Big Brother and Little Brother – On the future of cyber security

“Cyber security” is a broad term, encompassing a wide range of issues from password protection, personal integrity, data mining, corporate espionage – the list goes on. In a world that grows ever more digital, it becomes increasingly an issue of not just physical or digital security, but also of emotional and social factors. The digital world becomes increasingly integrated with the physical world in a variety of ways, most overtly through the “Internet of Things” – a network of smart devices ranging from cars to phones to doors, and when your possessions all communicate, it opens up a world of tremendous possibilities but also tremendous risks.

Biometric sensors, intelligent devices, and a new and faster mobile Internet through 5G platforms are all developments that will likely facilitate such a world. How will human society and culture be impacted by these technologies? What will we mean by “cyber security” in a future where the distinction between digital and physical is all but meaningless?

Already among us

In 2016 there were around 6.4 billion connected devices in active use around the world, an increase of 30% compared to the previous year. Sensors are expected to be the largest category of connected things by 2018, at that point surpassing mobile phones. The vast majority of connected things already communicate without a human being involved at all – whether they’re used in retail in the form of beacons and trackers, in shipping containers to monitor product safety, or in factories to minimize breakdowns and wastage. The next generation of mobile connectivity – 5G – is not yet a reality, but the technology exists in laboratories around the world, and there are numerous devices waiting for faster and more reliable Internet connections. This applies partly to the beacons, biosensors, and Bluetooth devices that gather data, but just as much to the self-learning algorithms and machines that process and interpret it. The Internet of Things is already a reality.

A battle of titans

There are giants waiting to fall as the Internet of Things sweeps in, and it remains to be seen which ones will stay standing. Legislation about data and information is presently one of the greater uncertainties – who will have the right to control the streams that flow from the connected devices back to their algorithmic overseers? Will it be private companies, the manufacturers and programmers of the devices, or will states and governments crack down on such frivolous exploitation of data? At present, it may be impossible to tell. On the one hand, companies grow ever more resourceful in collecting detailed and valuable data from consumers – on the other hand, there are examples of governments striking back. One prominent example is the GDPR legislation, put forth by the European Union, which severely limits ways in which private companies may gather, store, and sell data about private individuals.

Another uncertainty is which companies will survive the onslaught of new digital technologies enabled by the Internet of Things. If digitization has seen disruptive thus far, it is probably nothing compared to the radical changes brought about by cheaper, faster and smarter connected devices. Business leaders are overall well aware of this – in fact, most don’t expect their current business model to survive beyond five years, and even that may be optimistic. Read more about how companies might cope with digital disruption and the coming storm in the report The End of the Beginning.

Big opportunities, bigger questions

No matter who controls the digital devices – and the enormous quantity of data they collect – the result is a cyber security challenge of hitherto unseen proportions. The problems are manifold. More connected devices mean more points of entry for hackers and saboteurs, and their collective output enables massive distributed denial of service (DDoS) attacks against sensitive targets. In addition, there are obvious questions of integrity and privacy, for whether it is businesses or governments managing personal data they will be able to learn more details about their customers or citizens than even by the most feverish dictator or director of the board could have dreamed before.

It’s not impossible citizens might take information back into their own hands. Numerous examples exist of services that in various ways facilitate privacy even in a connected world. A significant portion of Internet users state that they’d be willing to pay more for their activities online, provided the data collection about them was limited, and consequently there’s a growing market for privacy services. Additionally, there are new technological developments on the horizon that may not depend on a middleman at all – such as the block chain, which allows true peer-to-peer sharing of information, money, contracts and agreements. If the block chain infrastructure becomes commonplace, cyber security might look very different both for companies and individuals in five to ten years.

…but Swedes are optimistic

It seems clear that while ordinary people – at least in Sweden – do have concerns about their own safety and privacy online, their concerns are to a far greater degree related to hackers and criminals than to businesses and organizations. Most Swedes are aware that large international corporations such as Google and Facebook collect great amounts of data about them, and while they do not trust these actors to any great extent, seem willing to let the development continue. When asked about a future world with more connected and smart devices, the majority of respondents thought of it as modern and convenient, and only to a much smaller degree frightening or unsafe.  

A truly connected world

It is likely the coming Internet of Things will place a greater demand on individuals to have basic “cyber security literacy”, that is, an understanding of which behaviors are safe or unsafe, and how to manage their own data. This will create a market for cyber security products and services, wherein data is regulated and restricted by different actors who make a living managing, handling and selling information – unless this role is automated and taken up by the block chain or a similar technology. Likely, staying anonymous in such a world will be costly either in terms of time and effort or in money. Efficiency will be increased in most traditional industries as humans and machines can work more closely together, and more effectively.

Fundamentally, the Internet of Things is infrastructure, and like all infrastructure, it will establish an ecosystem and eventually fade into the background. At that point, humans will have become dependent on the smart and connected devices, thinking no more of them than we today think of electricity or running water. Such a dependency creates vulnerability, and we will become forced to place more trust in complex systems managed by increasingly anonymous and unknown actors or groups of people. In such a world, cyber security will cease to be a meaningful word – as trust in smart technology becomes as vital as trust in governments, traffic laws and people on the street.

Big Brother might not see you – but someone will. Who knows? In time, the Internet of Things might even know you better than you do.

This article is based on a report produced for the members of the network Kairos Future Club, read more about membership here.

By Rikard Molander