Good news, cybersecurity nerds: You ain’t running out of work, anytime soon. As last week’s cyber panic about North Korea showed, when there isn’t a teenager-simple denial-of-service attack that delays your access to a government website, there is a voracious hype machine that feeds on the tiniest slivers of data – both significant and trivial – and expels massive quantities of fear and misinformation. And where there’s cyber fear, there’s cybersecurity work to be done.
It’s sad that this sham is allowed to continue unabated. But worse still, it’s dangerous. Despite the expenditure of tens of billions of dollars and countless studies on what needs to happen (not to mention all the offices, centers and commands, that are supposed to implement those reports), we’re still largely screwed when it comes to threats of the online variety.
The problem is multifaceted, but can be broken down into three meta-categories:
- Bullshit. It’s the North Koreans! It’s the Chinese! It’s the Ruskies out to steal our essence! The one thing you can be sure of is that very few people know who is behind any cyberattack.
- Ineptitude. There are a lot of people working on cybersecurity issues, a lot of people “managing” these issues, but not a lot of people leading on these issues.
- Complexity. The people at Verizon look on bemused when the military talks of achieving information-space dominance, when with the flick of a switch, a technician in overalls and a tool belt can render our digital military might inert.
Cybersecurity is a real problem. It has been since computers were invented and connected to one another, but we’re no better off today than we were then. It is not as if we don’t have any lessons learned to draw from. We are in fact worse off because of the extent of our inter-connectedness, and that says a lot more about those who purport to be about enhancing cybersecurity than it does those who are out to subvert it.