Exclusive: It’s time to take back power over our cybersecurity

In his 2005 book, Russian author Alexei Yurkov coined the term “hypernormalisation” to refer to the culture of the late soviet empire before its collapse. Yurchak argued that everyone knew the system was failing, but as no one could imagine any alternative, everyone was resigned to maintaining a pretense of a functioning society. Over time, this delusion became a self-fulfilling prophecy and the fakeness was accepted by everyone as real, an effect that Yurchak termed “hypernormalisation”.

From Watergate to Edward Snowden to the NSO leaks we have been shown over and over again that the privacy that defines our individual private property as citizens in a democratic society is merely an illusion. Our consumer tendencies, behaviours, banking activities and even our private thoughts and peccadillos can serve as kompromat. But who would want to hurt us, we might think?

For the longest time we have worked under the false sense of security that if we have not done anything wrong, we have nothing to fear. Hopefully, this NSO leak will be the last drop that will put an end to that popular assumption. We have entered a new age of surveillance and as citizens we have to declare that the buck stops here.

With their “zero-day” capabilities and almost untraceable technology, there is not much that a single individual can do to defend themselves from a cyberattack from a billion dollar cybertech product, but there is power in numbers.

Demand accountability

Since the NSO leaks, countries around the world have started demanding parliamentary inquiries and special commissions to investigate how the Pegasus technology was abused against journalists, activists, opposition parties and sitting mandatories. This needs to happen in every nation and needs to be followed to its final results.

UN High Commissioner for Human Rights Michelle Bachelet called the revelations “extremely alarming.” She said: “They seem to confirm some of the worst fears about the potential misuse of surveillance technology to illegally undermine people’s human rights.”

It is our right as citizens to demand full accountability on how spyware and cyberweapons have been used to repress our communities and even more subtly to social engineer consent and weed out opposition. Each nation’s constitution establishes its right and duty to defend its sovereignty and the safety of its citizens and in this new world, that must include our present cyber reality.

Since cyberspace is global our information systems constitute our nations’ frontiers and as such, need to be protected with the same zeal as we do our physical borders.

Curtail the licensing and commercialisation of spyware

Cybersecurity is a US$82 billion dollar industry and is only growing. Nations have understood early on that their investment and development in military technology needed to be mirrored by the same level of innovation in cybersecurity to be effective.

Terrorist organisations like ISIS and Hezbollah, along with rogue states like North Korea, have taken to cybercrime as a more effective tool to pillage fortune, disrupt their enemies, steal industrial and military secrets and do counter-surveillance. We have seen them in the battlefields, we can only imagine how their bloodthirst and ambition has turned them into super cyber soldiers.

Individuals and companies cannot alone confront the magnitude of their vulnerabilities in this second golden age of piracy. Each country needs to actualise and fortify their cyber capabilities while at the same time participating in the creation of a global cyber force with an universal and mandatory system of reporting cyber incidents.

Licensing and commercialisation of spyware needs to be regulated with due process and transparency and nations and intelligence agencies need to be made accountable for the use (and abuse) of these technologies and the revolving door between the public and private sector needs to be curtailed. We need to update accords such as the Geneva Convention to include an ethical code of conduct in the use of cyberweapons and Artificial Intelligence.

Take back the power

We are not victims in this scenario. As individuals we made conscious choice after conscious choice from security to comfort. We jumped at every possible improvement on our lives facilitated by technology and are just now realising that the Chocolate Factory is not just so.

But, we are also at the centre of the solution. Human capital, people—their skills, experience and ambitions—are the most important ingredient in cyber defence. We need to prepare our corporate communities at work, our children at home and our citizens in order for them to go from unwitting victims to empowered netizens of this new world. We each need to gauge how much risk appetite and aversion we can handle and adjust accordingly. Cybersecurity awareness is no longer just a corporate concern but a responsibility of every individual.

We cannot stay blind to the realities that revelation after revelation shows us; but we cannot live in despair, or worse, in hypernormalisation; Future-shocked but our lack of understanding. If we want to thrive in this new world, we need to break from the false sense of security and succeed by staying ahead of the curve, conscious of our rights and duties as global netizens.

By Peter Backman

You can connect with Peter on LinkedIn here