Powerful collaboration. Cutting edge science and curious minds coming together for a glimpse of the future.

Powerful collaboration. Cutting edge science and curious minds coming together for a glimpse of the future.

Stay tuned as we look at the latest updates on some of the most promising technology projects.

Stay tuned as we look at the latest updates on some of the most promising technology projects.

Hello and welcome. I'm your host Peter Balint from Technikon last time in the Sparta podcast series, we focused on the need for increased efforts in the development of cyber security strategies and methods in the EU. Our guest was Sparta coordinator, Florent Kirchner who aptly introduced the Sparta project. And today we continue our conversation with Florent as he talks about some of the impacts of Sparta and the average EU citizen and how Sparta can influence cyber security in the EU and even in the world. But first let's talk about hacking for a moment. During the Sparta kickoff meeting in February of 2019, we had the opportunity to speak with Marine Magnant . She was representing the Sparta partner, Yes We Hack. Now usually hacking is a taboo activity with really negative connotations but try to look at it from another angle. Who best can tell you about your cyber vulnerabilities. That's right, A hacker. Better yet a white hacker or ethical hacker or simply hunters. These are the good guys who search for security holes in your system and report back so that you can fix them. It's a cool concept that is often referred to as a bug bounty platform. And this is exactly what Yes We Hack does. With over 7000 registered hunters, you can begin to see how Sparta will benefit from their presence in the project. Let's learn more from Marine.

Hello and welcome. I'm your host Peter Balint from Technikon last time in the Sparta podcast series, we focused on the need for increased efforts in the development of cyber security strategies and methods in the EU. Our guest was Sparta coordinator, Florent Kirchner who aptly introduced the Sparta project. And today we continue our conversation with Florent as he talks about some of the impacts of Sparta and the average EU citizen and how Sparta can influence cyber security in the EU and even in the world. But first let's talk about hacking for a moment. During the Sparta kickoff meeting in February of 2019, we had the opportunity to speak with Marine Magnant . She was representing the Sparta partner, Yes We Hack. Now usually hacking is a taboo activity with really negative connotations but try to look at it from another angle. Who best can tell you about your cyber vulnerabilities. That's right, A hacker. Better yet a white hacker or ethical hacker or simply hunters. These are the good guys who search for security holes in your system and report back so that you can fix them. It's a cool concept that is often referred to as a bug bounty platform. And this is exactly what Yes We Hack does. With over 7000 registered hunters, you can begin to see how Sparta will benefit from their presence in the project. Let's learn more from Marine.

Welcome to the studio.

Welcome to the studio.

Thank you.

Thank you.

Let's jump right in and tell us about. Yes we hack.

Let's jump right in and tell us about. Yes we hack.

OK so the company is yes we hack is a French company and is a bug bounty platform. So it means that we have a community of 7000 ethical hackers who are working for us around the world.

OK so the company is yes we hack is a French company and is a bug bounty platform. So it means that we have a community of 7000 ethical hackers who are working for us around the world.

And so our community are going to hack our client. Our clients define a parameter that they want to secure or to check if it's secure or not, and so our ethical hacker is going to try to get into their infrastructure into their web site et cetera.

And so our community are going to hack our client. Our clients define a parameter that they want to secure or to check if it's secure or not, and so our ethical hacker is going to try to get into their infrastructure into their web site et cetera.

OK so this is interesting. Yes We Hack is part of the Sparta project, but what you do is you're a company that offers perhaps consulting solutions to other enterprise organizations that might be at risk for being hacked right.

OK so this is interesting. Yes We Hack is part of the Sparta project, but what you do is you're a company that offers perhaps consulting solutions to other enterprise organizations that might be at risk for being hacked right.

Yes. Is not consulting is a scan of their vulnerabilities .

Yes. Is not consulting is a scan of their vulnerabilities .

OK.

OK.

And is kind of a new way of cyber security because we are more efficient more... we have 7000 ethical hackers working for us.

And is kind of a new way of cyber security because we are more efficient more... we have 7000 ethical hackers working for us.

So...

So...

You have 7000 hackers they work for you. You give them a company's name and some information and you say try to hack this. Right. And then what happens?

