Managing Security in a Cyber-Enabled WorldBy Guest Author | Posted 2016-04-15 Email Print
We will move to a cyber-enabled world where threats aren't as direct as DDOS attacks or ransomware, but they'll have ramifications for everyone—connected or not.
Sound familiar? We should recall the lesson of Internet 1.0, when we moved from an Internet that was distinct from mainstream business to the Internet-enabled world where the virtual and physical are hopelessly enmeshed. When—not if, but when—we move from the Internet-enabled world to a cyber-enabled world, the threats and risks will change again.
That’s why cyber-security is an issue that everyone needs to consider. Today, your company may be subject to a direct attack—a distributed-denial-of-service (DDOS) attack that shuts your company down, or ransomware that seeks money to unlock your data, or theft of data for monetary or other gain, or any number of other threats. While these may be the majority of current threats, we have just started to understand what the cyber-threat landscape looks like.
Because we are all in the same pipe now, the reality is that the threats have just started to appear, and they will change over time. We will move to a cyber-enabled world where the threats are not as direct as those identified above, and they will have ramifications for everyone, whether connected or not.
This means that a cyber-attack could present risks even though the “cyber” aspect (relating to computers and the Internet) of the attack is indirect. In other words, cyber will be at least a part of the attack, but the attack itself isn’t exclusively a cyber-attack—at least not in the way that we think about it now.
Cyber-security issues will become clearer as technology becomes more enmeshed in our daily lives—whether it is driverless cars, drones, remote-controlled medical devices or any of the technological advances we can’t yet foresee. I’m not suggesting that these technologies shouldn’t be used; that’s not a possible outcome.
Instead, everyone needs to realize that we’ll have to address unforeseen threats, because cyber-security is a shared responsibility for which all of us must be accountable as we move into the cyber-enabled world.
Andrew Serwin is co-chair of the Global Privacy and Data Security Group at law firm Morrison & Foerster. He regularly advises businesses and institutions on data security incidents and privacy enforcement and litigation. He can be reached at firstname.lastname@example.org.