WE’RE ALL IN THIS NOW

by Alex Blau

The internet was once just an idea in someone’s head. A seemingly unfathomable future where everything and everyone would be connected, and where uninhibited flows of data and information would enable unprecedented advancements in communication, health care, transportation, automation, and commerce. And there would be robots, of course. The world in which we live today is not that far off from the imaginings of those futurists, and because of these technologies the ways in which firms and governments operate have fundamentally changed. Embedded in these cyberpunk dreams were prescient warnings about the potential risks inherent to our interconnected world. Hackers, advanced artificial intelligence, and bad actors in the form of governments and megacorporations posed significant threats to the goings-on of everyday life. Even the most shining cyber utopia can have a sinister underworld.

Today, in our real world, the same technologies that brought so much good have created new and ever-shifting cybersecurity consequences for individuals, firms, and governments. These consequences range from the annoying task of coming up with new and complicated passwords following yet another data breach, to the uncomfortably real risks of a foreign adversary turning off streetlights, shutting down water treatment plants, or even taking over military infrastructure.

While managing risk has historically been assigned to experts and technicians, cybersecurity can no longer be delegated to a small set (or even a large team) of IT professionals. Instead, all of us leaders across all aspects of business operations and government need to understand how cybersecurity plays into our roles and responsibilities, and to keep up with the fluid nature of cybersecurity risks. Cybersecurity will help non-experts quickly gain a foundational understanding of the cybersecurity domain. This book covers a number of critical topics that will aid any reader in becoming conversant in current and future cybersecurity issues relevant to your role, organization, and industry, and in understanding how you are both part of your organization’s security problem as well as a key player in identifying and managing solutions.

In more and more industries, the gathering of data and digital information on nearly everything, especially customers, is at the center of business operations and strategy. But while petabytes of data can improve operational efficiency and open new opportunities, those larger amounts of data also expose individuals and firms to potential losses. Cyberattacks and data breaches are commonplace, increasing in volume, and becoming costlier by the year. Despite our growing capabilities to thwart most attacks through improvements to security technology and cyber hygiene, targeted breaches have not declined. We need to revise our expectations about our ability to mitigate these risks and accept that breaches are all but inevitable. As customer data becomes more valuable to hackers, and as governments enact regulations that penalize firms for customer data breaches and loss, nearly all firms that have an internet presence and collect information from their customers face increased risks—it’s not just about banks and financial service organizations anymore.

This new paradigm requires a different way of thinking, and this book is designed to help non-technical leaders, including executives, board members, and managers in roles ranging from design and marketing, to human resources and accounting, get up to speed on the current state of the field. Cybersecurity introduces the basics while going deeper into a set of topics including board and executive involvement, investment and decision making in cybersecurity; the importance of addressing human factors in cybersecurity and why all team members need to play a role; communications and response best practices in the wake of data breaches; active defense and the ethics of “hacking back”; the emerging value of privacy in cybersecurity; cybersecurity considerations for international trade; and the future of artificial intelligence in cybersecurity. These selected articles will help you understand who to consult on critical issues, keep up with your competitors and colleagues, recognize the potential impact for your team, organization, and industry, and think through how your organization will need to evolve to keep up with cybersecurity trends in the future.

This book represents just the beginning. Cybersecurity is still a relatively new field, and one that will continue to shift dynamically with changes to the nascent regulatory environment and as new technologies are developed and advancements occur. Some of these changes will be for the benefit of society at large. For instance, regulations such as the European Union’s General Data Protection Regulation (GDPR) have already begun to incentivize firms to take greater precautions and care with customer data, and disincentivize business models that rely on the sale of such data to third parties. However, other changes, such as advancements in artificial intelligence and quantum computing, will pose new and potentially existential threats to businesses and governments that could make our current and best cybersecurity efforts obsolete. Understanding these new risks and opportunities will be critical to the success of firms in the future, as well as the protection of people and society broadly.

The field of cybersecurity isn’t just for techno-futurists and digital natives. We’ve all been brought into this futuristic present whether we like it or not. If we, the global community, have any hope of avoiding a techno-catastrophe and ultimately realizing the great potential of what we’ve created, each and every one of us needs to recognize that we’re all in this together now. We all have a part to play.