21 novembre 2018 | International, C4ISR

Disruptive technologies show why government needs data security standards now

By:

Telepathy. Data uploading to the brain. Even humanoid sex robots. These are among the ideas that exist on a periodic table of disruptive technologies, a new visual guide that predicts what will alter human existence in the coming years.

Created by Imperial College London, the table identifies what is set to change societies in the short term (smart controls and appliances), as well as fringe ideas that are decades away from existence, if they will exist at all (think force fields.)

Yet the disruption could turn disastrous without proper data-security standards, according to one of the chart's creators, Richard Watson, the futurist in residence at Imperial College London.

“There is very little here that is not in some way digital and connected, which makes it vulnerable,” Watson said.

“Any kind of internet-of-everything device doesn't really work if you haven't got common standards — if Apple isn't sharing with Google and the French aren't sharing with the Germans.”

Experts have long expressed concern about the lack of data standards for internet-connected devices. There is no international standard for data security. And U.S. government oversight of internet-connected devices is spread across at least 11 different federal agencies, according to a 2017 Government Accountability Office report.

“As new and more ‘things' become connected, they increase not only the opportunities for security and privacy breaches, but also the scale and scope of any resulting consequences,” the report said.

And there has been a flurry of cyberattacks using internet-connected devices. Some hackers are exploiting smart devices as an intermediary to attack computer networks, the FBI warned Aug. 2. Ninety-three percent of respondents told Armis, a security platform, in an August survey that they expected governments to exploit connected devices during a cyberattack.

The Imperial College London chart offers a further glimpse at how important it may be to create these common regulations by imagining a wealth of potential breach points. Watson listed some of the table's future technologies that could be hacked.

“Smart controls and appliances.”

Hackable.

“Autonomous robotic surgery.”

Hackable.

“Autonomous ships and submarines.”

Hackable.

“One of the issues with the stuff on here is that it relies on extremely good data security,” Watson said.

The problem with having a developing ecosystem without global standards is that a single vulnerability could allow access to more than one network, and government officials and businesses are currently taking a strategy of letting the private sector debate how, or if, to regulate itself when it comes to internet-connected devices.

One piece of bipartisan federal legislation, the 2017 Internet of Things Cybersecurity Improvement Act, mandates that “devices purchased by the U.S. government meet certain minimum security requirements," but it has stalled in Congress.

As a first step, manufacturers should collaborate to establish device security baselines, Jing de Jong-Chen, general manager for global cybersecurity at Microsoft, said during a June conference hosted by the Woodrow Wilson Center, a Washington, D.C.-based think tank.

One private solution is a set of common guidelines developed by the IEEE Standards Association, an industry trade organization. The trade association's voluntary standards is evidence of a fear of government regulation that the private sector is openly hostile to. During the June event, the idea of government regulation of smart devices was laughed at by private sector officials in the room. But that laughter may have been premature.

In September 2018, California Governor Jerry Brown approved a bill that requires companies to install connected devices with “a reasonable security feature” protecting it against unauthorized access. The bill means that the periodic table of disruptive technologies may eventually be impacted by a modicum of public regulation, although it is not clear if that will be effective.

Not making it any easier is that no amount of planning can compensate for every technological innovation. For example, when it comes to the most disruptive future technology, the chart is secretive. In position 100, predicted to be the most innovative idea, the chart says it is too dangerous to publish. “We can't talk about this one,” it reads.