You have 7000 hackers they work for you. You give them a company's name and some information and you say try to hack this. Right. And then what happens?

So the ethical hackers if they find a vulnerability they're going to report their vulnerability to the client and if the clients think that this is a good vulnerability, they are going to pay the hacker...the hunters .

So the ethical hackers if they find a vulnerability they're going to report their vulnerability to the client and if the clients think that this is a good vulnerability, they are going to pay the hacker...the hunters .

Then, what does your company get from this?

Then, what does your company get from this?

A percentage or...?.

A percentage or...?.

Yeah, We have a percentage.

Yeah, We have a percentage.

OK. So has it ever happened that 7000 hackers tried to find a vulnerability and they couldn't?

OK. So has it ever happened that 7000 hackers tried to find a vulnerability and they couldn't?

No. I don't think so...

No. I don't think so...

They always find something right?. Yeah yeah that's the way it seems.

They always find something right?. Yeah yeah that's the way it seems.

And we have two different types of programs I would say. So we have our client for example OVH or Orange or Daily Motion they have a public program means that the all our community can try to find the vulnerability but we also have a private program it's where it's just a selection of some hunters. For example we just got in January we're going to start in February end of Febrary a program with the Army French minister with a, um private program.

And we have two different types of programs I would say. So we have our client for example OVH or Orange or Daily Motion they have a public program means that the all our community can try to find the vulnerability but we also have a private program it's where it's just a selection of some hunters. For example we just got in January we're going to start in February end of Febrary a program with the Army French minister with a, um private program.

Okay. So with regards to you and this Sparta project, yes. How does what services will you be offering to the people working in Sparta?

Okay. So with regards to you and this Sparta project, yes. How does what services will you be offering to the people working in Sparta?

So, we are going to connect our community of ethical hackers to the Sparta projects cybersecurity community and I think it is important for us to be in this Sparta project and for Sparta to have us in the project.

So, we are going to connect our community of ethical hackers to the Sparta projects cybersecurity community and I think it is important for us to be in this Sparta project and for Sparta to have us in the project.

Is it safe to say that you can use all of your 7000 hackers to sort of help with this project?

Is it safe to say that you can use all of your 7000 hackers to sort of help with this project?

Maybe not all but yeah...

Maybe not all but yeah...

But some, I mean these are real world...

But some, I mean these are real world...

Yeah. And we will try on some some having some meeting of the Sparta project to bring some of our ethical... hunters hackers come in in some some having to meet all the people from the Sparta project. And because we are the first European bug bounty platform think it would be very interesting.

Yeah. And we will try on some some having some meeting of the Sparta project to bring some of our ethical... hunters hackers come in in some some having to meet all the people from the Sparta project. And because we are the first European bug bounty platform think it would be very interesting.

So what's your impressions of the meeting so far? This is the kickoff meeting for Sparta. It seems like there's a lot to do right, there's a lot of work. Yeah. And maybe things aren't so clearly defined right now. This sort of needs some some help but is it kind of clear what you'll be doing yet or is it still sort of ...

So what's your impressions of the meeting so far? This is the kickoff meeting for Sparta. It seems like there's a lot to do right, there's a lot of work. Yeah. And maybe things aren't so clearly defined right now. This sort of needs some some help but is it kind of clear what you'll be doing yet or is it still sort of ...

For us I think it's quite clear, just bring our community to the Sparta project and try to...

For us I think it's quite clear, just bring our community to the Sparta project and try to...

I think you said it before your goal is to bring this hacking community together with this research community or the academic part of this business so to speak and then put them together and integrate and see what comes out.

I think you said it before your goal is to bring this hacking community together with this research community or the academic part of this business so to speak and then put them together and integrate and see what comes out.

Yeah. And I think that is really interesting and the collective intelligence is the fact to bring, yeah.

Yeah. And I think that is really interesting and the collective intelligence is the fact to bring, yeah.

How long has this company been in existence?

How long has this company been in existence?

2013, so five years and actually next week we've got a big fundraising so we're gonna develop the company in Europe and in Asia.

2013, so five years and actually next week we've got a big fundraising so we're gonna develop the company in Europe and in Asia.

