The last five to seven years in cybersecurity have been all about threat detection within conventional information technology networks. The platforms have evolved from simple monitoring with antivirus protection to advanced threat-defense systems bolstered by behavioral analytics and active threat intelligence. New capabilities are emerging, driven by artificial intelligence and machine learning — yet we still see hacks the size and scope of the Equifax disaster on a daily basis.
The next five to seven years will see extended artificial intelligence and deep machine learning, the collection of expanded sources of threat-indicative data, context-aware access management, curated threat intelligence, and integrated risk frameworks to unified threat-management platforms and robotic machine interfaces operating on offensive missions in cyberspace. All this is in an effort to get and stay ahead of cybercriminals and nation-state-sponsored hackers. Moving all of this increased firepower to the “internet of things” will become our greatest security challenge by 2022.
There are six key drivers of this challenge, all of which will be highly interconnected:
1.) The internet and the physical world (aka the internet of things). While the internet of things is transforming economies and societies with more efficient, data-driven services, cybersecurity challenges from targeted threats, device vulnerabilities, incompatible standards, regulatory pressures, and privacy issues may well undermine all of the firepower embedded in these advanced platforms.
2.) Artificial intelligence. The opportunity for application in everything from cybersecurity defense to robotics, new services, and scientific breakthroughs will likely be overshadowed by ethical, privacy and liability issues, plus the probable emergence of a “surveillance society.”
3.) Cyberthreats. As the application of artificial intelligence and machine learning technologies to the networked internet of things at work and at home will increase our dependence on the network, the severity of security challenges and vulnerabilities will increase in parallel. Yet we can’t and won’t allow a ‘securitization’ of the internet (à la China), lest we sacrifice any remaining semblance of privacy and personal freedoms.
4.) The internet economy. We are finally on the verge of a technological transformation that will disrupt broad economic structures and force businesses to think and act like technology companies as billions of devices and sensors will connect to the global network, and this new hyperconnected internet economy will see traditional industries morphing, emerging economies thriving, and new market leaders from around the world driving both innovation and entrepreneurship.
5.) Networks, standards and interoperability. A proliferation of connected systems and mobile devices will result in ubiquitous connectivity requiring greater bandwidth and interoperability, yet our current open standards are either nonexistent or insufficient to support competition, continuing evolution, and accelerated innovation.
6.) The role of government. As the internet grows and expands into more areas of the global economy and society, individual sovereign governments will be faced with a host of newly complex issues that will make today’s technological legislative challenges look like child’s play. Every aspect of our own congressional leadership decision-making on issues of privacy, regulation, protection, defense, retribution, sharing, connectivity, prevention, manufacturing, limits on the application of artificial intelligence, and robotics will be challenged as never before. Their responses to these challenges will impact not only laws, freedoms, rights and the economy, but also the internet itself.
There are so many issues that need to be addressed by this Congress and the United Nations as a whole that the load far exceeds the current capacity. It would be so easy to simply do what China has done and just close up our own American internet. (That’s a joke).
In spite of the herculean task facing our lawmakers and regulators in attempting to forge some sort of over-arching cybersecurity policy and governance, it is crucial that we not lose sight of the internet core values of openness, security, and collegial use by the entire global community.
There is a shared sense of both optimism and disillusionment for the internet’s future in equal measure today, and while there are no guarantees of what lies ahead, humanity must be at the center of tomorrow’s internet. It must continue to benefit people and create new social and economic possibilities to fulfill the premise on which it was built.
Any and all congressional action must embrace these core values as their compass when drafting new legislation for dealing with cybersecurity issues — that our corporations steadfastly continue to ignore — or we will face a future in which we will have chosen security over freedom. And that is not what our founders had in mind.
Steve King is the COO of Netswitch Technology Management and a contributor to LifeZette.