The World Economic Forum’s Global Risks Report 2019 ranked cyber attacks among the top-ten most impactful global risks. A report published in 2019 by the Ponemon Institute shows that 90% of companies supporting national critical infrastructures—energy, health, industrial and manufacturing, and transport—experienced at least one cyber attacks between 2017 and 2019 that led to data breaches or significant disruption of operations (Ponemon Institute LLC 2019). These reports are two of a long series of studies conducted over the past decade on the status of cybersecurity. From year to year, data about cyber attacks and their impact continue to increase indicating that cyber attacks pose an ever-growing threat for information societies. There are two lessons to be learned from these data. The first lesson is not controversial, digital infrastructures are porous. We should think of them as agile, flexible, but brittle systems. This brittleness, as I argued elsewhere (Taddeo 2016, 2017a), favours offence over defence, explaining in part the continue growth of cyber threats and the escalation of their impact. The more digital technologies become pervasive, the wider becomes the surface of attacks, and with it also number of successful attacks grows. Think for example about the distribution of Internet of Things (IoT). In 2018, a Symantec study reported an average of 5200 attacks per month on IoT devices, the figure almost double the 3650 attacks counted in 2016. The second lesson may be harder to learn, for it is about the inadequacy of the ways in which we have framed and governed cybersecurity. This is clear when considering that data on the escalation of number and impact of cyber attacks, despite the growing value of the cybersecurity market and the increasing efforts of companies and state actors to improve the security of information systems and infrastructures (Technavio 2018). The lack of effective cybersecurity measures has a potential knock-on effect on the information revolution, and on the development of information societies around
[1]
Mariarosaria Taddeo,et al.
Trust in Technology: A Distinctive and a Problematic Relation
,
2010
.
[2]
Luciano Floridi.
Mature Information Societies—a Matter of Expectations
,
2016
.
[3]
Luciano Floridi,et al.
The Fourth Revolution: How the infosphere is reshaping human reality
,
2014
.
[4]
L. Floridi,et al.
Regulate artificial intelligence to avert cyber arms race
,
2018,
Nature.
[5]
Steven P. Weber,et al.
Coercion in cybersecurity: What public health models reveal
,
2017,
J. Cybersecur..
[6]
Mariarosaria Taddeo,et al.
Deterrence by Norms to Stop Interstate Cyber Attacks
,
2017,
Minds and Machines.
[7]
Mariarosaria Taddeo,et al.
An analysis for a just cyber warfare
,
2012,
2012 4th International Conference on Cyber Conflict (CYCON 2012).
[8]
Deirdre K. Mulligan,et al.
Doctrine for Cybersecurity
,
2011,
Daedalus.
[9]
Mariarosaria Taddeo,et al.
How AI can be a force for good
,
2018,
Science.
[10]
Mariarosaria Taddeo,et al.
The Struggle Between Liberties and Authorities in the Information Age
,
2015,
Sci. Eng. Ethics.
[11]
Mariarosaria Taddeo,et al.
On the Risks of Relying on Analogies to Understand Cyber Conflicts
,
2016,
Minds and Machines.
[12]
M. Taddeo.
Cyber Security and Individual Rights, Striking the Right Balance
,
2013,
Philosophy & Technology.
[13]
M. Taddeo.
The Limits of Deterrence Theory in Cyberspace
,
2017,
Philosophy & Technology.