In 2014, cyber hacks and data security became a weekly, and sometimes daily, occurrence in the popular news. 2015 is likely to bring more of the same--along with a greater focus on cybersecurity. But 2015 is also expected to be an exciting year for technology in general. This article highlights a few of the predicted trends, along with insight into potential policy implications.
The software security company, McAfee, estimates that hacking costs businesses between $300 billion to $1.4 trillion annually. (1) Although this represents just 0.5 to 1.5 percent of the global gross domestic product, recent hacking appears to be more sophisticated than in the past, and the severity of the incidents is growing. But is the weakness really in the technology? Although all of the incidents involved computer intrusions, many of the vulnerabilities had nothing to do with software or hardware design. For example, major news organizations reported that the widely reported November 2014 Sony hack (when confidential employee data were publically released) was started by a former employee with deep knowledge of the company's servers and where data were located. Similarly, in September, the Federal Aviation Administration learned about employee-related security weaknesses when a disgruntled contractor destroyed servers, precipitating the shutdown of air traffic control near Chicago, one of the world's busiest air sectors. Any quick research of recent hacking incidents will reveal that most security vulnerabilities stem from humans.
As technology becomes more prevalent in business operations, the public sector should not only assess its software and hardware vulnerabilities, but its employee vulnerabilities as well. An assessment should begin with an inventory of systems and a determination of where data are housed. Next, consider which employees have access to critical systems and what access they have to data. Thorough background checks for new employees (even for employees that change positions within the organization) should be considered. Finally, organizations should have a policy in place for prohibiting access to technologies once an employee has separated from the organization.
Wearable technology, ranging from cameras on police vests to health sensor bands, will be prevalent in 2015. The devices are popular because they provide consistent, objective observations of the surrounding environment, and we can expect to see them used more as ways of managing risk and delivering transparency.
Cameras in police squad cars have already proven effective, and wearable cameras are the next trend. The public sector will need to consider these types of devices for liability purposes, and it will also need to look at ways in which the devices affect personnel policies and employee contracts. It has been argued that people behave in a more positive manner when they are aware of a wearable device, whether it is a citizen reacting to a police officer or a police officer engaging a suspect. This phenomenon has increased the popularity of the devices, and some police unions have reacted positively to...