Bridging the Security Gap
In the past week I was kind of busy with the Cyber Security Week in the Netherlands, GCCS2015, NCSC One conference, HSD event, radio, TV... It all contained cyber, cyber…. cyber
So what is a cyber?Cyber is a prefix, derived from "cybernetic," which comes from the Greek adjective κυβερνητικός, meaning skilled in steering or governing. (Thank you Wikipedia). In normal words it's the study of control and communication in the animal and the machine.
In the 1980's internet technology became rapidly available and the "cyber term" was being used a lot in those contexts. Nowadays we use the word “cyber” mainly to talk about internet and those systems. But could we replace “cyber” with internet? In some means yes, but if we do, we will forget a lot.
Since we still use multifunctional devices (including faxmodems) and “offline” wireless communication systems, I think we are not doing right only to cover internet systems.
Cyber cyber at GCCS2015
During the GCCS2015 (which stands for Global Conference on CyberSpace 2015) in The Hague, a lot was discussed based on internet technology. That being said, I don’t think that’s enough to cover the word Cyber. We should think more broadband? Yes! The largest attack vector is the internet (or Cyberspace), but is it also the largest risk? Going back to December 2014 (31C3 conference), vulnerabilities in the telecom backbones were detected thru SS7 messages (the main telco protocols). This backbone protocol was already designed in 1975, eight years before the internet was founded, and we are still using it… is this internet? Partly, it might use some internet connectivity but it was not designed to be the internet….
But it wasn’t not only about security… it was also about opportunities.At the GCCS I attended one presentation about drones, their capability’s and responsibilities. A live demo showed how you can operate a drone by using brainwaves. Vint Cerf was the volunteer who’s brain was “tapped” to control the drone. One of the main questions during this presentation was about the ethics and it's usage. For example, if you can control a drone with your brain, is it ethical to use the side-data-collection to analyze what kind of favorite color it has?
It's not that far away to do this type of analyses since the "Googles" of the world already are doing analyses on our interests, so this is not strange at all.
And how can vulnerabilities or errors being (mis)used in this way, do we know what is acceptable?
Also, what is ethical in our society doesn't mean it's ethical in other countries or areas.
I remember that one of the main questions was about using drones in bad situations to deliver emergency response, like delivering medical supplies to a refugee boat. We can all agree, this is for a good purpose, but their main issue is the misuse of drone. The researchers were afraid that people wanted to put their baby in the drone.... (I hear you all saying WTF A BABY IN A DRONE??) … but question yourself, if your baby is sick... very sick... and this is the only hope you have to save it’s life... is it ethical NOT to put your baby in the drone?