Security researcher Troy Hunt recently discovered one of the largest online troves of leaked personal information in history — a collection of nearly 773 million hacked emails and passwords.
Hunt’s discovery stresses a point: Once information is digitized, no one can fully guarantee its safety.
So how do we fix our cybersecurity troubles? In two words: Slow down. The time has come to more purposefully control what we digitize. This means slowing down the pace of adoption of networked technology with new laws and standards aimed at increasing the quality and reliability of any device with an IP address. And it means carefully preserving analog capabilities, even as we embrace the digital.
No technology in human history has been adopted as fast as the internet. Slowing down this rate of adoption — by implementing new laws and standards and by ensuring that analog alternatives to select technologies are preserved — is the best way to insert a sustainable level of security into our increasingly complex cyber environment.
The burden of regaining control of our cybersecurity environment falls on governments, companies and individuals alike. To start with, laws must mandate that any system with network connectivity either have a finite lifetime or accept updates.
Second, liability for cybersecurity flaws must be made clear, and software makers whose code causes glitches must be held to account, just like producers of other consumer or industrial products.
Last, governments and organizations must ensure that analog counterparts to digital capabilities are preserved even as we embrace new technologies. In almost all cases, software mechanisms have “common mode” failure paths between them, meaning if one service fails, the others do too. Existing analog services, on the other hand, in almost all cases, do not.
The widespread use of networked devices has created enormous benefits. We must not turn back the clock on these advancements. Nor can we.
But when we embrace new technologies too quickly, as we have with internet-connected devices, we can all too easily overlook the trade-offs we’ve made. Over the past decade, we’ve collectively chosen connectivity and convenience over security and privacy. That trade-off need not be permanent. The choice is still ours to make.