Former INTERPOL director: Cybersecurity should become priority for Azerbaijan – INTERVIEW

The rapid growth of digital technologies and the development of artificial intelligence are changing the face of the global cyber threat. States have to simultaneously protect critical infrastructure, strengthen public trust, and build international cooperation. For Azerbaijan, this challenge is particularly relevant: the country has established a national cybersecurity center, adopted a digital development strategy, and is discussing steps toward integration into international initiatives.

Former Director of Cybercrime at INTERPOL Craig Jones told Report on why public-private partnerships (PPP) are becoming key to forming a sustainable cyber posture, how to ensure the effectiveness of the national cybersecurity center, and what steps will help Azerbaijan become a regional leader.

Report presents the interview:

- Drawing on your experience working at INTERPOL, given the growing threats related to artificial intelligence (AI), vulnerabilities in supply chains, fileless malware campaigns, and the activities of state-controlled actors around the world - what should the government of Azerbaijan prioritize today in its national cyber strategy to stay ahead of threats, protect infrastructure, and strengthen public trust?

- The first thing to start with, as you mentioned, is strategy. What is this strategy? Where exactly are the risks in the country? As you know, countries are responsible for their security, protecting citizens, and forming policy. But at the same time, a significant portion of critical infrastructure is managed by the private sector. That is, we have two different elements that need to be brought together.

So what rules exist? What regulations? What legislation? How does the government identify threats? Because it currently doesn't have all the information, as it's dealing with international, multilateral companies that probably have more data about cyberspace and cybercrime than any single state. Therefore, first and foremost, a thorough analysis of threats and the risk landscape needs to be conducted.

As for the role of AI, this is a completely new component. Criminals can now accelerate their activities using AI technologies. And now the question remains, how can the government use artificial intelligence to develop its policy and maintain a very strong and reliable position in combating cybercrime?

- Azerbaijan recently established a National Cybersecurity Center to coordinate response, protect critical infrastructure, and monitor threats. From your perspective, what steps are most important for this center to become truly effective - both in terms of operational readiness and strengthening trust with citizens and international partners?

- Many countries have traveled this path. It's important to study experience, what has already worked, to establish interaction with other regions and states. For example, the World Bank has prepared an extensive report on how to develop a cyber strategy, and similar recommendations are provided by the Global Forum on Cyber Expertise, of which I am a board member. There's a whole section there on forming governance strategies and turning them into full-fledged programs.

But speaking about some practical aspects, it's about coordination and cooperation. How do the state and national agency interact with law enforcement and the private sector? How do they jointly share information during attacks? What regulatory barriers exist? Sometimes the law prevents data sharing between departments. This can be resolved at the national level, but the factor of global companies remains.

Lawyers also have an influence: companies sometimes prohibit data sharing due to liability risks. Therefore, clear instructions are needed - how to act during a cyber incident. This should be embedded in the center's daily work.

- Azerbaijan faces growing threats from state-linked cybercriminals. Groups APT29, linked to Russia, and Pioneer Kitten from Iran, have been identified in attacks on government structures, critical infrastructure, and media. Based on your experience at INTERPOL, how should Azerbaijan prioritize detection, attribution, and defensive strategies against these sophisticated attacks?

- Over the past 20 years, we have witnessed how states and malicious actors actively use cyber tools to attack other countries. By attack, I mean penetration into networks and systems for data and information. This is a modern form of espionage, only not through agents, but using software and hardware.

Therefore, cooperation with other countries is critically important. It's necessary to understand how they defend against these threats. It's necessary to exchange information in real time with these countries and develop one's capabilities. INTERPOL's role here is special: it works only with crime and doesn't interfere in political, military, racial, or religious matters. If it turns out that a state actor is behind an attack, INTERPOL's tools cannot be used. The importance of this lies in neutrality. Thus, INTERPOL can interact with all 196 countries. I truly haven't seen a similar model where such a genuine exchange of information and data could be ensured.

- Azerbaijan increasingly realizes that the state alone cannot prevent cyberattacks. Drawing on your experience at INTERPOL, what are the best practices for building resilient public-private partnerships in cybersecurity? And how can the government ensure cooperation with local companies and critical infrastructure operators to guarantee the effectiveness and sustainability of critical infrastructure operators' work?

- This work needs to be started immediately. It is necessary to engage all critical national infrastructure operators, identify key architects of the country's digital environment.

Next - hold meetings, discuss their needs, and communicate state interests. This sounds quite simple, but in reality, it is not. This phase of studying the situation is truly very important. After that, networks can be created for sharing threat intelligence. At the same time, they should not be made too closed. You need to create a reliable group that will be able to gather and exchange information about cyber threats, about where and how they impact. But this needs to be done in a secure and reliable way.

- Looking to the future, how can Azerbaijan not only defend against cyber threats but also become a regional leader in cybersecurity? What strategic investments, training programs, or international partnerships are most successful in strengthening the state's cyber capabilities?

- Here, the classic triad is important: people, processes, technologies. The right people are needed in key positions, investments in national and organizational leadership, and the availability of knowledge and resources in cybersecurity. Experts and effective coordination within the country are required.

At the regional level, Azerbaijan participates in many organizations, and cybersecurity should become one of the priorities. This will allow building regional cooperation.

At the global level - for example, the UN recently adopted a new Convention Against Cybercrime, which took two and a half years to develop. Azerbaijan, as a UN member, should join this Convention. Because after this convention is signed by countries, it will become the foundation for international police cooperation, strengthening the skills and capabilities of law enforcement agencies, and will also help in working with private partners. Thus, three key directions for Azerbaijan: internal coordination, regional cooperation, and global integration.