Interview: There Is Virtually No Privacy in Cyberspace

  • Petr Boháček
  • 21.2.2016 10:59

Interview with Jan Kameníček, Managing Director at Hewlett Packard Enterprise in Czech Republic, from Cyber Security: Citizens' and Customers' Data Protection conference organized by Prague Security Studies Institute (PSSI).

How cyber threats of the IoT influence our lives?

Our dependency on information technologies is becoming critical. Companies like Google or Facebook gather all data about us: where we go, with whom we meet, what interests us, who are our friends, what kind of credit cards we use, what we are willing to spend money on or what kind of work we do. Breaking the security of a personal computer or moderately protected computer system of a small company can be done in a matter of hours with utility software worth several thousand. And all this information can be used against us. There is no privacy in cyberspace, or it is very rare.

The expansion of the IoT virtually eliminates the difference between cyber and physical security that in the past limited the physical impact of cyber threats. Can we see the change? Or is this a pessimistic vision and the example of securitization of IoT?

I will explain it on the example of a smart house. In the past you came home, locked the entrance door with two locks and you were reasonably sure that you can sleep peacefully. In a smart house full of IoT sensors and doors with electromagnetic locks all security can be broken by a hacker who opens the entrance gate, garage gate or entrance door with one command and gets into your bedroom without physically breaking the locks or windows. And in the next 5 to 10 years, 90 percent of the houses will have smart electro-installation.

There is no so-called 'killer app' or platform in the IoT which would unify all these systems. Does the diversity of the systems contribute to their security? And can we expect a 'killer app' for IoT in the future?

The term 'killer app' is most often used in connection with gaming software. The IoT is such a broad term that we cannot expect one significant application, but quite the opposite. There will be millions of applications using the IoT devices to automate the world around us. Look how for example Google Maps has changed the market with GPS devices although it gathers its data from millions of devices connected to the Internet.

Has cyber hygiene gotten better in Czech Republic? Can cyber hygine help to fight cyber attacks? Or are the attacks so sophisticated that common caution cannot prevent them?

Most of the attacks are not sophisticated at all because a sophisticated attack demands a considerable investment of time and money to buy necessary technology and software. Basic security awareness is important to prevent for example phishing attacks. You would not believe how many people answer a phishing email and voluntarily give access to their identification info and passwords to someone who takes advantage of it.

How does our understanding of privacy and protection of personal information have to change in the future?

We will have to protect our privacy more than we do today. We need to choose carefully what personal information we will share via generally available applications and we need to pay attention when the application demands access to personal data in our mobile phones. The risk of misuse of our data will be escalating.

Is cooperation between public and private sector (PPP) the best defense against cyber threats? Should the public sector be more strict in setting security rules or should it leave the cyber security – a strategic domain of the state - to private participants?

Cooperation is good in any circumstances. But let’s not expect that cyber security of the state will be taken care of by private subjects. Private entities protect their company or their data and have no reason to provide protection for others. So it is left up to state legislation to set rules for protection of cyberspace and to check their implementation in companies that have something to do with critical infrastructure of the state.

Can we expect balkanization of the Internet? Or its globalization and eventual disappearance of physical borders?

The Internet is the first medium in history that crosses the physical borders of all states in the world. It enables spreading information without any limits and due to it the greatest speed of progress in our history. Of course we need to think of data in such a way that we would not be paralyzed in the case of closure of the cyberspace in a critical situation like war or terrorist attack. In my opinion, critical data should be stored in data storages controlled by the state.

About author: Petr Boháček

Partners

Tento web používá k analýze návštěvnosti soubory cookie. Používáním tohoto webu s tím souhlasíte. Další informace