Digital Sovereignty Goes Hand-in-Hand with Security
2021-09-07 Oliver Winzenried
Digital sovereignty – it’s not a new term, but one that is becoming more and more prominent in the daily news cycle. Digital sovereignty refers to the ability to have control over your own digital destiny – the data, hardware, and software that you create and rely on. The quest for digital sovereignty is a goal shared by companies, public authority stakeholders, and, more recently, Internet users, citizens, and consumers. From a nationalistic perspective, digital sovereignty refers to a country’s ability to act independently in the digital world when necessary.
However, the notion is complicated by the fact that the digitization of society is without borders, and no country, let alone a single company, can be an island and separate itself from the dynamic events of today’s connected world economy. For example, when the global economy shut down during the pandemic, vulnerabilities in production strategies and international supply chains were exposed. Temporary trade restrictions and work stoppages created shortfalls in pharmaceuticals, critical medical supplies, and many other products.
At the same time, ransomware attacks are growing into a highly successful and profitable industry. In a recent incident, a supply chain ransomware attack on the information technology company, Kaseya, infected more than 1,500 different organizations on 5 continents. This particular hack used managed-service providers to spread its disruption indiscriminately through a huge network of smaller companies around the world.
The challenge for digital sovereignty proponents is clear: There can be no digital sovereignty without security, but that security cannot be addressed only in terms of building singular data silos or patching vulnerabilities. Instead, it must be an evolving, open, and multi-disciplinary effort. It requires the commitment to keep pace with ongoing developments globally to be sovereign and secure at the same time.
Wibu-Systems, pioneers in software protection, licensing, and security, has long understood the necessity for digital sovereignty and security to run in parallel. On one hand, regional and national resources and expertise need to be strengthened to be able to enforce one’s own standards. On the other hand, mutually beneficial collaborations with other global stakeholders are required to address the associated security risks. It can be a difficult task, as security in and unto itself is not a finished product that you can build and then take to market. Instead, it is a process: An evolving technological solution to evolving technological threats. It can never rest and requires constant attention and maintenance. In any case, for IT security to be a genuine part of digital sovereignty, it must remain an open and collaborative community effort.
Out with the old and in with the new: The digital industrial revolution (a.k.a Industry 4.0) is ushering in an age of new forms of manufacturing-as-a-service with smart, connected, and agile production processes. Hence, it also brings with it vulnerabilities to new threats and new attack vectors.
Wibu-Systems has long played a leading role in powering the rise of the industrial IoT and connected industry and has been supplying the world with both industry-grade versions of its protection hardware CmDongles, with formats ranging from classic USB dongles to integrated ASICs, as well as a dedicated version of its CodeMeter solution for the embedded systems that make up the backbone of the industrial and non-industrial IoT. Wibu-Systems is also contributing substantially to new standards and concepts for a secure connected world, including pioneering work on new ideas of trustworthiness and chains of trust in digital enterprises. Many of these projects enjoy financial support from EU or German federal sponsors and are pursued with high-profile research institutions like the Fraunhofer Society: A clear sign that politics, academia, and industry have grasped the importance of home-grown digital and security expertise for digital sovereignty on a national, EU-wide, and even global level.
If you found this post interesting, I invite you to read the complete article in the most recent issue of the Vault magazine, a publication of Silicon Trust, the organization bringing together the companies who have powered secure identification for over twenty years as a key partner platform for international companies aiming at promoting the use of hardware-based security in a broad variety of applications.
Co-founder and CEO
Oliver Winzenried began his entrepreneurial career immediately after completing his electrical engineering degree and, in 1989, he founded Wibu-Systems together with Marcellus Buchheit. His passion for software protection has resulted in a wide range of patents covering areas from secure license management and anti-tampering solutions to dongle feature innovations. He is also a director of the VDMA regional association in the state of Baden-Wuerttemberg, Germany, and serves on the board of directors of the Medical Technology working group of VDMA, the board of directors of bitkom, and the managing board of FZI.