Cybersecurity, Technology, and Society

Throughout my time in IT 200T along with my classmates, I’ve explored the way technology and cybersecurity relate to our world from an interdisciplinary perspective. We explore legal, ethical, political, and economic perspectives for understanding how cybersecurity and technology fit in society. The following are a few of my contributions to discussions we’ve had throughout the class:

“Short Arm” of Predictive Knowledge

Given the “short arm” of predictive knowledge, how should we approach the growing “intelligification” of the modern world?

Because of the rapidly evolving and expanding nature of information technology, we’re beginning to see an increased need for an expansion of our conception of something that doesn’t necessarily have to do with technology at all. The fast-paced development of cyber technologies has made it possible to do much more “good” in a wide variety of modern life. It has even had effects on the nature of how we act as humans. Because of the far reaching effects of these cyber advancements however, great consideration has to be given to the potential for negative consequences that come from use of this technology. One of the considerations that comes with that territory is the question of ethics.

Different ethical approaches are the systems by which we approach all sorts of rules, policies, and even laws, and the realm of cyber security is no different. The problem is that the cyber world is changing at such a rapid pace, it’s hard to conform security policies and our understanding of the approaches to creating these security policies to that which is best for a given situation. Our ability to predict what the future holds concerning technologies and threats is very limited.

There are, however, measures that can be implemented in the creation of security policy and infrastructure that can aid the creation of strong policy given the “short arm” of predictive knowledge. One is implementing a security infrastructure that easily adapts to change. There are few disciplines that experience change as fast as cyber security and having policies that are constantly being reviewed in order to meet the ever-changing demands is integral success. Another is having a wide range of disciplinary and ethical approaches to pull from when creating security measures. To keep up with the demand of the ever-expanding barrage of threats to security a wide range of considerations need to be made to be protected.

Regulating “Intelligification” of the Material World

How should markets, businesses, groups, and individuals be regulated or limited differently in the face of diminishing state power and the intelligification (Verbeek, p217) and networking of the material world?

Without question, the rapid growth in the sphere of information and communication technologies is causing a significant change in the way people interact with ordinary things in the material world. With the advent of technologies that merge themselves into our physical world, both the public sphere and individual interests are potentially subject to a lot of changes. It opens up a host of implications which causes the question of how we can keep the ever-expanding tendrils of “intelligification” from becoming a dynamic outside of our control is becoming one of growing importance.

The first step in understanding how businesses, governments, and individuals should take in understanding how these technologies should be regulated is to understand the potential implications of the technology and reflect on the ethics of the matter, and to do so rightly. One commonly held perception is that there is a “struggle” between man and technology, and that usually further development is bad. Rather, we should assess technology and our interactions with it as they currently are, and then form stances on how to proceed along with the technology, instead of antagonizing it.

As technology develops and we continue to implement it into our lives, critical thought has to be given to design, use, and implementation in such a way that takes how the technology affects their existence into careful consideration. Designers of technology also have to be aware of the social implications of the things which they design instead of simply trying to create the best, most technologically advanced contraptions. When policies are being created in order to regulate such technologies, rather than allowing or not allowing a certain technology, policy creation should focus on the quality of its embedding into society and whether it can be implemented responsibly.

CIA Triad

The CIA Triad is a commonly implemented model for organizations to use in developing data security policy. The model is centered around assessing an organization’s need for confidentiality, integrity, and availability, and developing security policies and procedures to fit those needs. Keeping these three principles understood by an organization as essential, interconnected pillars upon which the data security of the organization stands or falls is the goal of this model. There’s inevitable overlap between these three principles and the CIA Triad helps organizations take the balance between them all into consideration when any security measures are implemented since, what’s good for one might not always strengthen, or might even weaken another.

Confidentiality has to do with making sure only users authorized to view or modify certain data or processes.

Integrity has to do with ensuring that data has not in any way been altered, tampered with, or modified by unauthorized users.

Availability is the principle that users that are authorized to view certain data should be able to access it whenever they need to.