Page 5 - Cyber Warnings August 2017
P. 5
THE PRIVACY IMPERATIVE
WITHOUT STRONG PRIVACY, CYBER SECURITY IS A COMPLETE FARSE
By Gary Miliefsky, Executive Producer
It’s 2017, Defcon and BlackHat conferences just took place this summer, in Las Vegas, NV.
BlackHat had over 15,000 attendees and some of the most innovative cyber security companies
the world has ever seen. So far. Meanwhile, just down the road at DefCon, hosted in Caesar’s
Palace, their team recommended you bring 6 Terrabytes of Hard Drives for them to fill with all
the best of DefCon over the years – presentations, hacking tools and so much more. You’re
hearing on one hand from infosec vendors that they all have a solution to ‘secure your network’
or ‘protect confidential data’ and on the other, you’re watching hackers play ‘capture the flag’
and break into very secure networks and equipment, exploiting known and barely known
vulnerabilities. You are living in an illusion that any of these cyber security products will actually
protect the data. Most of the infosec vendors you’ll meet won’t talk with you at all about strong
privacy. Read on and I’ll prove to you why without it, cyber security is a complete farse.
It’s 1949, George Orwell just published his dystopian novel “1984,” he warned of a future world
in which “Big Brother is Watching You”…Back to today - as the Snowden scandal and other
CIA, NSA and FBI revelations have revealed government surveillance is omnipresent, covert
and practiced on a global scale that Orwell might never have imagined.
It’s 1984, Apple Computer aired its historic TV commercial concluding that with the introduction
of the Macintosh “you’ll see why 1984 won’t be like “1984”. Ironically, 33 years later, while Macs
and other personal computers gave birth to the knowledge revolution that transformed how
information is created and shared worldwide, in many ways…if you don’t understand why 2017
is “1984” you will never be able to understand why governments and hackers continue to have
access to private information, nearly whenever they want it.
When we think about strong privacy, as infosec professionals, we usually think about best
practices in key management, encrypting customer records and complying with government
regulations to guard this private information under HIPAA/HITECH or GLBA or the EU GDPR,
for example. But have we stopped to think about and even cross correlate how strong privacy
should permeate more than just customer records? What about your personal privacy? What
about your telephone conversations, your emails, what you had for lunch today, where you
travel each day, what web sites you visit, who your close friends are and even what you chose
to do in your own home, even your bedroom?
By convenience, the internet has fostered a technological revolution the likes of which we have
not seen in centuries. Humanity is that much closer but at the same time, there are dark forces
using all of these interconnections to collect massive amounts of data, in real-time, all the time
on all of us. From the SmartTV’s with built-in microphones and internet access over wifi,
whereby their own privacy policy that you didn’t take time to read, clearly states that someone
aka “the manufacturer” is listening in on you, in your own living room or bedroom.
We have to start talking about strong privacy and why it is good through the entire product
lifecycle and inherently needed in the sourcing of hardware and software that make the internet
work, in our PCs, smartphones, IoT gear – in everything we use.
5 Cyber Warnings E-Magazine – August 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide.
