It’s 2016. The general public is becoming more aware of its digital surroundings. For the first time ever, friends and family members are reaching out asking what hacks are possible and which ones are not.
From webcam hacking to stealing billions, to automobile hijacking, those working in the industry know pretty much everything is vulnerable. For everyone else around us, all of this comes as a surprise.
Internationally, there has always existed an elevated awareness for privacy. Today, there is an increasing level of distrust in American-based technology companies. This sentiment existed well before the Edward Snowden revelations, starting shortly after September 11 with the introduction of the PATRIOT Act.
I can recall several encounters with senior leadership in the EU who would knowingly choose European-based companies with inferior technologies and services, in fear that US companies would succumb to Government coercion.
With a plethora of security and privacy concerns plaguing global organizations alike – is using them even worth it? Perhaps the better question would be, is not using them worth it? Choosing not to use something comes with its own cost, as well. Working with European customers regularly, I was required to justify the use of American-based Cloud Service Providers (CSP) on an almost daily basis.
Many customers cringed at the idea of a US-based company having their hands on EU data. Today, no one could blame them for their concerns.
Using inferior technology, in general, is messy, not to mention saliently expensive. However, the benefits of a reduced cost of entry by cloud and ubiquitous platforms, such as iOS, are obvious; they have disrupted industries previously thought to be immune to technology.
Netflix for movies, Airbnb for hotels and Amazon for retail have all proved to flip industries upside down. Inevitability, the already struggling EU will only stifle its progress by refusing to leverage enabling technologies.
Today, we are still struggling to enforce straightforward concepts likeThe Right To Be Forgotten. The recent dismissal of Safe Harbor by the Court of Justice for the European Union (CJEU) will only increase these tensions, and will surely make sharing information with European countries even more challenging. Bounding data by the same legal borders and enclaves that we humans do is proving to be very hard.
What is the path forward?
We’ve faced similar dilemmas before. With problems growing in scale, cultures have kept pace by evolving to tackle topics of increasing complexity and magnitude. Villages become towns, towns become cities, cities evolve into countries, and borders inherently dissolve, shift and are transformed. The problems which we’re trying to solve right now are pushing our limits of national collaboration.
It is becoming more apparent that security and privacy issues have grown beyond the point we can address with our current socio-political structure.
In the short-term, transitions are always messy. In the long-term, the path forward is obvious. Technologies such as the Internet are forcing us to re-arrange the world we live in. The Untied Nations (UN), the North American Free Trade Agreement (NAFTA), and even Safe Harbor have all been precursors in ushering in the new era of a World Government.
One day, the concept of a sovereign country will no longer exist. One day, patriotism will be looked upon as a dated concept in much the same way we view racism today. Our great grandchildren will be stunned to learn people once shared a deep sense of community and connection simply because of fictitious borders and their geographic proximity to one another. Technology will be the impetus for bringing these conversations to the forefront.
Such obstacles will force civilization towards greater alignment. With some entities currently taking advantage of their stronghold on the world’s telecommunications systems, what is the proper approach to creating a sustainable policy?
I’d like to think of a giant lottery machine with 7 billion ping pong balls. Regardless of which ball you get, would you be content with your luck of the draw? Would policy be the most conducive to fairness for all?
The world around us is changing. Those who fail to adapt are likely to follow the way of the dinosaurs of the Jurassic era. What will happen next during this transition? More importantly, what can we do in the security profession to ease the transition?
About the Author: With a decade of experience in both public and private sectors, Josh Danielson has served a variety of industries throughout his security career; from academia and government contracting, to the financial sector. Josh is an active member of the infosec community where he has participated in multiple volunteer events. Josh has received a Master of Science degree in Information Management from Syracuse University, and currently holds multiple certifications including CISSP-ISSAP and CISM.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc. If you are interesting in contributing to The State of Security, contact us here.