Cybersecurity: World wide problem, individual responsibility

Internet connectivity touches all aspect of our lives, from our computers and smartphones to our infrastructure and home appliances. With such a vast network, cybersecurity is essential. Mary Ellen Callahan, a cybersecurity expert, spoke at the final Madison Vision Series of the academic year about cybersecurity and the role we play in it.

Although the definition of cybersecurity can be elusive, Callahan describes it as “the network of networks,” covering all of the connectivity points among devices around the world. Four years ago, there were the same number of connected devices as there were people in the world, 7 billion. By 2020, the number of connectivity points worldwide is projected to be 45-60 billion.

“Cybersecurity is protecting an ecosystem, protecting the entire environment,” Callahan said. “So if we are in a network of networks, and it is a worldwide network, then that also means that the whole world is a network.”

In an ecosystem with billions of connectivity points, Callahan said we face six main threats: 

• Hacktivists: Someone who is actively taking information for political or personal use and has an agenda
• Crime: An individual or group who uses technology to steal information and make money in any way possible
• Insider: Someone who has the trust of an organization and who takes information to exploit it for political or personal gain
• Espionage: Nation-state actors who are gathering information over the long term to use if needed
• Terrorism: People who take risks to cause distraction and harm
• Warfare: Cyberattacks by one country on another

Not only are these threats a concern for the ecosystem, Callahan claims, but we also need to worry about ourselves. The internet is intentionally decentralized, which makes it beneficial for communication and redundancy, but not so great when it comes to security. The ecosystem as a whole is not policed; each organization is responsible for protecting themselves with a chief privacy officer, informational technology staff or software. 

“I have been working in cybersecurity since 1998, and the internet has been commercialized since 1993. If something is still the wild wild West when it is old enough to drink and vote, then we need to find a new description of it." –Mary Ellen Callahan

Within all of these connections and groups, a network is only as strong as its weakest link. When a bug is planted in one type of system, like a power plant, it can infect other power plants connected to the network. An organization’s people, technology and process can also make it vulnerable to threats. Being too confident in your security system, not keeping track of third-party vendors or having a system that has too many connected devices talking to one other can cause harm or shut down an entire organization.

The internet is no longer the “wild wild West,” Callahan claims. “I have been working in cybersecurity since 1998, and the internet has been commercialized since 1993. If something is still the wild wild West when it is old enough to drink and vote, then we need to find a new description of it.”

Just as public pressure and government regulations forced auto manufacturers to add security features on cars, Callahan says we must demand that cybersecurity be embedded into our devices and connectivity points — especially those points we don’t always think about.

If we remain idle, or only look to protect our own individual interests, then the internet will turn into “a tragedy of the commons,” Callahan said. We must be motivated, she said, and ask ourselves what we can do to stay secure and protect our global, public resource.