In this instance, however, a potential security risk is averted. When asked if this technology is the one that will literally “break the internet,” Watson is forced to make a confession: “It's a joke. It's just us dodging the ball because we couldn't think of what to put there.”

https://www.fifthdomain.com/industry/2018/11/20/disruptive-technologies-show-why-government-needs-data-security-standards-now/

Sur le même sujet

  • Senate panel OKs $6 billion military fund to confront China

    12 juin 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    Senate panel OKs $6 billion military fund to confront China

    By: Joe Gould WASHINGTON ― Plans for a Senate-crafted version of the Pacific Deterrence Initiative, a new military fund to boost deterrence against China in the Pacific, is one step closer to becoming law. The Senate Armed Services Committee has approved nearly $6 billion for the fund in its version of the annual defense policy bill, the panel announced Thursday. It authorizes $1.4 billion in fiscal 2021, which would be $188.6 million above the administration's budget request, and $5.5 billion for fiscal 2022. The bill also directs the defense secretary to create a spending plan for all of the funds. “The best way to protect U.S. security and prosperity in Asia is to maintain a credible balance of military power, but, after years of underfunding, America's ability to do so is at risk,” the committee's summary stated. “The FY21 [National Defense Authorization Act] establishes the Pacific Deterrence Initiative (PDI) to send a strong signal to the Chinese Communist Party that America is deeply committed to defending our interests in the Indo-Pacific. “PDI will enhance budgetary transparency and oversight, focus resources on key military capability gaps, reassure U.S. allies and partners, and bolster the credibility of American deterrence in the Indo-Pacific.” Though not all details of the fund were immediately made public, SASC Chairman Jim Inhofe, R-Okla., and ranking member Jack Reed, D-R.I., previously said they would sponsor a measure to enable U.S. military operations in the region, beyond supporting new weapons platforms. Defense Secretary Mark Esper has said China is his department's top adversary, but said Congress has worked to sharpen the Pentagon's spending and focus in the region. The PDI would follow the form of the multiyear European Deterrence Initiative, which has consumed $22 billion since its inception after Russia annexed Crimea from Ukraine in 2014. Congress will have to internally negotiate the final dollar amount for PDI and what those funds would buy, but House Armed Services Committee Chairman Adam Smith, D-Wash., and ranking member Mac Thornberry, R-Texas, have expressed support for the idea. Though the Senate's approach differs, Thornberry has also proposed spending $6 billion―all in FY21―on priorities that include air and missile defense systems as well as new military construction in partner countries; Smith hasn't released his own plan. Once approved by the full Senate, its version of the NDAA would be reconciled with the House's version, which the HASC is expected to make public late this month before it goes through markup July 1 and advances to the House floor. With an eye on China beyond the PDI, the SASC bill also encourages the Air Force to establish an operating location in the Indo-Pacific region for F-35A fighter jets and to allocate “sufficient resources and prioritize the protection of air bases that might be under attack from current or emerging cruise missiles and advanced hypersonic missiles, specifically from China." There are also a number of provisions aimed at safeguarding America's technology and industrial base from Chinese intellectual property theft and “economic aggression,” according to the summary. The bill would also require reports from the Pentagon on how to mitigate the risks from vendors like Chinese telecom firms Huawei and ZTE when basing U.S. troops overseas. The SASC summary said its proposed PDI would: Increase lethality of the joint force in the Pacific, including by improving active and passive defense against theater cruise, ballistic and hypersonic missiles for bases, operating locations and other critical infrastructure. Enhance the design and posture of the joint force in the Indo-Pacific region by transitioning from large, centralized and unhardened infrastructure to smaller, dispersed, resilient and adaptive basing; increasing the number of capabilities of expeditionary airfields and ports; enhancing pre-positioning of forward stocks of fuel, munitions, equipment and materiel; and improving distributed logistics and maintenance capabilities in the region to ensure the sustainment of logistics under persistent multidomain attack. Strengthen alliances and partnerships to increase capabilities, improve interoperability and information sharing, and support information operations capabilities with a focus on countering malign influence. https://www.defensenews.com/congress/2020/06/11/senate-panel-oks-6-billion-military-fund-to-confront-china/

  • Contracts for June 29, 2021

    30 juin 2021 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    Contracts for June 29, 2021

    Today

  • Malaysia adds funds to troubled littoral combat ship program

    30 mai 2023 | International, Naval

    Malaysia adds funds to troubled littoral combat ship program

    Malaysia has reduced the number of ships it will receive under a revised contract, from six to five.

Toutes les nouvelles