Risk Insider: Jack Hampton

Cyber Security: We’re Blind, Please Help

By: | April 18, 2016

John (Jack) Hampton was a Professor of Business at St. Peter’s University, a core faculty member at the International School of Management (Paris), and a Risk Insider at Risk and Insurance magazine where he was named a 2018 All Star. He was Executive Director of the Risk and Insurance Management Society (RIMS), dean of the schools of business at Seton Hall and Connecticut State universities, and provost of the College of Insurance and SUNY Maritime College in New York City.

A popular video shows a blind man sitting on the ground in a plaza hoping to receive money from those who pass by. His cardboard sign says simply, “I’m blind. Please help.” A few individuals drop money into a cup.

A young woman stops and changes the man’s sign. Suddenly many more individuals give money to the man.

The woman returns and the blind man asks, “What did you do to my sign?”

Her answer is, “I wrote the same but different words.” The changed sign read, “It’s a beautiful day and I can’t see it.”

With the Darknet and throwaway cell phones, terrorists do not need iPhones. Apple versus the FBI is not only about privacy or terrorism. It is about further destabilizing an already vulnerable world of communications.

In our cyber security discussions, we often use the wrong words. This happened in the recent public debate when the FBI demanded an Apple iPhone backdoor to allow law enforcement to track communications among terrorists. In a TV broadcast, “60 Minutes” framed the argument as stopping terrorism versus protecting privacy.

Tim Cook (Apple CEO) and John McAfee (anti-virus guru) argued that law enforcement and the media were missing the point. If Apple complied, terrorists would immediately change tactics.

With the Darknet and throwaway cell phones, terrorists do not need iPhones. Apple versus the FBI is not only about privacy or terrorism. It is about further destabilizing an already vulnerable world of communications.

In an earlier Risk Insider post, I argued that there were negative consequences to consider should Apple’s “wiper” function be disabled.

The standoff between Apple and the FBI temporarily resolved itself. The FBI cracked the iPhone and withdrew the request to Apple.

In this scenario, we not only used the wrong words…we asked the wrong question. How then can we get the right answer?

Maybe we should ask, “Can Apple help us install a wiper on every computing device and network?” Ten hacker attempts and all the data is erased. We would learn to back up our data real quick.

The feature could help with privacy. Would it have anything to do with criminal behavior? Maybe yes. Maybe no.

Separately, we may be missing the big picture. When Samuel Morse and others developed the telegraph, communications were instantaneously transmitted around the world by wire. Anywhere along a railroad line, hackers could intercept the message. This is the public Internet of 2016.

Is the right question, “What should we do to fix a 21st Century communications system built upon a 19th century telecommunications model?”

Cyber security efforts should not stop with, “I’m blind. Please help.” The words should stir us to action.

We can hope the best and brightest of our cyber security folks help us see a beautiful day by devising a secure Internet that does not impede law and enforcement.

More from Risk & Insurance