interconnectivity becomes standard. There is a far better appreciation that a comprise of a single terminal or device may result in catastrophic failure across the entire networked environment, and hence systems need to be built with planning, detection, protection, and recovery of digital information in mind.

The notion within cyber security that system protection means the ability to repel every attack is no longer the case. There are far too many threat actors and sophisticated attack methods to assume complete defence against every threat every time. Instead, resilience refers to the ability of digital systems to be able to detect, respond, and recover from an incident in a timely fashion while suffering the least amount of disruption to operations as possible. 

Dubai clearly appears to be up to the challenge of confronting cyber threats head-on given its proactive and demonstrable approach to the problem through leveraging cutting-edge technology such as artificial intelligence, big data and analytics, and machine-learning capabilities. There are not many countries around the world that have a ministry, let alone a department, dedicated to the advancement of artificial intelligence, for example. The UAE is one such nation, and it is gaining excellent experience and expertise in this important area, placing it at the forefront of the fight against cyber crime.

To be effective, cyber securing Expo 2020 needs to be integrated with the directive on a national level, falling seamlessly in line with the effort to secure critical infrastructure in Dubai and across the UAE. End-to-end cyber resilience needs to be the goal, allowing systems to work unfettered, and is the final frontier in the implementation of successful and sustainable cyber security resilience – the presence of effective monitoring and control without its existence impeding the underlying operations. Cyber resilience should be omnipresent without being obtrusive.

The well-peddled word ‘expo’ is short for exposition, meaning “a large public exhibition of art or trade goods”. In a different context, ‘expo’ might be short for the word exposure as it relates to digital information and assets. Cyber resilience is critical to ensuring the first definition of ‘expo’ is the only one associated with the massive event that commences in October 2020, when the doors of Dubai are swung open to welcome representatives from over 130 countries.