Your network of hackers, where are they? All over the world?

Your network of hackers, where are they? All over the world?

all around... yeah around the world.

all around... yeah around the world.

Okay well thank you so much for joining us today and I wish you success in your future endeavors and we'll check in from time to time to see what's happening.

Okay well thank you so much for joining us today and I wish you success in your future endeavors and we'll check in from time to time to see what's happening.

Thank you.

Thank you.

Now it's time to take a look at the bigger picture. What is the Sparta project and how is it poised to change the way cybersecurity research is done in Europe?

Now it's time to take a look at the bigger picture. What is the Sparta project and how is it poised to change the way cybersecurity research is done in Europe?

For these answers we again turn to Sparta coordinator Florent Kirchner

For these answers we again turn to Sparta coordinator Florent Kirchner

And what would you tell the average European citizen who says, "My computer is secure. I have never been hacked... I have never had any kind of experience like this. I feel pretty safe already."

And what would you tell the average European citizen who says, "My computer is secure. I have never been hacked... I have never had any kind of experience like this. I feel pretty safe already."

Yeah. I'm not quite sure that's the average European citizens viewpoint on cybersecurity. I think I would I would reformulate the question perhaps to try and be a bit risky and reformulate and say how about the average European citizen who says I don't care about cybersecurity.

Yeah. I'm not quite sure that's the average European citizens viewpoint on cybersecurity. I think I would I would reformulate the question perhaps to try and be a bit risky and reformulate and say how about the average European citizen who says I don't care about cybersecurity.

The problem is the paycheck at the end of the month. The problem is making sure that my kid goes to school. The problem is the communities that we try to live in try not to dissolve them in futile arguments. That's that's I think that's a better that's a more probable question -at least one I get more often when people say when people understand cybersecurity a bit, if only a bit they know that they're exposed and there is no that there is no easy solution. People have been have got their credit cards stolen quite a bit now. People have had their accounts hacked on Facebook or on Lincoln quite a bit now so they know that there is a problem with that. The real issue is people saying well OK- we cannot do anything about this. And it's going to fade in the background. It's not even it's not even on the top of our priorities to fix this. And it's a very valid point. It's something that we need to to to understand to hear to and to to respond to by saying that we do understand that cybersecurity might seem like a secondary topic. But today cybersecurity is imp... the way that digital systems and their security are impacting our lives is very pervasive. There's a lot of impact in our lives. Our jobs are impacted by digital systems and cybersecurity in particular of those systems. So getting getting jobs secured is reliant on being able to establish cyber security. Getting commerce in Europe working correctly generating wealth for everyone is an issue that that is reliant on the cybersecurity of of the of that commerce. Getting elections to function correctly is an issue that also requires examining cybersecurity aspects. So in many ways the I understand the feeling that cyber security might not feel like it's a first class citizen first world problem. But but it is in fact it is and it is something that through the life of Sparta we will try and contribute to the awareness of. We'll try to help people understand that if their systems are not secured if their computers are not secured a lot of things that they expect from from daily life actually fall apart in a significant way. I think I like the the quote from from Mr Juncker who told that today cyber threats are probably more problematic than tanks and guns for the security of the European Union and that's a very powerful statement and I believe not done in vain

The problem is the paycheck at the end of the month. The problem is making sure that my kid goes to school. The problem is the communities that we try to live in try not to dissolve them in futile arguments. That's that's I think that's a better that's a more probable question -at least one I get more often when people say when people understand cybersecurity a bit, if only a bit they know that they're exposed and there is no that there is no easy solution. People have been have got their credit cards stolen quite a bit now. People have had their accounts hacked on Facebook or on Lincoln quite a bit now so they know that there is a problem with that. The real issue is people saying well OK- we cannot do anything about this. And it's going to fade in the background. It's not even it's not even on the top of our priorities to fix this. And it's a very valid point. It's something that we need to to to understand to hear to and to to respond to by saying that we do understand that cybersecurity might seem like a secondary topic. But today cybersecurity is imp... the way that digital systems and their security are impacting our lives is very pervasive. There's a lot of impact in our lives. Our jobs are impacted by digital systems and cybersecurity in particular of those systems. So getting getting jobs secured is reliant on being able to establish cyber security. Getting commerce in Europe working correctly generating wealth for everyone is an issue that that is reliant on the cybersecurity of of the of that commerce. Getting elections to function correctly is an issue that also requires examining cybersecurity aspects. So in many ways the I understand the feeling that cyber security might not feel like it's a first class citizen first world problem. But but it is in fact it is and it is something that through the life of Sparta we will try and contribute to the awareness of. We'll try to help people understand that if their systems are not secured if their computers are not secured a lot of things that they expect from from daily life actually fall apart in a significant way. I think I like the the quote from from Mr Juncker who told that today cyber threats are probably more problematic than tanks and guns for the security of the European Union and that's a very powerful statement and I believe not done in vain

