Trust runs our financial markets today. The currency in your wallet, the credit in your cards and even the bitcoin in your blockchain are really only about trust.
Long gone are the days of money being backed by gold, as these days it is really only data backed by trust.
Financial transactions today are so easy and smooth that even swiping a card is being replaced by a simple tap. The underlying trust is taken for granted, but it’s there. And it’s still the requirement for trillions of payment transactions to work every day.
You can buy groceries because somewhere a message is created based on encrypted bits and bytes that say you have enough money or credit to pay for these goods.
But we have a trust issue.
Assume adversaries — be they criminals bent on stealing, terrorists trying to terrorize or even nations looking for global advantage — can soon manipulate those bits and bytes. I’m not talking about just making ATMs spit out a few hundred-dollar bills.
Instead, I’m referring to the potential for bad actors to effect subtle changes to your account, such as making it appear as though you have 100 times the money you actually have — or 1/100th.
Now imagine that the adversary manipulates not just your bits and bytes, but those of your entire bank. The bank now has no idea who has how much money in its accounts. So the bank freezes all accounts until it can figure it out.
The trust issue extends even further than that, however. Now assume it’s not just your bank, but also the banks from Main Street to Wall Street. No one knows who has how much, so banking freezes. And the trust that has always been inherent in the system is lost.
As a result, the payment systems that run our economy come to a halt. Backups are deployed, but that transactional trust is still damaged. And because it’s broken, it becomes difficult even to buy a loaf of bread or a gallon of milk. Economic impacts spread well beyond the individual.
Looking to tomorrow
That adversarial attack capability is on the horizon. And companies in the financial sector are among the best positioned today at working to protect against this type of failure. Collectively, they employ thousands and spend billions each year to enhance security and provide resilience.
They have formed strong industry associations focused on their collective security, led by FS/ISAC (the Financial Services Information Sharing and Analysis Center), that work to defend against individual attacks as well as the collective threat to our economy and society. They are well prepared to respond to today’s threats.
But what of tomorrow?
We sit at the dawn of a new decade and the beginning of a new technological reality. In the coming decade, our communications — including those transmitting banking messages — will be carried on an entirely new system called 5G, which today is being led globally by adversarial countries.
Coming: The roaring ’20s
Over the next decade, our identities will be determined by a completely different concept based in part on people’s social media sharing.
In the coming decade, adversaries will have quantum computers capable of decrypting all of our bits and bytes, and have access to artificial intelligence systems that will make life-changing decisions for every American.
This is all coming over the next decade — and these new roaring ’20s start in a few weeks.
Over the next decade not only will adversaries gain these new powers, but we as a society will become inexorability linked to our new technology.
We’re making everything digital, from our cars to our homes to our health and our very way of life. In the ’20s, it won’t just be our financial systems that are at greater risk, but also our communications, energy, healthcare and transportation.
Consider what might happen if adversaries changed the prescriptions between your doctor and your pharmacy, modified messages to your energy provider to turn off your city’s heat in the dead of winter or scrambled signals to tell your car to turn left right off a cliff.
All of this will be technically possible in the roaring ’20s.
Our work at Auburn
That’s why the White House asked its presidentially-appointed security advisory panel, NSTAC, to study this problem not for today, but for this coming decade. The National Security Telecommunications Advisory Committee’s report to the president recommended a National Cyber Moonshot that calls for a whole-of-nation approach to address this critical problem.
The report focuses on six foundational pillars that could defend the nation’s critical infrastructure over the coming decade. These pillars — behavior, ecosystem, education, policy, privacy and technology — will need to come together to support the common goal of a safe and secure internet.
On Nov. 20-21, more than 75 executives and experts representing a wide variety of organizations from academia, emerging and large companies, and government convened for a workshop at the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University to discuss how to work together to create a trusted ecosystem of providers for this next generation of products and services.
Chris Krebs, director of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), was a keynote speaker for the workshop, informed by leaders in the 5G, AI, identity and quantum spaces.
The key to success for this initiative is the active involvement of attendees representing industry large and small. There is a collective recognition that neither the government nor industry alone can address these coming threats, but that as a whole of nation we can and we must.
We can avert disaster
Data is the new currency, and the trust we place in it is vital to our health, prosperity, welfare and growth as a society. We need to work together to protect that trust.
In the 1900s, the roaring ’20s ended with the Great Depression.
The actions that we take now can avert disaster and help drive a positive outcome of our own roaring ’20s — for our collective future.
Tom Patterson is the chief trust officer at Unisys, a global information technology company based in Pennsylvania.