Gartner estimates there are 8.4 billion devices connecting to the Internet in 2017–a 31 percent increase over 2016. By 2020, there will be approximately three smart devices for every person on the planet.
With this rapid growth in smart devices, exploding data volumes, and the shift to the cloud, it is becoming more and more challenging to protect critical systems and information.
Government and industry leaders convened at the Symantec Government Symposium in Washington, D.C. on Tuesday to discuss these complex challenges and the solutions needed to address them.
In her morning keynote, Jeanette Manfra, assistant secretary, Office of Cybersecurity and Communications at the Department of Homeland Security (DHS), said we are at the cusp of a digital society, but still have a ways to go.
“Global traffic is expected to hit two zetabytes a year,” Manfra. “No wonder it is complex to defend.”
Manfra said government–and society as a whole–is struggling with some of the same questions faced in the industrial revolution–like how do we take advantage of new technologies and not leave anyone behind? And, how do we ensure we are safe when building and distributing this new technology?
“The space of computing and networks runs everything now,” Manfra said. “It has driven incredible growth and opportunity across the world, but we must ensure it progresses in a way where we can ensure safety.”
Michael Fey, president and chief operating officer at Symantec agreed that the cyber landscape has changed drastically in the era of smart devices, and is even more complex.
“After this Christmas, we will see a spike in the use of Internet of Things (IoT) devices,” said Fey. “Imagine a world where the bandwidth is taken over by these devices. We know it will get harder to understand.”
According to Michael Daniel, president of Cyber Threat Alliance, more and more things are connecting to the internet–adding to the IoT, and making it increasingly difficult to protect.
“Your car, FitBit, coffee maker, and I’ve even seen a hairbrush, are now connecting to the internet,” said Daniel. “[To protect it] we must shift our mindset, and change the way we think about the problem.”
Manfra agreed that we must change the way we think of defending our devices, and who defends them.
“If you think about it, everyone is doing the same things we’ve done for years,” Manfra said. “Spying on each other, trying to prepare for possible hacks, and more–it is just a different landscape now. We must take a step back and think about the critical services that our citizens depend on. We need to identify the opportunities to take different approaches, instead of just accepting how things are.”
Fey said education is the key to evolving with the complex IT landscape. Many of the lessons learned ten to 15 years ago are no longer relevant. IT teams need to stay up to date with training.
Daniel said there are three main reasons why cybersecurity is challenging.
“Cyber is more than just a technical problem,” Daniel said. “It is a human problem, an economic problem, and more. Next, cyberspace plays by different rules. We keep trying to map our physical world problems onto cyberspace. Finally, cybersecurity is still a fairly new policy area, and we still haven’t set the rules of the road.”
Grant Schneider, the acting Federal CISO and senior director for cybersecurity policy at the National Security Council, said cybersecurity is about people–it is built, run, and attacked by people. To tackle complex cybersecurity challenges, we must understand people.
“IT teams must really focus on the complex challenges,” Schneider said. “Once you fully understand the challenge, you can figure out a solution.”