Event Review: The Road Ahead for Cyber Security – Challenges and Opportunities
Professor Johannes A. Buchmann discussed the current challenges and opportunities facing cyber security.
Dr. Buchmann opened the evening by explaining the significance of information technology in present-day society. With 5.6 billion registered users on over 200 major social media websites in addition to communication and information flowing freely all around the world, IT has become the “backbone of society and the economy,” Dr. Buchmann said. By 2025, the total economic impact of cloud technology could reach $1.7 to $6.2 trillion annually, based on a McKinsey & Company report. Within the next five years, enterprises are predicted to spend $921 billion on public cloud-based services, according to Gartner. In 2015, Gartner predicts that the global cloud-based security services market will be worth $3.1 billion.
As most people today use IT on a daily basis, regulations need to be in place to ensure that actors, devices, and services involved with IT are trustworthy. Similarly, the protection of personal data needs to be treated as an inalienable right, just as Article 8 of the EU Charter of Fundamental Rights states. Keeping this in mind, Dr. Buchmann stressed that the challenge that remains for the future is weighing the valid security concerns about IT against its many potential benefits.
Dr. Buchmann then transitioned to providing an overview of the cyber security research occurring at the Center for Advanced Security Research Darmstadt (CASED) at the Technische Universität Darmstadt. Today, more than 200 researchers currently work at the center in the fields of identity, privacy, cloud, Internet, and infrastructure security as well as in cryptography. Dr. Buchmann briefly described two collaborative research projects with which he was currently involved. The interdisciplinary “Internet Privacy Project” of the German National Academy of Science and Engineering (acatech) seeks to find long-term solutions for secure cryptography; his second project with the German Research Foundation’s new collaborative research center “CROSSING” aims to foster trust in new and next-generation computing environments. This project will bring scientists from physics, cryptography, system security, formal methods, and software engineering together to develop, implement, and integrate efficient cryptography-based security solutions.
One of the main goals of Dr. Buchmann’s projects is to provide recommendations supporting the establishment of a “culture of adequate privacy on the Internet,” as he put it. His model of privacy would enable individuals “to control their self-presentation and protection.” According to Dr. Buchmann, Internet privacy should be designed in a way that the following core values, namely free self-determination, democratic participation, and economic well-being, could be properly realized; a lack of privacy, conversely, might threaten the realization of these values. These values could be achieved by a culture of privacy that encompasses the fields of education, law, economics, and technology. With this in mind, he offered the following recommendations based on his research at CASED: Making Internet literacy a permanent fixture in education programs, offering more privacy options to users, and developing appropriate technology. Finally, companies should also apply privacy regulations and rules that are familiar to their users. To make this feasible, Dr. Buchmann suggested that countries unify privacy regulations.
This April, the discovery of the Heartbleed Bug – a serious vulnerability in the popular Open SSL cryptographic software library caused by an implementation error tracing back to December 2011 – served as a public wake-up call on the vulnerability of modern cryptography. Looking ahead, Dr. Buchmann warned that quantum computers will only make today’s public key cryptography (PKC) increasingly more insecure. He concluded his talk by re-emphasizing the need for a “global culture of IT privacy and trust” as well as concerted international efforts towards developing advanced IT security technology. Labeling cryptography “the technological background of IT security,” Dr. Buchmann stressed that online connections should always be confidential and authentic. Thus, cyber security relies heavily on cryptography-based security solutions, which will be in high demand in the upcoming years.
Dr. Joann Halpern, Director of the German Center for Research and Innovation, moderated the lively discussion that ensued, which covered a variety of related topics, such as aviation security, cultural differences with respect to online privacy, privacy standards and security regulations in the financial services industry, and cyber security literacy for educators.