OK. So Sparta started, Sparta will end, what do you hope sticks when Sparta is done? So this is after 36 months.

OK. So Sparta started, Sparta will end, what do you hope sticks when Sparta is done? So this is after 36 months.

Yeah. we what we're... we're here in the long run. We're here for to try to prepare the next generation of cybersecurity research in Europe. And what we hope sticks is four things. The first one is a set of principles. The general philosophy of Sparta. The general idea that you're stronger together that you should be able to take risks when you try to to to handle complex problems. Those general principles that I think hopefully will stick after the end of the project. The second aspect is we're trying to identify what we call a roadmap; that's interesting topics that that we need to and that we (the European Union, the people, the scientists, the engineers, the citizen) topics that we need to investigate together in the near future to better secure our digital systems. And if if this list of topic if this so-called roadmap can live. beyond Sparta, I think it would be a good sign of success that we've identified interesting topics in areas where we think of us as Europeans can make a difference. The third thing I am hoping will survive is all of the scientific and technical work we will do in Sparta because we will investigate four different programs and Sparta four different technical areas working on ways to better supervise your your digital systems better understand how they're being used. That's that's one, the second program will be around how do you trust your your your digital systems and what kind of evaluation is needed to continuously trust that your digital systems are actually doing what they they need to do. The third program is focused on designing secure by design and private by design components -essential components for the digital world for tomorrow's digital world. And the fifth one is about creating secure and safe artificial intelligence for the the citizens of Europe. If we're successful then all of those programs will produce results that will stay beyond the span of the Sparta project into into the future. And finally the fourth important part that I wish will stay is the community that we're building where we're bringing together 44 partners. Bustling with ideas I was telling about the wealth of ideas and the wealth of possibilities that they bring to the table. Beyond those 44 partners we have a network of associate members who are not directly Sparta project members but what they are is people who want to come in and help us think about big picture problems in the future that can benefit from some of the results of Sparta. And so this whole community the Sparta members and the associate members if this can live beyond Sparta and I think this will be probably one of the biggest assets that we have as a community in Europe going forward.

Yeah. we what we're... we're here in the long run. We're here for to try to prepare the next generation of cybersecurity research in Europe. And what we hope sticks is four things. The first one is a set of principles. The general philosophy of Sparta. The general idea that you're stronger together that you should be able to take risks when you try to to to handle complex problems. Those general principles that I think hopefully will stick after the end of the project. The second aspect is we're trying to identify what we call a roadmap; that's interesting topics that that we need to and that we (the European Union, the people, the scientists, the engineers, the citizen) topics that we need to investigate together in the near future to better secure our digital systems. And if if this list of topic if this so-called roadmap can live. beyond Sparta, I think it would be a good sign of success that we've identified interesting topics in areas where we think of us as Europeans can make a difference. The third thing I am hoping will survive is all of the scientific and technical work we will do in Sparta because we will investigate four different programs and Sparta four different technical areas working on ways to better supervise your your digital systems better understand how they're being used. That's that's one, the second program will be around how do you trust your your your digital systems and what kind of evaluation is needed to continuously trust that your digital systems are actually doing what they they need to do. The third program is focused on designing secure by design and private by design components -essential components for the digital world for tomorrow's digital world. And the fifth one is about creating secure and safe artificial intelligence for the the citizens of Europe. If we're successful then all of those programs will produce results that will stay beyond the span of the Sparta project into into the future. And finally the fourth important part that I wish will stay is the community that we're building where we're bringing together 44 partners. Bustling with ideas I was telling about the wealth of ideas and the wealth of possibilities that they bring to the table. Beyond those 44 partners we have a network of associate members who are not directly Sparta project members but what they are is people who want to come in and help us think about big picture problems in the future that can benefit from some of the results of Sparta. And so this whole community the Sparta members and the associate members if this can live beyond Sparta and I think this will be probably one of the biggest assets that we have as a community in Europe going forward.

