Pings of Death and Other Modern Dilemmas: Navigating Security in the Digital Age
We live in a world of malware worms and ransom attacks. Our personal lives- everything from our photographs to our bank accounts and our assets- are being converted as we speak into a bewildering soup of ones-and-zeroes.
It’s a strange reality to face: at any given moment, an anonymous actor on the other side of the world could disrupt the otherwise smooth rhythm of the life you live. You may be subject to ransomware. Your personal devices may be corrupted and surveilled- without your consent, naturally. The next email you receive might release a new ecosystem made up of malicious code into your personal computer, violating in one stroke every bit of data you chose to store on that device.
And all this is happening in the space of an eye-blink, while society as a whole (or near enough) has been asleep at the proverbial wheel. The solution might seem dire: air-gap your life, quit the Internet, go cold turkey, cyber-style. Realistically, how many people will be willing to give up the dubious pleasures of life online? Between Instagram envy and the conveniences of email and online banking, the illusion of freedom offered by the Internet has proved irresistible to the world.
So, no one will take up the air-gap option. What is the alternative?
People hear a good deal about cybersecurity. Some may understand it; some may not. To most, cybersecurity is the exclusive preserve of IT boffins working to keep their macro settings updates; the guys who remind you to change your passwords and to never be so prosaic as to offer hackers bait in the form of passwords that are no more than your date of birth or the name of your first child.
This, if I may say so, is the myopic approach to cybersecurity that has led us to live in a world of continuous data breaches and free-rein hackers who seem to come and go from our devices and even our democracies at will.
The situation is such that we don’t know when it will come: the ping of death that tears apart your digital life, with repercussions that spill over into the real world, defacing your credit ratings, your reputation and your job prospects.
Incidentally, would the majority of people understand that term? The ping of death? What about the term DDOS? Would they be able to point to critical information infrastructure or identify the careers that will- going forward- prove essential to ensuring population-wide cyber-safety? Chances are, all of the above will be answered in the negative. If we are aiming to strengthen and enhance our ability to respond decisively to cyber-threats, we must allow ourselves to become more cyber-literate. This means empowering ourselves and broader segments of our organizations in order to ensure that cybersecurity becomes everyone’s business; almost.
Exiling cybersecurity to its own little silo, made up of IT professionals, does everyone (and their data) a great disservice. To ensure the safety of essential services- we’re talking airports, power plants, hospitals- we must establish cybersecurity as a matter for organizational governance. This means that organizations must begin to address the idea of creating security-by-design, taking into account the nature of the data over which they are the custodians and evaluating the risks posed to this data.
Away from the boardroom, the concepts of cyber-literacy and cyber hygiene must become bywords for safety in an era where the majority of us appear to be conjoined with our devices- so much so that, I’ve noticed, we no longer make eye-contact in public.
Cybersecurity is commonsense. It is also good governance, sound policy, and- ideally- legislated practices designed to safeguard the population and all critical information infrastructure from the persistent threats posed by all manner of malicious actors.
The answer, perhaps surprisingly, is creativity.
The old thought-patterns have not progressed beyond the IT department and the same tired security checks that rarely factor in human error or the obsolescence of legacy systems.
New thinkers and brighter ideas are the key to giving cybersecurity- as a practice area- the prominence and universality it deserves.
Unless we are proactive, we will always live in fear of the ping of death. It’s a real dilemma- but the solutions are within sight and reach.