Please give the consumer a choice – The vision of Cyber Debt
You have seen the gimmicky SaaS pictures everywhere telling: “there is no cloud, it’s just someone else’s computer”. Yes, it is exactly the same in Internet of (so broken) Things – IoT. It’s just poorly designed and managed devices connected to the internet and to one other. Well, not always poorly designed but sometimes intentionally leaving critical security architectural components aside and simply transferring privacy risk to consumers. And further it’s all about business with some technical debt; global market needs rapid market entries and why build something that nobody is willing to pay. Well because, let’s admit it, average consumer is not truly aware of such dimension and are largely driven by low costs.
Working in domain of cyber security, I’m seeing this evolution from the front row and feeling irritated. I would like to give everyone at least a choice.
The more technically interested you are, the more focus you put on those device specs when making a purchase decision. At least I’m interested in how much energy something consumes, how many mA in a battery, what is the warranty policy etc.
Perhaps you have noticed a simple sticker in your fridge, TV, oven… the European Union energy label. Now you probably see where I’m aiming at! A consumer choice in making decision for purchasing thingies with internet connectivity. Let them swing into a similar labeled concept about cyber debt and make educated decisions. Let’s not allow manufacturers or after sales market hide the cyber debt, but instead reward in making brave new world with high integrity. From level 1 broken foundations with all shades of grey and Maverick’s to a level x of superior platinum support with fundamentals like security in design, patch management, online threat monitoring and event management. Now you see my point or just laugh about the Finglish.
For sure internet of things is spying on us and evil people with lack of morale will always be that one step ahead in the battle. But when building the ecosystem of smart household devices, let’s not have a policy for open house, let’s make the war a bit more challenging. There just has to be some controlled security features in place! Security and privacy by design, not just adding connectivity and leave it standalone, online threats are really out there weather you want it or not. At least let the bad guys go knocking on next door, whose poor sucker made that risky decision for getting some cyber debt.