OK. Do you do you suppose that there are in the end there will be lessons learned that could be applied to cybersecurity globally. Or are you specifically looking at solutions for Europe.

OK. Do you do you suppose that there are in the end there will be lessons learned that could be applied to cybersecurity globally. Or are you specifically looking at solutions for Europe.

Yes yeah I'm. So yes I think there will be solutions where we do - the solutions can apply globally not only in Europe we're focusing on Europe because Europe has strong cultural identity especially around digital systems. I think one of the most prevalent illustration of this is the GDPR which which is the regula... European regulation protecting the data of private citizen and my data, your data and everybody's data is being protected under GDPR in Europe. That's a world first. And that's an incredible achievement for the European Union to have been able to enforce that type of demand regulation in Europe and being the first in the world to do that. It has had an impact. Now people in the US people in China people in Africa are trying to replicate the same type of protections for their citizen. But here Europe has been a pioneer. What I'm hoping for Sparta is that in the end of Sparta Europe in a few domains will also be a pioneer in cybersecurity and that those solutions, those lessons learned will then be able to be taken up by other countries elsewhere in the world.

Yes yeah I'm. So yes I think there will be solutions where we do - the solutions can apply globally not only in Europe we're focusing on Europe because Europe has strong cultural identity especially around digital systems. I think one of the most prevalent illustration of this is the GDPR which which is the regula... European regulation protecting the data of private citizen and my data, your data and everybody's data is being protected under GDPR in Europe. That's a world first. And that's an incredible achievement for the European Union to have been able to enforce that type of demand regulation in Europe and being the first in the world to do that. It has had an impact. Now people in the US people in China people in Africa are trying to replicate the same type of protections for their citizen. But here Europe has been a pioneer. What I'm hoping for Sparta is that in the end of Sparta Europe in a few domains will also be a pioneer in cybersecurity and that those solutions, those lessons learned will then be able to be taken up by other countries elsewhere in the world.

Yeah cool stuff.

Yeah cool stuff.

Exciting stuff.

Exciting stuff.

So I just want to wish you the best success for this project. And good luck. You have a big job ahead of you. Yep.

So I just want to wish you the best success for this project. And good luck. You have a big job ahead of you. Yep.

It's an interesting job. There's there's a lot of expectations. There's a lot of people rooting for it also. So what's interesting is people have a lot of expectations and we've heard during the kickoff people saying You guys cannot fail this is too big to fail so you need to succeed do whatever you need but you need to succeed which is a bit intimidating for a four for small time guy like myself. But at the same time you have those partners rooting for you and saying well yes we can do this let's let's put some energy in there and we can achieve that and that's an incredible asset to the project and its completely to the credit of the of the partners. We're really really happy to be working in that type of frame of mind saying oh we're going we're going to we're going to the moon but I think we have one of the best teams to actually get to it. That's fantastic.

It's an interesting job. There's there's a lot of expectations. There's a lot of people rooting for it also. So what's interesting is people have a lot of expectations and we've heard during the kickoff people saying You guys cannot fail this is too big to fail so you need to succeed do whatever you need but you need to succeed which is a bit intimidating for a four for small time guy like myself. But at the same time you have those partners rooting for you and saying well yes we can do this let's let's put some energy in there and we can achieve that and that's an incredible asset to the project and its completely to the credit of the of the partners. We're really really happy to be working in that type of frame of mind saying oh we're going we're going to we're going to the moon but I think we have one of the best teams to actually get to it. That's fantastic.

Well that's a great way to start out really. Thanks again and good luck.

Well that's a great way to start out really. Thanks again and good luck.

Thank you.

Thank you.