As the most connected country on Earth, the United States is also the largest target for both cyber attacks and cyber crimes. Accordingly, cybersecurity is of the utmost importance to all of us.
Many of us have experienced cybercrime through using credit cards. Just as department stores consider shrinkage through shoplifting part of the “cost of doing business,” financial institutions have considered credit card fraud part of the normal cost of business.
The effect on consumers is largely harmless — legislation limits liability for stolen cards to $50 if the loss is promptly reported, and there is no liability for fraud due to stolen information. This situation — along with the fact that computer networks were designed for exchanging scientific information between users assumed to be trustworthy — has led to the development of today’s insecure computer networks, which has enabled cybercrime to grow with no great public outrage.
Cybersecurity has only recently entered public consciousness, as cyberattacks and identity theft have become common. We hear of new situations daily. Most recently, we’ve heard about people who find their computer’s information being held for ransom, as well as the attempts of other nations to influence the outcome of elections using technology.
Our national security and our ongoing economic competitiveness depend on our development into a global cyberpower. That is, we must ensure that we control the development of this cyberrevolution on our own terms, without the possibility of interference from others.
In order to prosper economically — and at the same time meet the growing challenges we face — we must develop greater numbers of cybersecurity professionals, and we must increase the knowledge and awareness of the risks of the cyberdomain to the public at large. People remain the weakest link in attempts to increase cybersecurity. Technological security developments help little when people use insecure passwords and can be easily convinced to follow links to sites designed to capture their security information.
The number of situations in which we have to think about cybersecurity continues to grow. Today, along with network and cloud security, we must also consider the Internet of Things (IoT). The IoT includes everything from kitchen appliances to cars. Many things that we buy contain computers, and these devices can often connect to our home network with little security. This lack of security has already been exploited to mobilize distributed denial of service (DDoS) attacks on a variety of sites. DDoS attacks can now encompass contributions from refrigerators and toasters, as well as more commonly exploited devices like computers, routers and security cameras.
Our transportation system is increasingly vulnerable — planes use autopilot and car manufacturers are developing self-driving modes. Indeed, Google already employs self-driving cars to update its maps. All such systems are vulnerable to hacking. We must develop the expertise to keep these systems secure before they can be more broadly deployed.
Universities are contributing to the development of more cyberprofessionals and the increase of public awareness of cybersecurity issues. These institutions are also increasing the number of cybersecurity professionals by augmenting existing courses and developing new courses and programs. The University of Central Arkansas is helping to increase public knowledge by offering cybersecurity camps funded by the Cyber Innovation Center based in Bossier City, Louisiana, and the Department of Homeland Security. Offered on the UCA campus each summer since 2014, these camps introduce teams of high school students and teachers to cybersecurity. Students who attend the camps become broadly aware of cybersecurity, and their teachers share the knowledge they gain when they return to their own classrooms.
The mobile, online and digital market research firm Juniper Research estimates that, globally, the cost of data breaches will be $2.1 trillion by 2019, or about four times the cost in 2015. Education — formal and informal — is the key to solving the issue of cybersecurity. It is a problem we must solve.
Dr. Stephen Addison is the dean of the College of Natural Sciences and Mathematics and professor of physics at the University of Central Arkansas, where he has been a faculty member since 1984. He is currently the vice president of the Arkansas Academy of Sciences.