More Related Content More from Dataconomy Media (20) "Whose Risk Is It Anyway? The Internet, Big Data and the Tragedy of the Security Commons", Jon Geater, CTO at Thales e-Security1. www.thales-esecurity.com
Whose Risk Is It Anyway?
The Internet, Big Data, and the Tragedy of the Security Commons
JON GEATER, CHIEF TECHNOLOGY OFFICER
DATA NATIVES BERLIN, 19TH NOVEMBER 2015
2. 2
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Tragedy of the
Commons
3. 3
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Tragedy of the Commons
▌ Economic essay from 1833,
turned into an article for the
journal Science in 1968
▌ Concerns the effects of self-
interested individuals
making use of shared (or
‘common’) resources – such
as grazing livestock on
common land
▌ Deals with separating those
issues that can be solved
with technology and those
issues that cannot
Creative Commons / Ximénez
4. 4
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What’s that got to do
with Data?
5. 5
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
▌ Digital Natives: people who grew up with computers and CE products all
around them, implicitly understand them and expect them to be
intimately woven into their lives
▌ Data natives – people who grew up with the Internet and always-on
connectivity, sharing and data driven systems. They implicitly understand
data and information as separate things to the machines that process
them
▌ To a Data Native, data is a real thing, no different to a rock or a bird
Data Natives
6. 6
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
▌ Digital Natives: people who grew up with computers and CE products all
around them, implicitly understand them and expect them to be
intimately woven into their lives
▌ Data natives – people who grew up with the Internet and always-on
connectivity, sharing and data driven systems. They implicitly understand
data and information as separate things to the machines that process
them
▌ To a Data Native, data is a real thing, no different to a rock or a bird
▌ In tomorrow’s hyper-connected, hyper-efficient world, data really IS a real
thing. It will drive our power, our communications and our transport
networks. Every aspect of life will come down to data
Data Natives
7. 7
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
It’s in the programme
8. 8
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
It’s in the programme
9. 9
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
It’s in the programme
Can we trust people to pursue that opportunity
responsibly?
Can people be trusted to
pursue this opportunity
responsibly?
10. 10
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where have we been?
▌ The Good
Some people do get things right
▌ The Bad
Many people get things wrong by accident
▌ The Ugly
And some people get things wrong on purpose
Over-active ad networks, Superfish, backdoors…
11. 11
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where have we been? Target
▌ TARGET BREACH
Not to pick on Target:
they’re just the most recent
example of many
No mater how careful you
are with your own security,
a back end leak can sour
the whole pot
Any time data moves from
the custody of one entity
to another for profit, there’s
a potential common harm
Target.com / FairUse
12. 12
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where have we been? Look at our track record
theregister.co.uk / Fair Use
13. 13
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where are we going?
© Thales
14. 14
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where are we going?
▌ Smart energy
▌ Smart cities
▌ Connected car
▌ Wearables
▌ Assisted living
▌ Citizen databases
▌ Ubiquitous entertainment
15. 15
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Where are we going?
▌ Smart energy
▌ Smart cities
▌ Connected car
▌ Wearables
▌ Assisted living
▌ Citizen databases
▌ Ubiquitous entertainment
Today’s IoT is still largely
trinkets, toys. Optional.
But tomorrow’s IoT will be
unavoidable.
16. 16
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
People are starting to get worried about this…
Wikimedia commons / Markus Kuhn
17. 17
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
People are starting to get worried about this…
Wikimedia commons / Markus Kuhn
18. 18
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What are the
commons in Big Data
and IoT?
19. 19
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
▌ Some are known:
Communication networks – exploiting available bandwidth
Identity – Theft, abuse, loss of privacy – all contribute to polluting the fabric of
society
Running costs – fixing problems in the field costs much more than designing in a
strong system to begin with
Open Source software – Everybody’s taking but who’s giving back? Shell Shock,
Heartbleed, …
▌ Others will develop as time goes on:
“Computer says no” is a lot more serious when your life – much more than your
credit score – is run by algorithms that you can’t challenge
What are the commons in the Internet, Big Data and IoT?
20. 20
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What will happen if
we do nothing?
21. 21
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What will happen if we do nothing?
© Thales
“It’s somebody else’s problem”
22. 22
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What will happen if we do nothing?
© Thales
23. 23
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
What can Data
Natives do about this?
24. 24
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
Examine the data
▌ Examine the data, and
remember it is YOURS
▌ Build in resiliancy to social
algorithms. Trust the data:
Trust but Verify
▌ Support products and
developments that treat
security and privacy as first-
order goals
▌ Take a long term view.
Devices can change, but
data is forever
© Thales
25. 25
OPENThis document may not be reproduced, modified, adapted, published,
translated, in any way, in whole or in part or disclosed to a third party
without the prior written consent of Thales - © Thales 2014 All rights reserved.
THANK YOU