WikiLeaks Will Catalyze a Huge Data Security Backlash
Patty's Pioneers' Predictions for 2011
WikiLeaks Causes Info Security Backlash: Government and corporate reactions to WikiLeaks’ disclosures will spur innovation and spending on information security in 2011. At the same time, over-reaction will lead to a draconian (and probably unhealthy) clamp down on the free sharing of information via the Web.
It is reasonable to assume that the lapse in security that allowed U.S. government documents to be released by WikiLeaks has resulted in a review of government security systems unlike any seen before. The ensuing demand for change will be immense and implemented with the highest priority.
But that is just the beginning. To date the U.S. government has been the focus of WikiLeaks activities; the anticipated release of banking emails and other commercial information will create an equally great focus on corporate security. There will be many responses to this information should it be released; some Banks are already reviewing their risks. These reviews will be managed at the highest levels of corporate governance with the same effect as within government; a demand for change implemented with the highest priority.
GOVERNMENT AND CORPORATE DEMAND FOR BETTER SECURITY SOLUTIONS
The result will be demands for greater security from the IT supplier value chain. This will result in the supply side of the IT industry moving to innovate at a rapid pace to take advantage of it.
This will create its own demand. The IT supply side is nimble and knows what to do. New practices in tech firms and consulting firms will spring up to specialize to meet the demand for reviews, new projects, and change management processes, and, as it reaches scale, it will perpetuate change.
Data Security Concerns Coincide with Consolidation of Networks
The combination of aggrieved governments, aggrieved corporations, and their aggrieved shareholders, spurred along by an eager industry, must inevitably unleash a "righteous" (and, let’s not forget, profitable) battle against the perils of "too much" information freedom.
A diverse, deep market would mitigate the risk of corporate and government change. However consider the following:
All countries have a small number of telcos, a small number of banks or bank networks, increased cross border information flows post 9/11, and a frighteningly shrinking number of Web utility companies controlling social information flows. Facebook is now the world’s email and Web hosting system (no one has a Web page now, they have a Facebook page). Google is the single Web portal that is used as the first step to every other step on the Web. Hardware/software is now largely controlled by three companies: Apple, Microsoft, and Intel. The payment systems are controlled by three credit card companies and PayPal. The Google and Amazon clouds cover the lion’s share of emerging cloud services. And network companies such as Cisco have been building the technology that provides the great firewall of China.
It is not hard to change the Web today. Change driven by government and corporate governance in a handful of companies can change the Web for all of us. My contention is that these will be the big changes of 2011.
VICTIM: FREEDOM OF THE WEB AND FREEDOM OF INFORMATION
The collateral damage will be freedom on the Web.
What you can’t measure you can’t manage. If you manage something by definition you need to be organized to take action. And if you want to take action, you have to take it against those that are deemed accountable. Identity, measurement, judgment, enforcement; I cannot believe that you can simultaneously increase the need for these without reducing the freedom to use, the freedom to access, and the freedom to publish information on the Web.
The common view of the Web has been that is a tool of freedom that works against tyranny. Hillary Clinton, Secretary of State, said less than 12 months ago:
“Now, in many respects, information has never been so free. There are more ways to spread more ideas to more people than at any moment in history. And even in authoritarian countries, information networks are helping people discover new facts and making governments more accountable.”
~ Hillary Clinton, U.S. Secretary of State, January 21, 2010
But how free is the Web if you discover new facts and propose to make government more accountable? Consider what has already occurred with WikiLeaks. We are all entitled to an opinion; however the law is there to ensure that a fair process tests the facts. WikiLeaks is an organization that, at this time, has not been charged with a crime and is outside the U.S. jurisdiction.
Yet WikiLeaks has been defined as a threat to U.S. interests. The natural, reflexive, & unthinking response to the perceived threat is to shut it down. However the processes of law are supposed to check this reflex and enforce a reasonable process. Yet, within days, the WikiLeaks DNS records were removed, the Web hosting service evicted the company, and the payment companies ensured that it cannot receive funds for its legal defense fund raising activities.
Time will tell if laws were broken; however, it is apparent that the freedom of WikiLeaks and its presence on the Web can be curtailed by government and corporations without any process. In the same way the Military-Industrial Complex emerged in the post war years, it seems that a “Military-Information Complex” of government and industry working hand in glove may have organically emerged as a result of the War on Terror.
