The internet, humanity’s most disruptive invention, has transformed industries and revolutionized how people interact. Yet, as in all previous markets, thieves, provocateurs and free riders have sought to profit from others’ labor. To respond, the good actors have built trust models and technologies to protect commerce, such as a secure version of the web protocol (HTTPS) and virtual private networks (VPNs).
Likewise, the age of connected things—the Internet of Things (IoT), billions of sensors, actuators and semi-autonomous machines that produce zettabytes of data daily—promises breakthrough efficiencies for homes, industries, supply chains and critical infrastructure. Unfortunately, the old ways of protecting our systems don’t apply with IoT because the bad actors are worse, the systems more complex and the impact of attacks more profound. The need for resilient systems, data ownership and governance has never been so apparent.
Statista shows, however, that data compromises have increased almost twelve-fold since 2005. Just when we have the greatest needto trust data, we have the least reason to. To undo this, we must understand why the internet failed to deliver a trustworthy environment for data and then take steps to build trust back into its data fabric.
When the military adopted the protocol Vince Cerf invented in the 1970s to support nuclear deterrence, they used the best crypto and trust models available. Furthermore, as participants were highly vetted, this First Internet Era, in which academics had free use of the most resilient network ever invented, was marked by a trust model that worked remarkably well.
The Second Internet Era allowed point-to-point communication between desktops and other devices, enabling a slew of innovations, from credit-risk reduction to online banking, and saw the rise of juggernauts like Amazon. Stability was maintained through the checks and balances of e-commerce, leveraging existing governance and statutes. Here, too, the trust model worked within its governance framework of secure web protocols like HTTPS.
The Third Internet Era characterized the IoT with vast self-organizing meshes of end-point devices transmitting data with little to no security. The promise of revolutionizing home grids, cars, etc., has proven perilous to our personal lives, businesses and even our critical infrastructure in the face of cybercrime and cyber warfare.
This current chaotic state of the internet lacks a trust model fit for dealing with cyberwar actors and sophisticated hacker societies. Thanks to the cyberhacking technology curve, new kinds of crimes quickly spread before they are fully understood by regulators. Even the best infosec teams are overwhelmed by dreaded “zero-day” vulnerabilities dropped out of the blue that make systems that were secure yesterday hackable today.
