preventing predictable problems (possibly)
TRANSCRIPT
PREVENTING PREDICTABLE PROBLEMS (POSSIBLY)
Gareth Niblett
PROBLEMSProblems, Problems
BAD THINGS CAN HAPPENACTION
• ‘Wise Monkeys’ approach
• Vulnerability disclosure
• Service failure / denial
• Data leak / breach
• Data destruction
REACTION
• Increased costs
• Recall / reputation damage
• Fine / loss of license
• Loss of revenue / value
• Job losses / business closure
OPPORTUNITIESOptimism & Options
PLAN TO WIN
• Solve a problem / innovate
• Think ahead
• Listen to experts
• Prepare for failure
• You can’t predict it all
BUILD TO SURVIVE
• Assess risks honestly
• Scale flexibly & efficiently
• Built-in security, not bolt-on
• Test resilience plans
• Adapt and overcome issues
BE ‘UNWISE’
• Listen to customers, experts, and regulators
• Speak (and ask) about concerns and problems
• Look proactively for problems, and don't ignore
Failure can be ‘fatal’
EASY PICKINGS
• Follow standards and test
• Use secure protocols
• Avoid bad defaults
• Make patchable & automatic
• Don’t overburden users
INNOVATE SECURELY
• Internet of Things
• Identity schemes
• Surveillance tech
• Augmented / virtual reality
• Big data & analytics
• Machine Learning / AI
• Autonomous vehicles
• Drones
• Regulation & legislation
• Blockchain
TECHNOLOGYTackling Threats
INTERNET OF THINGS
• Use interoperable standards
• Have on-device protection
• Enable automatic updates
• Manage external trust
• Limit data collection & use
IDENTITY SCHEMES
• Provide broad user benefits
• Make it citizen/user-centric
• Decentralised & federated
• Trusted throughout lifecycle
• Transparent and auditable
SURVEILLANCE TECH
• Necessary & proportionate
• Minimise data & retention
• Limit purposes & access
• Oversight & accountability
• Don’t be ‘evil’, or facilitate it
AUGMENTED REALITY
• Tackle online abuse
• Be fair with ads & targeting
• Ensure data quality
• Take care with location data
• AR/VR use may be sensitive
BIG DATA & ANALYTICS
• Limit scope / purpose
• Be responsible and ethical
• Understand anonymisation
• Try prevent reidentification
• Correct bad data & decisions
MACHINE LEARNING / AI
• Address ethics properly
• Minimise algorithm biases
• Accept robots taking jobs
• Secure user-derived learning
• Avoid Skynet / singularity
AUTONOMOUS VEHICLES
• Ensure secure connectivity
• Address trolley problem
• Get government support
• Get insurance co backing
• Leverage sensor data wisely
DRONES
• Regulate for safety & privacy
• Geo-fence for safety & security
• Handle GPS spoofing / jamming
• Risk-based registration/ license
• Monitor misuse and respond
REGULATION & LEGISLATION
• Keep it light touch
• Limit strict / restrictive rules
• Use to open opportunities
• Status quos are not sacred
• Accept always behind curve
BLOCKCHAIN
• Use appropriately
• Beware of trade-offs
• Features can help, or bite
• Regulators & users matter
• It’s just another database
THOUGHTSThinking Time
SECURITY GIVES PRIVACY
• False dichotomy begone
• Remember Ben Franklin
• Backdoors undermine us all
• Design for privacy, by default
• Build and operate securely
garethniblett.com
@garethniblett
Gareth Niblett