Cybersecurity goes prime time at Davos

By Michael Fertik
January 26, 2011

DAVOS/- Michael Fertik is the founder and CEO of Reputation.com, an online privacy and reputation management company. He is a member of the World Economic Forum Agenda Council on Internet Security and recipient of the WEF Technology Pioneer 2011 Award. The opinions expressed are his own. -

The World Economic Forum (WEF) has named cybersecurity one of the top five risks in the world. In its Global Risks 2011 report, the WEF’s Risk Response Network nominated cybersecurity alongside planetary risks posed by demography, resource scarcity, trepidation about globalization, and, of course, WMDs. This is heady stuff. Cybersecurity has officially gone prime time. This week in Davos, I’ll be moderating and contributing to panel sessions on this topic.

The timing could not be more ripe. Right now we are witnessing the convergence of multiple seismic risks to data integrity. Social networks capture and mine ever larger amounts of data about humans and companies, opting users into increasingly invasive data collection with little or no notice. Apps operating on social networks and smartphones continually pull data streams about friends, families, personal connections, contacts, geo-location, behavior, preferences, tastes, and health habits — even when these data streams are unrelated to the stated purpose of the applications.

We’ve seen search sites mine public data, semi-public data, purchased information that was supposedly private, and even scraped or stolen data, and aggregate them together for sale and resale on the open web, claiming cover of current law. To date, the Internet economy has been nearly perfectly stacked against individuals’ control over their data. The proliferation of deep digital information about every individual on earth, along with the correlated explosion of its easy and unwitting accessibility by third parties, poses a “personal WikiLeaks” threat to each of us.

That brings us to Julian Assange’s WikiLeaks, which is itself the subject of at least one session at Davos this year. Reviled by some and relished by others, WikiLeaks represents either “radical transparency” or “radical invasion,” depending on your point of view. A large and growing raft of self-described “whistleblower safe harbors” pervade the Web, enabling and encouraging publication of confidential information that is difficult to authenticate as true or false. I suppose I was nonplussed by the bulk of the content published on WikiLeaks about American foreign policy — I think it’s fairly awesome that the United States is secretly saying pretty much the same exact things it says publicly.

But many people can agree that, when it comes to difficult questions of diplomacy, the ultimate resolution may be greatly benefited by the comfort of each party to talk freely within itself or with others when behind closed doors. The brilliant sunlight of transparency may be just the medicine needed to remedy a public lie, as in the case of the Pentagon Papers, but it may also turn from “transparency” to murkier “invasion” when it comes to secrets of hard-won technical innovation such as an automaker’s hybrid engine code base or a nation-state’s schematic for a particularly nasty weapon.

Indeed, states and non-state actors alike are taking note of the evident power of cyber tools to advance their often alarming aims. Cyber-warfare and cyber-terrorism are now the single most efficient ways to damage sworn enemies. Just as the most enterprising criminal networks have decided to abandon old-fashioned thuggery in favor of more profitable cyber crimes such as VAT fraud and identity theft, states and terrorists have taken to the Internet to realize the maximum possible benefits of asymmetrical warfare. A few smart people can infiltrate financial systems, transportation networks, energy grids, and key commercial installations to steal information, seize control of operating systems, or shut down critical infrastructure. Software engineers are now, pound for pound, the most valuable weapons in a military arsenal.

Two months ago, at the World Economic Forum’s Summit on the Global Agenda in Dubai, the Global Agenda Council on Internet Security — on which I serve — identified four major categories of risk to digital security in the foreseeable future.  These included: 1) privacy, 2) reputation, 3) malware, and 4) exfiltration (a.k.a. cyberwarfare and cyber espionage).  This week, leaders from business, policy, and civil society convene in Davos to continue the important work of identifying these risks and developing self-sustaining solutions. The WEF has correctly perceived the breathtaking range of failure points in an increasingly connected world. The work could not be more important. Or urgent.

Follow Fertik on Twitter: twitter.com/michaelfertik

(Photo: A logo of the World Economic Forum (WEF) sticks on a window as a private security man walks past at the congress centre in the Swiss mountain resort of Davos January 24, 2011. REUTERS/Arnd Wiegmann)

One comment

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/

[...] at the World Economic Forum, …In a Wikileaks Era, Balancing Public and PrivateNew York TimesCybersecurity goes prime time at DavosReuters Blogs (blog)all 1,540 news [...]

[...] Cyberwar foes prime time at Davos [...]

[...] Cyberwar foes prime time at Davos [...]

It is heartening to see this sort of open organizing going on in the face of new and evolving global threats. Regarding the four categories of digital security which you name, in particular numbers 3) malware, and 4) exfiltration (a.k.a.cyberwarfare and cyber espionage), we would like to suggest that attention be paid to Voice-over Internet Protocol (VoIP) which we believe to be a serious but as yet unrecognized vector for future security risks of worldwide proportions. Internet telephony is exposed to all the risks of the Internet. As the usage of VoIP expands, one of its greatest risks is that those of malicious intent will not only be able to disrupt our Internet communications, they will be able to shut down our telephone communications as well, leaving us with no effective means of communications at all. If this were to happen, and it very well could, segments of our economy, indeed our whole country would be paralyzed. This worrisome possibility elevates VoIP to one of the most critical cyber-security threats, and a top level Homeland Security risk.

Posted by JHerships2 | Report as abusive

[...] Global Risks Report 2011, January 11, 2011, World Economic Forum Michael Fertik,  Cybersecurity goes prime time at Davos, blog.reuters.com Tweet (No Ratings Yet)  Loading [...]