What compromise would you make to better manage your business security risks?
Would you pull the plug on the Internet?
Singapore is a global reference in digital innovation. They are a self-proclaimed, and recognised Smart Nation that is driving an agenda of people-centric, innovative & co-creating ICT solutions designed to better develop their community. They create the envy of many when it comes to Internet connectivity, providing some of the world’s best connectivity (world’s fastest peak Internet connection speeds as per Akamai’s Q4 2015 State of the Internet report). However, public servants in Singapore will soon be blocked from accessing the internet on work computers for security reasons. The move would aim at addressing potential leaks from work e-mail and shared documents amid heightened security threats.
Would you buy some antique typewriters?
The recent decision from the Singaporean Government reminds of other considerations for rather radical security measures. In 2014, following the Snowden NSA spying ‘revelations’, the German Government was reported to consider reverting to using typewriters to protect their most sensitive documents from digital surveillance risks. The report made clear that the matter was “no joke” and that non-electronic typewriter models were considered.
Would you build your own internet?
In 2014, and for the same reasons as the German Government above, the Brazilian Government revealed their plan to build a parallel undersea internet cable to protect online privacy. In 2016, Tech giants Google, Facebook and nearly a dozen other large companies are reported to consider joining the project.
Would you close shop?
Lavabit closed shop in 2013 for a purpose understood to be about protecting the privacy of their clients.
I suggest by no means that the above examples would be common choices. They are not, and I certainly see them as extreme. I am confident they do not reflect a tendency to consider curbing significantly the innovation and the tremendous digital & connectivity opportunities. The level of compromise you may be willing to make is of course variable. It may depend on your business security risk posture, your risk appetite and the development of the cyber security threat landscape.