by Amitava Ghosh
For Jane Doe, the internet is her life. Her work involves being online all day. She does most of her bill payments and purchases, from groceries to clothing, online. The internet is where she builds and maintains relationships, finds her entertainment, reads the news, and researches her interests. She uses multiple devices including a laptop, tablet, and mobile phone to connect from various locations, over wired and wireless connections.
As she lives a highly traceable life on the internet, she expects a high level of security from the software on her devices. However, she reads news about security breaches all the time, and tries to stay informed about new threats so that she can update her security practices accordingly. So what are the security trends that she, and the organizations and businesses she frequents online, need to be aware of this year?
McAfee estimates that the likely annual cost to the global economy from cybercrime is more than US$445 billion, including both the gains to criminals and the costs to companies for recovery and defense. Attacks by cybercriminals will get more sophisticated and resourceful, and their stories more cunning and plausible. Instead of targeting individuals, they will increasingly target networks—both human and the Internet of Things—often with difficult-to-ascertain total losses. More alarmingly, global terrorists will increasingly use their internet expertise to recruit foot soldiers. These organizations will look to use unsuspecting non-sympathizers and their unsecured devices as instruments to further their media and other objectives. As the physical location of layers of application data recedes from Jane, so will her control over their security and potential abuse.
McAfee estimates that the likely annual cost to the global economy from cybercrime is more than US$445 billion.”
While her approach to defending the security of her information will remain mostly reactive, Jane will need to evolve into a skeptical, self-reliant digital person. She should adopt best practices to keep her passwords secret, different, and difficult to guess; expose minimal personal information on websites; and increasingly customize security settings in the various portals she frequents.
While the direct costs of cybercrime and cyberterrorism are clear, Jane will increasingly bear secondary costs. In the physical world, preboarding security checks are forever different after 9/11. The shopping mall attack in Nigeria has resulted in increased frisking at stores the world over. Public transit systems have increased security checks after they were targeted a few years ago.
Similarly, internet interactions may be suboptimal because of a few well-planned and devastating attacks, creating fear along with the exuberance elicited by powerful technology. We have come to accept multifactor authentications and user identification procedures in most transaction portals. These involve extra keystrokes and mouse clicks we would have avoided if some distributed denial of service and phishing attacks had not hurt early digital commerce adopters. As cyberattacks have increasing power and impact, the prohibitive measures we adopt to avoid them will cumulatively cost more in terms of convenience offered by the internet.
As activists use the power of the internet to mount more sophisticated political campaigns and foment protests against regimes, states will invoke stricter laws to gain control over the very freedom that the internet has come to signify.
As various portals and services are banned or voluntarily withdrawn in various jurisdictions, Jane may miss out on the benefits a truly free and connected world could have offered.
Jane may already be struggling to keep her identities consistent and passwords memorable as more and more services go online. In the near future, she will likely use an identity management application that will keep all her passwords stored and accessible with a click, and social media management tools that store identities and passwords for use across multiple sites and sessions.
These digital identity management portals will be prone to hacking, phishing, and denial of service attacks, and the risk may be too high for Jane. Increasingly, she will use biometric verification to maintain her digital privacy, and her quest for high availability, reliability, and scalability will take her to global leaders in each service. For businesses, this means most digital offerings will show an even more pronounced winner-takes-all network effect, and any service breach or compromise would be devastating for new customer acquisition.
As Jane becomes more affluent over time, she likely will be willing to pay more for her privacy. For example, if a site offers a free service that tracks her digital actions for future advertisements versus a paid service that guarantees no tracking, she may pay for the guaranteed unobtrusiveness. As user analytics pervade every sphere of digital life, the services earning the most subscription revenue may be the ones that voluntarily withhold intrusive intelligence capabilities.
New connectivity uses will continue to make Jane Doe’s life on the internet even more fun and convenient. However, in order to prepare for the coming trends affecting security and privacy on the internet, she, along with organizations operating online, will have to proactively prepare.
Photography by Shutterstock