The first government hearing on computer security was in 1998. Chris Wysopal, the CTO and founder of Veracode, was one of the software engineers to testify. A part of cyber-security from the beginning, Wysopal admits that when working for Lotus in the 90s, he was wary of connecting software via the internet.
Over 20 years later, all of our software is more connected than ever–and so is our data. And Wysopal is still wary, as “people build systems, software, IoT and they don’t really think about security from the very beginning,” and some “don’t think about it at all.”
He says that as a result, “we are continuously putting out a stream of technology that is fundamentally broken from a security standpoint.” Essentially, technology advances and we’re rushing to keep up with it, but, as Wysopal points out, “we’re constantly cleaning it up.”
Technology has transformed, but the clean-up process continues. Here are some of the most recent trends when it comes to protecting the data that has proliferated our lives more now than ever before.
Managing the Digital Economy
Data protection is a concern of international proportions. At this year’s G20 Summit, Chinese president Xi Jinping declared that “data to the digital economy is the same as oil to industrial economies.”
This prevalence of data to the global economy overall means that governments are attempting to come together to manage the ways that valuable data is handled. From GDPR challenging the way companies handle personal consent, to increased actions and advocacy on local levels. For now and the foreseeable future, we’ll be asking ourselves just how regulated our data needs to be, who is responsible for regulating it, and who is culpable in the case of a breach.
In contrast to actions on a legislative level, a continuing noticeable trend is individual responsibility for cyber security measures. It’s kind of like how we’re expected to recycle as much as possible even while fossil fuel industries reign. We can’t solve the entire problem on our own, but we can take some helpful measures to protect our own data.
According to Sean Allen, digital marketing manager at Aware, the number one cause of breaches for small businesses is still “employees and emails,” with “no need to worry about master hackers.” Thus, training employees on basic cyber hygiene like stronger passwords and recognizing phishing attempts, can make a drastic change in the security of company data.
No one is safe from a cyber-security incident or even a full-scale data breach. Fortunately, the proper preparation means that in the case of a cyber-attack, your team will be ready to tackle the challenge efficiently, minimizing the hefty cost of compromised data and saving the day.
Some networks have already begun to advertise 5G network speeds, but the jury is still out on what it really means to go 5G. Markku Toiviainen, head of industry business development at Keysight Technologies, explains that 5G isn’t just next in line. It presents “a much bigger change than in transitioning from 3G to 4G,” because the signals “behave and move differently.’
5G signals on a high-frequency, shorter wavelength, which changes the physics of the transmission. Toivainen adds that when it comes to signals at this speed, “the normal rules are not really valid anymore.” Yet, networks are already mentioning 5G in their marketing materials, which means that they may be racing to muster up the extra equipment needed for such extraordinary wavelengths.
Since 5g is merely in its infancy, the tech world is speculating how the transition to 5G could turn out, or if we really need it. Thus far, it presents another case of technology escalating faster than anyone can keep up with it.
Brand Alignment and Transparency
Chris Wysopal admits that an important impetus for cybersecurity measures is public relations. He compares the transparency of technology brands with the ingredient labels on our food. When we have a bad reaction to food, we can turn to the ingredient list to provide some clues as to what the problem is. When it comes to cybersecurity, Wysopal says those problems “are never one simple thing,” making software vulnerable or causing it to fail.
However, it’s not necessarily up to the consumer to know all of the “ingredients” of their software In fact, Wysopal assures that just like we have nutritionists and doctors to advise our food choices, we “have experts layered on top of this basic stuff,” and consequently the responsibility to be transparent about the software falls to those experts.
And the reality is that a lot of companies are not transparent out of the good of their hearts, but rather to protect their brand. Wysopal uses Amazon as an example, which is “very strong on security,” because if they weren’t, “no one would use their service.”
The bottom line is that the future of cybersecurity depends on “alignment between company’s brand[s] and what they’re providing securely,” especially for companies besides the big brands, “the next thousand players which just keep always having a vulnerability somewhere that everyone’s network is always compromisable.”
Cybersecurity and Beyond
Data privacy is an ever-developing concern as our data gets bigger and faster than ever before. Now governments are faced with data economies to regulate, while the burden for protecting data on the front lines often still falls on the individual. Meanwhile, brands are pressured into developing security measures and practicing transparency to avoid the controversy that can come from handling the data we rely on so intensely. All a result of technology that we are indeed, still cleaning up.