The Security Ledger Podcast
Podcast Episode 111: Click Here to Kill Everybody and CyberSN on Why Security Talent Walks
In this week’s podcast (episode #111), sponsored by CyberSN: what happens when the Internet gets physical? Noted author and IBM security guru Bruce Schneier joins us to talk about his new book on Internet of Things risk: Click Here to Kill Everybody. Also: everyone knows that cyber security talent is hard to come by, and even harder to keep. But why does precious cyber talent walk? In our second segment, we’re joined by Deidre Diamond of cyber security placement firm CyberSN, who has all the answers.
“I don’t think this issue will end our society”
“I don’t think this issue will end our society.” Those were what counted as words of comfort by Bruce Schneier at the tail end of our recent discussion about his latest book, Click Here to Kill Everybody: Security and Survival in a Hyper Connected World. Still, its hard to see that statement as hyperbole. The subject of this latest book (Bruce’s 15th by my count) is cyber physical risk – or what happens when we connect all the stuff that populates our environment to the Internet.
This isn’t a new concern if you’ve been reading Security Ledger’s coverage of Internet of Things insecurity. In fact, our very earliest conceptions of malicious computer hacking -including the 1980s classic War Games – imagined the possibility that computer mischief could have real world consequences. (In the case of War Games, that was nuclear war).
Only today, 35 years after War Games’ release, are we on the precipice of an era in which cyber attacks with physical consequences are the rule, rather than the exception to the rule. That’s because the fast-growing Internet of Things is wiring the machines that populate our homes, businesses and communities to the global Internet. And that includes “stuff” like cars, hospitals, dams, power stations and water treatment plants. In other words: the very systems that protect our life and property are now vulnerable (at least in theory) to cyber predation. The consequences of this shift are already manifest, even if they are yet to be fully comprehended.
That fact prompted Bruce Schneier to write Click Here to Kill Everybody, in which he takes a deep dive into the security implications of the Internet becoming physical. The wiring of the physical world, which Schneier dubs the “Internet Plus” is happening in almost every sector of the economy, he notes. With it, organizations are realizing huge productivity games. But at the same time, security and physical risk is metastasizing in ways that, barring an intervention, could lead to a disaster. What’s needed, Schneier argues, is more government oversight of The Internet Plus in the name of public safety.
[You might also like: FDA Medical Device Plan: a Baby Step in the Right Direction]
In this conversation with The Security Ledger, Schneier talks about the dangers that the IoT poses and why he thinks government oversight of the Internet of things is inevitable. I started by asking Bruce to talk about the theme of his new book.
Got security talent? Fear the Holidays!
It is common knowledge that there aren’t enough information security professionals to fill all the cyber security jobs that our economy is...