This blog post is also featured as a guest blog post on the WEF blog.
The UK government recently admitted that foreign states hacked and attacked its national infrastructure, including the country’s gas, water and electricity supplies. National defense systems have also been targeted by cyberwar. The most well-known instance being Stuxnet, malware designed to sabotage Iran’s nuclear program, discovered back in 2010. In the US, the Navy’s internal IT system faces a reported 110,000 cyber attacks every hour, according to HP, the company that manages the Navy Marine Corps Intranet. More recently, Red October, a cyber espionage campaign, was recently identified infiltrating both PCs and phones of international diplomats.
Political, military and business leaders know quite well that cyberwar is already among us. This is not to say that security has been an afterthought or wholly inadequate. In order to roll out today’s web-enabled infrastructures, our governments and industries have invested massive amounts of resources in security and this will only continue to grow. Currently, the US Department of Defense invests more than $3 billion annually in cybersecurity, its cyber-forces are 6,000 strong and could add another 1,000 over the next year. Last week, Neelie Kroes at the European Commission put a stake in the ground about cybercrime in an effort to curb data breaches, putting data & privacy requirements on companies that run large databases. The world is paying attention.
How do we reap the benefits of the connected world and simultaneously protect what is necessary? In energy, defense, transportation and communications, we’ve experienced vast improvements due to the power of the Web. For example, we absolutely need the societal benefits of the smart electricity grid and the protection of this system is paramount. We can’t have our energy grid turned off.
At The Forum this year, building cyber resilience and identifying new approaches to reinforce and protect critical infrastructure will be top of mind. Lookout is approaching this massive problem is by using big data to predict and prevent future threats.
We don’t expect this brave new world to unfold quietly. The opportunities of new technologies come with responsibility. Businesses, policymakers, and individuals must set and hold ourselves accountable to define a baseline of norms for what we expect from the organizations and companies we put our trust in. Security cannot a sunk cost; it must be considered as the infrastructure is being built. Intuitive and simple security should be a priority for government, companies and developers creating in this space.