Become more effective at your job with hands-on cyber security training in Reston. Save $200 thru 8/28.

SANS Security Insights

Plan for Risk on a Global Scale

Plan for Risk on a Global Scale

By Deb Radcliff, Creative Director, SANS Analyst Program

Businesses and governments need to think about risk on a global scale, not just to their individual systems. As such, organizations must plan for risk holistically, not as an afterthought to every new project.

This insight is the ultimate takeaway from an interesting new what-if predictive scenario project, Cybersecurity Futures 2025, developed by the Center for Long-Term Cybersecurity (CLTC) at UC Berkeley, CNA's Institute for Public Research and the World Economic Forum's Centre for Cybersecurity.

Working with focus groups, CNA, a risk analysis think tank for military, government agencies and businesses, helped to develop a series of future cyber scenarios that the report says are beginning to occur, including:

  • Takeover of global quantum systems by a few large governments, shuffling alliances and creating new centers of power
  • Destabilization of society with a flood of data readily available from too many online sources as people adapt by creating new and multiple identities
  • Nationalization of the internet, resulting in pockets of internets inaccessible by other countries because of competing regulations
  • AI trying to run things without humans, followed by looming distrust of the machine

And think for a minute where some of these scenarios are already happening:

  • China has already become a fully digital society that tracks the minute detail of people's daily lives, including details on their families and connections.
  • Russia and other nations (including the U.S., I'm guessing) are using social media for major disinformation (propaganda) campaigns.
  • Phishing and other forms of identity theft have led to people losing trust in the internet, and many are already adapting and forming multiple identities.
  • AI is all the rage, encompassing everything from business data mining to cybersecurity to self-driving cars.

The question will be, how much power do we give to the machine?

The examples stated in the Futures report go beyond the infowar games we used to practice that involve critical infrastructure targets. Instead, these scenarios take us through the societal and global effects of, say, theft and misappropriation of new quantum computing technologies by organized criminals and/or enemy countries. Yet another scenario shows how society would falter and fail if each and every person had access to too much data about everyone and everything else in their communities.

"The more we stepped through the scenario world with stakeholders, the more we all realized that elements of these worlds are already surfacing," said Dawn Thomas, an associate director and research analyst on CNA's Safety and Security team in a release issued with the report. "This report takes leaders of all types through a thought-exercise that will better position them to break away from the current challenge of operational security and look ahead to the range of cybersecurity issues and challenges that will emerge."

The introductory video features the work of producer and screenwriter Walter Parkes, known for films such as WarGames, Sneakers and Minority Report. Take a stroll through their scenarios and tell us what you think.

Post a Comment


* Indicates a required field.