In the Fourth Industrial Revolution unprecedented processing power and access to information has the potential to send human progress into overdrive. It seems that if we imagine it, we can make it happen, realising the sci-fi dreams of AI, robotics, autonomous transport and biotech augmentation to make us faster, stronger, healthier and happier. But with such advances come enhanced threats that could lay siege to cities and hijack minds, making the development of effective countermeasures crucial to safeguarding the future. Here Exein CEO Gianni Cuozzo predicts the three biggest trends in cybersecurity:
1. Biosecurity
On August 28 2020, Elon Musk's Neuralink medical research company presented to the world a pig called Gertrude with a computer installed in its brain - or, as the tech entrepreneur put it, "a fitbit in the skull."
Hype or not, this was a significant moment in history: a single and irreversible step along a road to machine-enhanced humanity. Within a relatively short period we will see the introduction of technology to assist those with paralysis; to help the blind, the deaf and those suffering conditions such as diabetes; and eventually to enhance our abilities and potential beyond the realms of what is currently humanly possible. Such advances come with cybersecurity risks because by taking control of such systems one has the potential to harm or to kill the human host.
A host of vulnerabilities dubbed SweynTooth was identified earlier this year in Bluetooth-enabled medical devices, requiring manufacturers to patch firmware, and as neurotechnology evolves, unprecedented opportunities will emerge for the harvesting, distribution and manipulation of data from the human brain.
In order to safeguard our thoughts, we will develop custom-made bio-cybersecurity solutions that allow appliances and implants to send electron streams readable only by the host's own memory. The fusion of technology and physiology has long been a science fiction fantasy but it's no longer in the future. It's right here right now.
2. Quantum cybersecurity
Quantum computing will be epoch changing: a giant step for humanity with profound implications for healthcare, climate modelling, energy, technology and artificial intelligence. In computational terms it's an evolutionary leap from the familiar binary system to a qubit-based, or multiple stage metrics system capable of calculating in moments what would take traditional computers millions of years to achieve. The cryptographical standards we have established for the binary system will therefore no longer be fit for purpose in the quantum world.
So, cybersecurity needs to evolve too, developing new mathematical and cryptographical models tailored for quantum computing, and we need to start now. To believe that widespread usage of quantum computers is 30 years away is dangerous, because qubit assets will be available in the cloud within a decade. Furthermore, we need to devise a new way of working, because the digital revolution that began in the late 70s is over.
Back then, we built infrastructure with no consideration of cybersecurity because cybercrime did not yet exist. It was as though we built the city, realised its vulnerabilities, and then started building defensive walls, but as we enter the fourth industrial revolution, we need to build our security systems alongside the quantum infrastructure, developing brand new quantum-augmented architectures that sit both without and within new systems.
3. Embedded security
Existing cybersecurity methodology involves little more than bolting aftermarket software solutions onto existing infrastructure - as exemplified by the anti-viral measures we take to protect our laptops.
At scale, exactly the same processes are used to protect networks, hospitals, factories and smart cities, and it's staggeringly inadequate in an era when open-source automated tools allow hackers to keep systems under constant attack, probing for weaknesses in software written by humans. This armour-plated external approach is outdated and ineffective, and the new defensive strategy will involve making systems safe from the inside out. This means building the security into device firmware in the IoT space and building security into process and server, a universal way to embed security into our digital life, using convolutional neural networking to learn legitimate device behaviours and thus detect threats and anomalies at lightning speed.
It's a new approach especially suited to the one trillion IoT devices predicted to be in operation by 2025: rather than relying on external measures to keep this tech secure we will focus instead on intrinsic, embedded security that acts not like body armour but as an immune system working from within the device. What this means for the consumer is secure tech out of the box, even in more traditional end points like PCs and laptops.
With products like Exein Core and Microsoft's Pluton TPM - a custom security chip built into the processor - already on the market we'll see the cybersecurity industry as we currently know it wiped out in ten years. We'll never wipe out the criminals. Instead, by evolving our countermeasures, we'll make it increasing harder for them to rob us.