Paradoxically, a significant percentage of the very people (self described security experts), who love to paint computer users as “sheeple” (people unable to think for themselves, followers, lemmings, ….. ), adhere religiously to the party line when it comes to cyber threats – the party, in this case, being the security application industry – and, its unrelenting “scare them to death”, marketing tactics. I can’t help but wonder, who the real “sheeple” are.

It’s hardly surprising, that this type of “harum-scarum” focus, has the potential to camouflage other significant cyber threat issues (other than the cyber criminal issue). Issues which include Internet privacy (now there’s an oxymoron), censorship, and illegal law enforcement tracking – just to name a few – all of which should be a focus of examination, and analytical conversation.

Bruce Schneier, the Chief Security Technology Officer of BT (British Telecom)and the author of the best sellers “Schneier on Security,” “Beyond Fear,” “Secrets and Lies,” and “Applied Cryptography,” as well as the inventor of the Blowfish, Twofish, Threefish, Helix, Phelix, and Skein algorithms, recently revealed his top three emerging cyberspace threats – none of which, you’ll notice, has anything to do with cyber crime security, per se.

Here’s Schneier’s take on these issues – issues which, in his view, have the potential to be more dangerous than cybercriminals.

Last month, I participated in a panel at the Information Systems Forum in Berlin. The moderator asked us what the top three emerging threats were in cyberspace. I went last, and decided to focus on the top three threats that are not criminal.

The Rise of Big Data – By this I mean industries that trade on our data. These include traditional credit bureaus and data brokers, but also data-collection companies like Facebook and Google. They’re collecting more and more data about everyone, often without their knowledge and explicit consent, and selling it far and wide: to both other corporate users and to government. Big data is becoming a powerful industry, resisting any calls to regulate its behavior.

Ill-Conceived Regulations from Law Enforcement – We’re seeing increasing calls to regulate cyberspace in the mistaken belief that this will fight crime. I’m thinking about data retention laws, Internet kill switches, and calls to eliminate anonymity. None of these will work, and they’ll all make us less safe.

The Cyberwar Arms Race – I’m not worried about cyberwar, but I am worried about the proliferation of cyber weapons. Arms races are fundamentally destabilizing, especially when their development can be so easily hidden. I worry about cyberweapons being triggered by accident, cyberweapons getting into the wrong hands and being triggered on purpose, and the inability to reliably trace a cyberweapon leading to increased distrust. Plus, arms races are expensive.

Obviously, it’s important to have a functional understanding of cybercrime and, the steps one must take to lessen its impact at an individual level. But, it’s equally as important to be aware, that behind the scenes, in a manner of speaking, major changes are occurring which will impact how you use the Internet and the risks and exposures, unrelated to cyber criminals, you may be required to accept.

Forewarned is forearmed, and all that.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.