Tuesday, July 28, 2015

Cybersecurity & Civic Hacking # 8: Hype or Reality?

This is the eighth ‘Cybersecurity & Civic Hacking’ post I’ve written to support the need for launching a collaborative NE Wisconsin cybersecurity initiative that includes civic hacking.

Recently, people have told me that media stories about cybersecurity risks are mostly hype. They say the government and tech companies will do what’s needed to keep people and businesses in NE Wisconsin safe from digital attackers. NE Wisconsin residents tell me they’re not concerned about security risks for their computers, smartphones, debit or credit cards, bank accounts, electronic health records, vehicles, and other digital or Internet-connected devices and personal information.

In today’s post, I won’t use my own words in an attempt to persuade the educational, business and political leaders of our region, along with the general public in NE Wisconsin, that the cybersecurity risks I've been talking about are real. I won't try to make it clear why we should not rely on the government or some tech company in Silicon Valley to protect us. Instead, I’ll present an article from last Saturday and one from yesterday. Maybe the words of someone from outside the state can convince you that a regional cybersecurity initiative is vitally important to the people and organizations of NE Wisconsin.

The first article is “Forget the Ashley Madison or Sony hacks – a crippling cyberattack is imminent in the US.”
Computer experts have long warned about a catastrophic cyber-attack in the US, a sort of Web 3.0 version of 9/11 that would wreak enormous damage throughout the country. Like most Americans, I shrugged. With all of the enormous resources the country enjoys, those warnings seemed like the rantings of a digital Chicken Little...there’s Silicon Valley, which I frequently write about. Surely the uber-geeks who run the world’s greatest innovation cluster could code something to smite the evildoers? Well, on behalf on the US, I admit I was terribly wrong. We are so screwed. 
I came to this conclusion recently, over a span of seven days. Earlier this month I attended a preview of retail giant Target’s new “Internet of Things” showroom in downtown San Francisco...It was all very impressive, but I couldn’t help notice an irony: the retailer that in 2013 was subject to a hack that [compromised] the credit-card data of 100 million consumers now wanted people to entrust their entire homes to the internet... 
One week later I found myself at a dinner in a fancy hotel to discuss cybersecurity with the executives of top Silicon Valley firms. Unlike the festive Target event, the mood was decidedly grim...Even the successful breach of Chrysler’s in-car systems, which allowed hackers to take control of a Jeep on the highway and prompted the recall of 1.4 million vehicles, is a mere appetiser compared with what’s coming down the road. 
By 2020 the US will be hit with an earthquake of a cyber-attack that will cripple banks, stock exchanges, power plants and communications, an executive from Hewlett-Packard predicted. Companies are nowhere near prepared for it. Neither are the Feds... 
What struck me about the dinner...was the naked pessimism in the room. Nobody even tried to put a happy face on the situation. “A slow-moving train wreck,” one executive said. Forget about coordinating with each other or the Feds: companies don’t even know how to deal with their own hacks, never mind worry about someone else’s…”
The second article is “[Governor] Otter creates Idaho cybersecurity task force.” The governor of Idaho apparently does not trust tech companies and the US government to adequately protect the people and businesses of Idaho from cybersecurity risks.
Idaho Gov. Butch Otter has signed an executive order creating the Idaho Cyber Security Task Force. “We have seen dozens of cyber attacks that seem to be increasing in frequency and boldness, costing our businesses and taxpayers untold billions of dollars each year,” said Otter...I want Idahoan’s to know that our state continues to prepare to meet any cybersecurity threat, whether from viruses, malware, and security breaches to outright theft of personal and private information.” 
“Idaho’s long term economic competitiveness is intimately linked to cybersecurity,” said Little. “But our companies and government networks are not the only ones vulnerable to cyber attacks. All Idahoans are under threat if our state is not vigilant about protecting our citizens’ privacy…”
NE Wisconsin Cybersecurity Initiative
I’m not suggesting NE Wisconsin launch an effort similar to the Idaho task force. That appears to be largely a political initiative. My proposal for a NE Wisconsin cybersecurity initiative focuses just on our 18 counties, it doesn't need politicians on a task force unless they're cybersecurity gurus, and it includes a significant amount of collaboration with civic hackers who are focused on cybersecurity.

However, the Idaho initiative does make it clear some areas of the US see value in developing local cybersecurity expertise.

If you live in NE Wisconsin and aren’t concerned about cybersecurity, or you think the best thing to do is wait for tech companies and the US government to make digital life secure for you or your company, you don’t need to convince me I’m wrong. You need to convince the tech company executives and the governor of Idaho they are wrong.

---------------------------------------------------

DHMN Civic Hacks posts about 'Cybersecurity & Civic Hacking':
C&CH # 01: "Cybersecurity: A New Horizon For Civic Hacking?"
C&CH # 02: “Cybersecurity & Civic Hacking # 2: Public Wi-Fi
C&CH # 03: "Cybersecurity & CH # 3: The Right Person / Topics Of Interest"
C&CH # 04: "Cybersecurity & CH # 4: Malware"
C&CH # 05: “Cybersecurity & CH # 5: Even Cybersecurity Companies Get Hacked!
C&CH # 06: "Cybersecurity & CH # 6: How Cybersecure Is Your Car?"
C&CH # 07: "Cybersecurity & CH # 7: Data Breaches"
C&CH # 08: This post, published July 28, 2015

*****
Posted by at

2 comments:

Subscribe to: Post Comments (Atom)