Power exists to be used. Some wish for cyber safety, which they will not get. Others wish for cyber order, which they will not get. Some have the eye to discern cyber policies that are “the least worst thing;” may they fill the vacuum of wishful thinking.
This is Dan Greer‘s keynote speech at Black Hat 2014. The transcript is worth reading as well.
As if it needed saying, cyber security is now a riveting concern, a top issue in many venues more important than this one. This is not to insult Black Hat; rather it is to note that every speaker, every writer, every practitioner in the field of cyber security who has wished that its topic, and us with it, were taken seriously has gotten their wish. Cyber security *is* being taken seriously, which, as you well know is not the same as being taken usefully, coherently, or lastingly. Whether we are talking about laws like the Digital Millenium Copyright Act or the Computer Fraud and Abuse Act, or the non-lawmaking but perhaps even more significant actions that the Executive agencies are undertaking, “we” and the cyber security issue have never been more at the forefront of policy. And you ain’t seen nothing yet.
Not only has cybersecurity reached the highest levels of attention, it has spread into nearly every corner. If area is the product of height and width, then the footprint of cybersecurity has surpassed the grasp of any one of us.
Greer’s speech was broken down into 10 sections: Mandatory reporting, net neutrality, source code liability, strike back, fall backs and resiliency, vulnerability finding, right to be forgotten, Internet voting, abandonment, and convergence.
Papers, Please has a nice breakdown of some of the more pertinent privacy and identification issues.