<The hyper-connectivity we all enjoy and benefit from also brings us to a place of hyper-vulnerability.> Is it for domestic laws to deal with? Should companies simply have in place stronger cybersecurity measures? Can we punish companies for not being adequately cyber-ready? The important thing to keep in mind is that countries, companies, and individuals are all vulnerable. On an individual level, what should we be thinking about? There are many ways to boost our “cyber-hygiene.” First, be careful with your Wi-Fi connections. Wi-Fi is a wonderful enabling technology that’s used now by almost every one of us. It’s also one of the easiest ways to have your information stolen. At home, make sure you have an effective security code. When you’re not at home, be wary of free public Wi-Fi. It’s convenient, but you’re opening up yourself to vulnerabilities. I would never use free Wi-Fi for banking or other sensitive activities. One option is to use a VPN, a virtual private network, which provides more protection. Second, for all of your cyber-enabled accounts, use two-factor identification. This is a good way to protect unauthorized access. Third, be careful where you buy your equipment so you can avoid what is called “supply chain vulnerability.” As individuals, we can’t check every single component in our computers, so purchase from a reliable source. This is part of the education that all students, beginning in primary school, should be getting today. It’s no different from learning to cross the street safely, to avoid fire hazards, or to drive defensively.
What is next for the internet and cyberspace? One of the hot topics now is 5G — the fifth generation of cellular mobile communications. It’s essentially the next version of the internet that will increase speed in a very dramatic way. Engineers and developers deserve a lot of credit for this, but what does it mean for regulation? Engineers don’t have the same criteria that lawyers do for what should be permitted in cyberspace. Their rule of thumb is: If it’s doable, let’s do it. Lawyers have a different task: balancing rights with constraints on harmful activities that may result from that innovative “let’s do it.” The technical development of cyberspace — the “plumbing” — and the legal and policy developments are in the same universe, but the thinking about them is really different. We don’t yet have the techies talking to the lawyers who are talking to the policymakers who are talking to the politicians. Also, gender diversity, racial diversity, and ideological diversity are critical to cybersecurity, because you then have the advantage of approaching the problem of protecting the common good from a variety of angles. Everybody needs to be in the mix to move ahead with these challenges. If cybersecurity is the realm of engineers and lawyers and politicians and governments, what role can young people play? The responsibility for thinking about the incredible opportunities and vulnerabilities of cyberspace is falling to today’s students, the digital natives. These new challenges require new kinds of thinking, and students are already better at it than pre-digital generations. And right now, the world needs about 2 million more personnel to do the minimum job of protecting cyberspace. If anyone is looking for a career in cybersecurity, just walk through that door. It will be a fascinating journey. [NMH]
0101010101010101010101 S PR I NG 2 0 1 9
The Magazine of Northfield Mount Hermon