So it is now likely that all of us, as customers, employees, and citizens, will be assumed to be sources of risk that need to be controlled. The inevitable outcome will be greater exercise of government and corporate control over the Internet so as to reduce their security threats; however and whatever is defined by their internal, unscrutinized processes as being a threat. Governments and Corporations will exercise their power to mitigate these threats; their structure demands it. See The New York Times Editorial, Banks and WikiLeaks, published on December 25, 2010.
Arbitrary or unrestrained exercise of power: the very definition of tyranny. This is the great threat of 2011.
Initial Response: Public Apathy
However, the average person will not understand enough to care. The arguments are effete, subtle, intellectual, liberal, and ephemeral; control plays well to nationalism, conservatism, and profit. If you don’t break the law, what do you have to fear?
Well, a compliant, self-limiting society that internalizes the need for control and scrutiny and doesn’t have the tools to find out what it doesn’t know; that's what I fear.
OUTCOMES FOR 2011
I believe it is inevitable that 2011 will herald the beginning of major change for freedom on the Web.
Some of these changes will come to fruition in 2011; others will germinate and not be noticed. Few, if any, will arrive with fanfare. And most will only be identified in hindsight. However, I would predict/suggest:
- Does your target customer base use smartphones? (Apple iPhones, RIM Blackberries, Google Android phones, or other phones with enough screen real estate, memory, and computing power that lets them run applications).
- A massive capital investment in information security causing a significant stimulus to the IT industry. Spend will increase on security related infrastructure and services. The IT industry is great at selling bogey men; remember Y2K? There is a risk that feature/product/service development may slowly get subverted to the demand for security-related infrastructure spend.
- There will be much consternation and discussion about how to manage and control employee behavior on the Web. Do you have thousands of team members or thousands of potential leakers? Particular focus will be on the demand for, but risk of, social media in the corporate world. Non-corporate means of communication continue to increase in popularity and will possibly overtake traditional corporate email. I expect Facebook to step up with tools to meet corporate governance needs.
- Expect Google to start to play in the corporate information control space as well. To manage its corporate and government stakeholders, they will need to balance user freedoms with demand for user information on their platform. This means they cannot be trusted as a custodian of personal data, and the discussions about this will grow over 2011. WikiLeaks is a threat to their Cloud business model.
- The Apple walled garden approach to applications will become de rigueur. Microsoft will have to respond; they may re-engineer around the approach of trusted applications within their Office suite.
- Watch with interest the Apple cloud; it could rapidly become another major information flow consolidator like Google and Facebook. This would put Apple under the same spotlight as Google; but wait and see as they are iconoclasts and will not provide derivative services.
- Intel is a winner with their recent McAfee acquisition; with the benefit of hindsight, they are geniuses and/or just plain lucky. But this is a risk to freedom if PC hardware is increasingly controlled like a phone network (funnily enough; as already implemented by Apple).
- There will be an increasing radicalization of the fringe, cyber hippie, cyber punk, hacker, and open source communities. Push back to change will come from there; but it is and will continue to be discredited. However, expect it to become more vocal, and the press may start to see through the hippie facade so as to learn about the issues. As with Assange, expect other erudite spokespeople to emerge and challenge.
- The hacker community, based on the true hacker ethic (there are no black hats or white hats; all organizational models are flawed, the pursuit of freedom, the virtue of openness), will look to increase alternative options.
- Expect a larger focus on device jail breaking to provide freedom from network control implemented via device control, technology to improve anonymity, and an increased cacophony/education amongst those in the know about personal information security.
- Ironically, in an attempt to cash in on the message, expect popular culture to embrace the hacker ethic like it did the geek culture during the dot com years. I can’t wait for the South Park WikiLeaks episode!
- Being Anonymous may become fashionable; “the new black” in 2011.
- I half expect a non-corporate, unofficial network infrastructure to start to emerge somehow. Whether it is community wireless networking or some other approach, I am not sure. However some big, disaffected brains will be thinking about how to create a third wave of electronic freedom.
Bottom line, it will be an interesting year.
LINKS TO:
Hillary Clinton’s Remarks on Internet Freedom
Published January 21, 2010
http://www.state.gov/secretary/rm/2010/01/135519.htm
Banks and WikiLeaks
http://www.nytimes.com/2010/12/26/opinion/26sun3.html
Facing WikiLeaks Threat, Bank Plays Defense
Published: January 3, 2011
http://dealbook.nytimes.com/2011/01/03/facing-WikiLeaks-threat-bank-plays-defense/?scp=2&sq= WikiLeaks&st=cse
Sign in to download the full article
0 comments
Be the first one to comment.