The theme for the World Economic Forum’s annual summit in Davos this year is “Mastering the Fourth Industrial Revolution.” This new revolution in our lives is driven by “a ubiquitous and mobile internet, smaller, cheaper and more powerful sensors, as well as artificial intelligence and machine learning,” and is made up of “billions of connected devices around the world connect(ing) people, homes, transport, manufacturing and logistics enabling us to optimize assets, manage supply chains and improve quality of life.” This is an especially relevant topic today, especially as innovation is powering not just our economies but a new understanding of “the very essence of human nature.”
An often-overlooked fact about this new industrial revolution is that this innovation relies on the trust that we, as users, put into it. Every week another major data breach exposing customer information is discovered, highlighting fears about the new challenges of the digital age. This fear undermines our trust by giving the impression that the technological foundation on which we are building our future of smart homes, self-driving cars, and the new global, digital economy may have deeper structural flaws. Ignoring these flaws diminishes trust in our digital infrastructure and poses an existential threat to the Fourth Industrial Revolution, crippling what drives this new fast-paced and interconnected world.
At the heart of the cybersecurity battle is a mathematical problem. The cost and computing power required for cybercriminals and adversaries to launch sophisticated attacks decreases every day. In the face of this onslaught, and despite the countless innovations we have today, the defender is generally relying on decades-old security technology, often cobbled together in multiple layers of point products, to protect users, data and applications. Unfortunately, humans facing off against machines have little to no advantage, and recruiting talent with advanced cyber expertise is increasingly hard to do. There is also a fundamental, yet flawed belief that our only option is to detect and chase our data after a breach when it’s already too late. To change the current thinking and futile cycle of responding to breaches after the fact, we must shift our focus and be innovative about how we can prevent “successful” breaches. If our only response is to clean up after breaches have occurred, the attackers continue to win.
To achieve this, we have to gain cost leverage in the cyber battle by increasing the difficulty of attacks at every point in their lifecycle through next-generation technology, faster intelligence and human coordination, and smarter public policy. The conversation in security must elevate beyond just a technology arms race to a discussion on how we, as a global community, plan to secure our digital realm.
Therefore, let’s look at Davos as an opportunity to talk about how, by adopting a prevention-first mindset in security, we as a community shift the tide against cyberattacks. Many governments, including the Unites States and those within the European Union, have also recently taken action on new policies to start this discussion, raising questions about the balance of privacy versus security. I believe that focusing this important conversation around prevention can help us to understand that security can support privacy, if done correctly and transparently.
With cybersecurity critical for the Fourth Industrial Revolution, it’s essential that we realize how, by working together to decrease successful attacks and taking away bad actors’ incentives, we can eventually stem the tide of data breaches and loss of personal information. This should be our focus and our ultimate goal as we come together to help secure the trust in the foundations of our IT infrastructure and protect our digital way of life.