TRUSTED

software.
hardware.
platforms.
services.
data.
devices.
inclusion.
AI.
innovation.
commerce.
privacy.
security.
Security is built on trust.

TRUSTED

software.
hardware.
platforms.
services.
data.
devices.
inclusion.
AI.
innovation.
commerce.
privacy.
security.
Security is built on trust.

We need the ability to trust that the technologies and services we use are secure by design.  

Our digital ecosystem is under near constant threat from activities by malicious actors using techniques that are becoming increasingly more complex, sophisticated, and ubiquitous. Since the beginning of the pandemic, there has been a 300% increase in cybercrime, cyber scams have gone up 400%, mobile malware is on the rise, and there has been a significant hike in the frequency and size of ransomware attacks. For example, malware targeting mobile banking apps nearly doubled in 2021, as cyber criminals seek to take advantage of the rising popularity of mobile banking apps, underscoring the linkage between greater functionality and increasing security risks on smartphones.

Criminal gangs, hackers with a business plan, and even nation states are working around the clock and across the globe to find and exploit vulnerabilities in technologies and services in what are often believed to be secure systems. They are developing sophisticated new “social engineering” strategies to trick users into clicking on malevolent links, infected attachments, or downloading mobile malware directly onto devices. Even a small mistake can be leveraged to put your most personal information at risk, put proprietary business information in jeopardy, expose national security secrets, or even lock down a pipeline, school or hospital for ransom.  We have to find the right path forward to reduce this risk.  

As a start, one of the best defenses is increasing awareness and adoption of basic cyber hygiene best practices, because according to one study, social engineering or other human error account for almost 90% of successful attempts to exploit a system. Simple steps, like adopting strong passwords, using multifactor authentication, only downloading from official app stores, and avoiding clicking on untrusted links, are among the best ways to protect people from ever-evolving and increasingly problematic cyber threats.    

Yet as information technology becomes more pervasive, devices more prolific, and the information we carry with us more sensitive, the attack surface that hackers can attempt to exploit has increased substantially, creating new kinds of potential harm.  It means that as technology becomes increasingly central to our lives, making it secure and reliable from the start becomes ever more critical.   

Just like a home must be built upon a strong foundation or it will eventually crumble, our new digital home must also be built upon a strong foundation of security – with security built into its very foundation by design.  To elevate our cybersecurity posture, we need to elevate our focus on agile solutions across the ecosystem that embrace best practice standards, enable continuous innovation in cyber-defenses, advance globally recognized frameworks, and that are underpinned by smart government policies to keep personal and business data secure and our economy moving forward.

IDEAS

Three Problems With the New Digital Markets Act Fines and Interoperability Regulatory Measures 

Today, the European Commission issued its first fines under the controversial Digital Markets Act.

Signalgate, and NSA warnings about Signal vulnerabilities, highlight the inherent vulnerabilities in the EU's latest interoperability rules    

These couple weeks have proven to be a powerful reminder of the power of encrypted messaging apps, and the equally significant harm to national security when someone unwittingly gains access to important private conversations.  

Adam Golodner: The EU’s cybersecurity dilemma: It’s time for executives to take action

The need for the world’s leading executives and government national security experts to weigh in on non-security “civil” legislation stands on its own as an imperative.

Jim Kohlenberger: Cybersecurity Risks Of Encryption Backdoors: What Business Leaders Should Know

The Washington Post reported in February that the U.K. government issued a “secret order” that “demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud.” While the immediate order is centered on Apple's cloud data, the U.K.’s order for blanket…

James Lamond: Transatlantic Consensus That Private Sector Is Key To Addressing Cyber Concerns

By any account, the transatlantic relationship appears to be at a low point. From trade and economics to matters of war and peace, the United States and Europe are in an apparent period of disunity not seen in decades. However, there is one area where there appears to be more…

New Interoperability Mandates Exemplify the Problems with DMA Rather Than Fixing Them

Many people may have missed it, but just ahead of the holidays, the European Commission proposed specific new interoperability mandates under the Digital Markets Act (DMA). Trusted Future has written extensively about the DMA, particularly our concerns over the unintended consequences that the law could have on the privacy and…

The Global IT Crisis and Third Party Vulnerabilities

This week’s global IT crisis affecting businesses around the world should be a wake up call to us all.  DMA requirements for mandatory third party access to the operating system will make personal smartphones and tablets vulnerable to new and currently unimaginable emerging threats.

Taking Spyware and Other Mobile Threats Seriously

Last March, in the forward to the White House Cybersecurity strategy, the President wrote, “[W]hen we pick up our smart phones to keep in touch with loved ones, log on to social media to share our ideas with one another, or connect to the Internet to run a business, we…

DMA: To Preserve Robust Mobile Security, Policymakers Should Heed the Important Security Lessons From the ActiveX Era of the Internet

We’ve previously explained the many challenges European regulators face in implementing the Digital Markets Act (DMA), especially as it relates to the security consequences of downloading mobile apps from untrusted sources. In this piece, we go deeper to examine lessons from a similar well-meaning approach and architecture from the 1990’s…

Adam Golodner: Global trust and technology networks: Beware the trifurcation

Recently, I attended the annual Munich Security Conference and came away with a deepening concern about what I’m calling the “trifurcation” of the global technology ecosystem. The trifurcation is a further balkanization of the technology ecosystem as the West and China pull away from each other’s products and services, which…