PREVENTING PREDICTABLE PROBLEMS (POSSIBLY)

Gareth Niblett

PROBLEMSProblems, Problems

BAD THINGS CAN HAPPENACTION

• ‘Wise Monkeys’ approach

• Vulnerability disclosure

• Service failure / denial

• Data leak / breach

• Data destruction

REACTION

• Increased costs

• Recall / reputation damage

• Fine / loss of license

• Loss of revenue / value

• Job losses / business closure

OPPORTUNITIESOptimism & Options

PLAN TO WIN

• Solve a problem / innovate

• Think ahead

• Listen to experts

• Prepare for failure

• You can’t predict it all

BUILD TO SURVIVE

• Assess risks honestly

• Scale flexibly & efficiently

• Built-in security, not bolt-on

• Test resilience plans

• Adapt and overcome issues

BE ‘UNWISE’

• Listen to customers, experts, and regulators

• Speak (and ask) about concerns and problems

• Look proactively for problems, and don't ignore

Failure can be ‘fatal’

EASY PICKINGS

• Follow standards and test

• Use secure protocols

• Avoid bad defaults

• Make patchable & automatic

• Don’t overburden users

INNOVATE SECURELY

• Internet of Things

• Identity schemes

• Surveillance tech

• Augmented / virtual reality

• Big data & analytics

• Machine Learning / AI

• Autonomous vehicles

• Drones

• Regulation & legislation

• Blockchain

TECHNOLOGYTackling Threats

INTERNET OF THINGS

• Use interoperable standards

• Have on-device protection

• Enable automatic updates

• Manage external trust

• Limit data collection & use

IDENTITY SCHEMES

• Provide broad user benefits

• Make it citizen/user-centric

• Decentralised & federated

• Trusted throughout lifecycle

• Transparent and auditable

SURVEILLANCE TECH

• Necessary & proportionate

• Minimise data & retention

• Limit purposes & access

• Oversight & accountability

• Don’t be ‘evil’, or facilitate it

AUGMENTED REALITY

• Tackle online abuse

• Be fair with ads & targeting

• Ensure data quality

• Take care with location data

• AR/VR use may be sensitive

BIG DATA & ANALYTICS

• Limit scope / purpose

• Be responsible and ethical

• Understand anonymisation

• Try prevent reidentification

• Correct bad data & decisions

MACHINE LEARNING / AI

• Address ethics properly

• Minimise algorithm biases

• Accept robots taking jobs

• Secure user-derived learning

• Avoid Skynet / singularity

AUTONOMOUS VEHICLES

• Ensure secure connectivity

• Address trolley problem

• Get government support

• Get insurance co backing

• Leverage sensor data wisely

DRONES

• Regulate for safety & privacy

• Geo-fence for safety & security

• Handle GPS spoofing / jamming

• Risk-based registration/ license

• Monitor misuse and respond

REGULATION & LEGISLATION

• Keep it light touch

• Limit strict / restrictive rules

• Use to open opportunities

• Status quos are not sacred

• Accept always behind curve

BLOCKCHAIN

• Use appropriately

• Beware of trade-offs

• Features can help, or bite

• Regulators & users matter

• It’s just another database

THOUGHTSThinking Time

SECURITY GIVES PRIVACY

• False dichotomy begone

• Remember Ben Franklin

• Backdoors undermine us all

• Design for privacy, by default

• Build and operate securely

garethniblett.com

@garethniblett

Gareth Niblett