Cybersecurity Will Soon Just Be Security
Date: June 07, 2016Source: Computer Crime Research Center
Think: “A memo goes from Mark Zuckerberg to the president of the United States, that mimics a memo that went from GM to the president,” said Weber, a professor at UC Berkeley’s School of Information, at a recent event in Washington.
It says: “My company is responsible for 2 million jobs. My company is in financial distress. The only way I can keep those things going is to sell those data assets.”
That data, in Facebook’s case, would include users’ names, birthdays, social connections — even the shapes of their faces, collected every time friends tag one another in photos.
The scenario, aptly named Bubble 2.0, is one of five recently released by Berkeley’s Center for Long-Term Cybersecurity. The center explores potential Internet security threats that far eclipse the data breaches at Target, Home Depot and the like.
“Our center is founded on the proposition that cybersecurity will become the master problem of the Internet era,” the center’s executive director, Betsy Cooper, said at the event. “Soon cybersecurity will just be security.”
This month, the center will host the White House’s Commission on Enhancing National Cybersecurity, a group of a dozen leaders creating cybersecurity recommendations for the president that can be enacted over the next decade.
The center opened in early 2015 after the university received a $15 million grant from the Hewlett Foundation the previous year. Stanford and MIT received similar amounts. Stanford’s research is focusing on how cybersecurity affects cyber-social systems, such as education and health care.
In May 2015, the Berkeley center gathered together roughly 40 executives, academics and government officials at the Marconi Conference Center in Marin County to lay the groundwork for the scenarios that the center recently published.
In January, the center doled out roughly $900,000 to fund assorted projects trying to answer questions about how cybersecurity might evolve. In an example of how far out some of these concepts may appear, one project focuses on bio-sensing, the interaction between technology and the body.
Weber, the center’s faculty director, led a group of professors that wrote the initial grant request to Hewlett. And it’s not as if such research is new.
From the 1960s to the ’90s, for example, Royal Dutch Shell used scenario planning “to anticipate and react to major discontinuities in energy markets, such as the oil embargoes of the 1970s,” according to the Sherman Kent School for Intelligence Analysis, the CIA’s training school in Reston, Va.
The point is that even thinking about possible futures makes companies — and even U.S. intelligence agencies, such as the CIA — more resilient.
Even if the predictions turn out to be wrong, “the effort to anticipate is worth a lot, because it gives you the ability to react quickly,” said Herb Lin, a senior cyberpolicy scholar at Stanford’s Center for International Security and Cooperation. “And if you can react quickly, you’ll be less screwed.”
Few, if any, academics have been applying long-term planning to the “cybersecurity problem,” explains Weber.
“I really wanted (the Berkeley center) to look over the horizon and not focus on catching up with today’s issues and chasing battles around in a reactionary sense,” he said.
In order to prepare for the near future, governments, corporations and individuals have to consider all the possibilities, said Cooper, who joined the center last year from the Department of Homeland Security, where she was an attorney in the office of the general counsel.
In September, the center plans to hold a meeting to discuss lessons learned from the initial scenarios and set its future research agenda.
©2016 the San Francisco Chronicle Distributed by Tribune Content Agency, LLC.
Add comment
Email to a Friend
