Happy 25th birthday to the world wide web! It's difficult to imagine the first public website was launched just 25 years ago in 1991. For most people, it's hard to think about our lives without the internet.
Internet use has grown substantially over the years, with estimates of over 3.5 billion users around the world in 2016, up from 2.2 billion the year before.1 And while many are now embracing the convenience of the internet, concerns about internet security are greater than ever. Security needs to be thought about as technology and the internet continue to advance and grow over the next 25 years.
Two areas in particularly are or will be significant security challenges in the coming years.
Securing the Internet of Things
Advancing technology means advancing security. Unfortunately, the rate of technology is moving faster than security can keep up with. Gartner suggests there will be approximately 6.4 billion connected devices in use in 2016.2 Because of the wide range of embedded devices, from consumer gadgets to industrial run systems, specialized attention needs to be given to each individual device.
In the past, many have believed embedded devices were not targets for hackers. Therefore, security was not always considered a priority for embedded designs. However, we are seeing this slowly change. From hacking autonomous cars to smart refrigerators in your home, hackers are now looking for new and creative ways to target attacks and will likely be looking to IoT devices in the future.
Quantum Computers are Coming
What would you do if you knew confidential data would be sent in clear text over the internet? This is a real threat when quantum computers arrive, which experts believe could be within the next 10 years. A quantum computer renders current public key infrastructure (the backbone of secure websites) useless. Once a quantum computer is able to break a digital signature (commonly used for financial transactions, contracts, software patch distribution, and other cases where trust is important), the threats are widespread.
What Can We Do About It?
In the next 25 years, we can expect technology and the internet to be very different than what it is today. Organizations must find a way that allows embedded devices to not only perform their tasks, but also enable them to recognize and counter threats. Security features must be carefully considered throughout the software development lifecycle (SDLC), especially during design, to ensure the device is protected from both known and future threats and attacks.
Emphasis should also be placed on education. Reports show that undergraduate computer science and engineering cybersecurity education at top universities is not a priority, so how can we expect our future workforce to help keep us secure? While universities should start focusing on security, organizations need to help fill this gap by providing their development teams with the appropriate security training to secure applications properly.