The digital and physical worlds are on an irreversible collision course. By 2022, organizations will be plunged into crisis as ruthless attackers exploit weaknesses in immature technologies and take advantage of an unprepared workforce. At the same time, natural forces will ravage infrastructure. By Steve Durbin, Managing Director ( Pictured ) of Information Security Forum (www.securityforum.org )
Over the coming years organizations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industrial and consumer markets, creating an increasingly turbulent and unpredictable security environment. The requirement for a flexible approach to security and resilience will be crucial as a hybrid threat environment emerges.
The impact of threats will be felt on an unprecedented scale as ageing and neglected infrastructure is attacked, with services substantially disrupted due to vulnerabilities in the underlying technology. Mismanagement of connected assets will provide attackers with opportunities to exploit organizations. A failure to understand the next generation of workers, the concerns of consumers and the risk posed by deceptive technology will erode the trust between organizations, consumers and investors. As a result, the need for a digital code of ethics will arise in order to protect brand reputation and profitability.
Organizations will have to adapt quickly to survive when digital and physical worlds collide. Those that don’t will find themselves exposed to threats that will outpace and overwhelm them.Let’s take a quick look at a few of the threats on the horizon and what they mean for your organization:
INVASIVE TECHNOLOGY DISRUPTS THE EVERYDAY
New technologies will further invade every element of daily life with sensors, cameras and other devices embedded in homes, offices, factories and public spaces. A constant stream of data will flow between the digital and physical worlds, with attacks on the digital world directly impacting the physical and creating dire consequences for privacy, well-being and personal safety.
As the digital and physical worlds become increasingly difficult to separate, it will be an imperative for organizations to understand how disruptive technologies and practices will impact their operations. Consumer privacy and safety will be a major consideration for new and existing businesses strategies that utilize increasingly invasive technologies. In order to defend against attackers and stem a consumer backlash, organizations should consider not only how they secure hardware and software assets but also the information in their supply chains.
NEGLECTED INFRASTRUCTURE CRIPPLES OPERATIONS
The technical infrastructure upon which organizations rely will face threats from a growing number of sources: man-made, natural, accidental and malicious. In a world where constant connectivity and real-time processing is vital to doing business, even brief periods of downtime will have severe consequences. It is not just the availability of information and services that will be compromised- just the availability of information and services that will be compromised – opportunistic attackers will find new ways to exploit vulnerable infrastructure, steal or manipulate critical data and cripple operations.
As man-made, natural, accidental and malicious attacks intensify, organizations will need to secure their physical and digital estates or face destruction. Technical infrastructure must be hardened and protected against new and traditional attacks, or strategic decisions must be made to transfer risk away from the organization. Those that neglect the security of their infrastructure will have their operations crippled.
A CRISIS OF TRUST UNDERMINES DIGITAL BUSINESS
Bonds of trust will break down as emerging technologies and the next generation of employee’s tarnish brand reputations, compromise the integrity of information and cause financial damage. Those that lack transparency, place trust in the wrong people and controls, and use technology in unethical ways will be publicly condemned. This crisis of trust between organizations, employees, investors and customers will undermine organizations’ ability to conduct digital business.
To remain steadfast during this impending crisis of trust, organizations will need to improve operational transparency, update business continuity plans and overhaul or evolve technical security controls to consider the range of disruptive technological and human threats. Careful protection of the brand will remain high on the corporate agenda, with information security playing a key role in ensuring that the reputations of organizations are maintained.
The Time to Prepare is Now
By 2022, organizations will be unable to disentangle the digital from the physical and will be forced to respond to a growing blend of threats from new technologies, people and nature. While the prospect for commercial success will be enticing, this hybrid world will bring with it increasing dangers that will have devastating consequences for businesses, employees and consumers alike.
In the face of mounting global threats, organization must make methodical and extensive commitments to ensure that practical plans are in place to adapt to major changes soon. Employees at all levels of the organization will need to be involved, from board members to managers in non-technical roles.
The threats highlighted above could impact businesses operating in cyberspace at break-neck speeds, particularly as the use of the Internet and connected devices spreads. Many organizations will struggle to cope as the pace of change intensifies. These threats should stay on the radar of every global organization, both small and large, even if they seem distant.
About the Author
Steve Durbin is the Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cyber security and the emerging security threat landscape across both the corporate and personal environments. He is a frequent speaker and commentator on technology and security issues.