Cybersecurity expert Schneier warns of deficit in security policy for Internet of Things

(June 13th, 2016) The news service V3 reports that international cybersecurity expert Bruce Schneier warned that governments lack the expertise to, as V3 paraphrased him, “define security policy when it comes to the rapidly growing Internet of Things.’’

bruce-schneier-cryptography-580x358

The Boston Global Forum honored Mr. Schneier last Dec. 12 as a “’Business Leader in Cybesecurity for dedicating his career to the betterment of technology, security and privacy’’ in the Internet.’’ The security technologist is also a member of the Infosecurity Europe Hall of Fame.

V3 reported that Mr. Schneier “explained that that governments approach topics such as the Internet of Things and cybersecurity without the technical knowledge to understand the challenges.’’

“A lack of relevant expertise is really going to hurt us. There is a fundamental mismatch between the way government works and the way technology work,” Mr. Schneier said.

In any case, he said: “I think that more government involvement in cybersecurity is inevitable simply because the systems are more real. I think we are going to see more cyberwar rhetoric, more cyberterrorism rhetoric, more calls for surveillance, more calls for use control, more trusting of the government.’’

V3 noted: “Concerns about Internet of Things security are becoming more pertinent because the threats posed to some connected devices have the potential to cause physical harm.’’

For the V3 story, hit this link.

Cyber-expert Schneier discusses need for ‘norms’ at second Online Dialogue to build the BGF-G7 Summit Initiative

(Feb. 12th, 2016) – On Feb. 11 at Harvard Kennedy School, The Boston Global Forum (BGF) held the second in series of online dialogues to build the BGF-G7 Summit Initiative. This session was with Bruce Schneier, fellow at the Berkman Center for Internet and Society at Harvard Law School, and the Chief Technology Officer at Resilient Systems. Schneier was honored as the Business leader in the Cybersecurity “for dedicating his career to the betterment of technology, security, privacy and Internet” in the Boston Global Forum’s Global Cybersecurity Day event which was held on December 12 at Harvard Faculty Club in Cambridge.

 Watch the live-streamed talk here:

Bruce Schneier, a celebrated international cyber-security and cryptology expert, writer and consultant, took part in a wide-ranging discussion on Feb. 11 on cyber-threats and the techniques and policies needed to prevent, or at least reduce, them in what he called the current “cyber arms race.’’ His talk was the second of 12 online dialogues as part of the BGF-G7 Summit Initiative to address cyber-security.

He compared the cyber arms race with the confusing early days of nuclear energy (about whose benefits many people were too optimistic), including the nuclear-arms race between the Soviet Union and the United States. The fact is, Mr. Schneier said, that the world still lacks legal and other “norms,’’ and real treaties, with which to limit cyber-aggression by nations and individual “bad actors.’’ Things are chaotic.

Thus, he emphasized the need to focus on cyber-defense, such as through “patching’’ security holes, to “disarm’’ a foe, rather than offense. The trouble with emphasizing offense, he said, is that, because everyone operates in basically the same “cyber-infrastructure,’’ attackers can expose their own information, making the attackers – be they individuals, businesses or governments — themselves vulnerable. He also noted that “the difference between attack and espionage is one command.’’

Gov Dukakis Feb 11

Photo: Governor Michael Dukakis, Chairman of Boston Global Forum moderated the talk.

Mr. Schneier spent considerable time discussing the China’s massive hacking of massive quantities of employee information from the U.S. Office of Personnel Management and the vulnerabilities we all have regarding our personal information being stolen and used for such things as blackmail. Once people steal, for example, your fingerprints from the Internet, they can have power over you for the rest of your life.

And, of course, he noted, Western companies such as Google and wireless firms, are, like governments, relentlessly collecting personal data on us and generally cooperating with governments in doing so. “There’s not a lot of regulation’’ of this, he said.

“Large businesses want to spy on you’’ to obtain the maximum amount of marketing information.

Mr. Schneier expressed considerable alarm about the dangers posed by the “Internet of Things,’’ in which the Internet, acting like the “hands, eyes, ears and feet’’ of a giant robot, can be used to attack public physical infrastructure, such as electric grids, and even individuals, such as through disabling car brakes and manipulating pacemakers.

Mr Nguyen Anh Tuan and Mr Schneier

Mr. Nguyen Anh Tuan, CEO of Boston Global Forum and Mr. Bruce Schneier in the talk.

Interestingly, Mr. Schneier, though primarily a technical person, said the best ways to improve cyber-security are for nations to have dialogues to set globally governmentally recognized norms on cyber-behavior and to establish new “social mechanisms’’ to keep us safe.

The answer to cyber-aggression is “political, not technical solutions,’’ he asserted.

The BGF’s continuing online dialogues on cyber-security will discuss possible social and political answers to these burgeoning threats in coming weeks.