SECURITY VERSUS SECURITY: A CONVERSATION WITH BRUCE SCHNEIER.

Citation metadata

Author: Kendrick Foster
Date: Spring 2021
From: Harvard International Review(Vol. 42, Issue 2)
Publisher: Harvard International Relations Council, Inc.
Document Type: Interview
Length: 1,809 words
Lexile Measure: 1070L

Document controls

Main content

Article Preview :

Your profile says you're a public-interest technologist. What exactly does that mean?

So a public-interest technologist is a general term for somebody who integrates technology and public policy. Public-interest technologists integrate the two disciplines by working on the policy of technology, working on technology with a public purpose, working on tech for a public-interest organization, or otherwise doing something that straddles both technology and the public interest.

The term was coined by the Ford Foundation. It's an umbrella term that tries to encompass a lot of differSent people doing a lot of different things. And it's something I think is increasingly important in our technological age. All of the major public policy issues of this decade and probably this century have a strong technological component. And we'll never get the policy right if we get the tech wrong. We need people who straddle those two areas.

To get to the next question, what are the most daunting cyber threats facing the United States?

Cyber threats come in many forms, and it's really hard to organize them in order of dauntingness. It really depends on your perspective and what you're focused on. We're worried about national security cy ber threats, both espionage and attack. We're worried about criminal threats, from extortion and ransomware to data theft and misuse and everything in-between. And really, what we're seeing are a series of very vulnerable technologies that can be attacked by a variety of actors for a variety of purposes. It's less useful to look at the particular threats and better to look at the ecosystem because a lot of security technologies and policies mitigate a wide variety of threats. I think that's a better way of looking at the landscape. News articles like to talk about the worst threat or the night mare scenario. I think those really obscure the actual issues because they just push fear buttons, rather than letting people focus on clear policy.

What have been some recent cyber attacks that we should know about, but maybe don't necessarily know about?

I can't think of any off the top of my head. But it is true that what makes the news is often kind of random. In the news this week is an attack against a water treatment facility in Florida, where somebody hacked in and increased the supply of lye in the water to poisonous levels. This could have been fatal if someone hadn't noticed the change and reversed it. This made the news, but only because the sheriff there held a press conference. Otherwise, we wouldn't have known about it.

These sorts of vulnerabilities, these very prosaic ones in boring systems, often don't make the news. We know about the...

Source Citation

Source Citation   

Gale Document Number: GALE|A678858669