Presentation given during a panel session on Innovation, Complexity, Risk and Trust at the MAPPING Second General Assembly in Prague, Czech Republic, on 1st November 2016.
3. BADTHINGS CAN HAPPEN
ACTION
• ‘Wise Monkeys’ approach
• Vulnerability disclosure
• Service failure / denial
• Data leak / breach
• Data destruction
REACTION
• Increased costs
• Recall / reputation damage
• Fine / loss of license
• Loss of revenue / value
• Job losses / business closure
5. PLANTO WIN
• Solve a problem / innovate
• Think ahead
• Listen to experts
• Prepare for failure
• You can’t predict it all
6. BUILDTO SURVIVE
• Assess risks honestly
• Scale flexibly & efficiently
• Built-in security, not bolt-on
• Test resilience plans
• Adapt and overcome issues
7. BE ‘UNWISE’
• Listen to customers,
experts, and regulators
• Speak (and ask) about
concerns and problems
• Look proactively for
problems, and don't ignore
Failure can be ‘fatal’
8. EASY PICKINGS
• Follow standards and test
• Use secure protocols
• Avoid bad defaults
• Make patchable & automatic
• Don’t overburden users
9. INNOVATE SECURELY
• Internet ofThings
• Identity schemes
• Surveillance tech
• Augmented / virtual reality
• Big data & analytics
• Machine Learning / AI
• Autonomous vehicles
• Drones
• Regulation & legislation
• Blockchain
11. INTERNET OFTHINGS
• Use interoperable standards
• Have on-device protection
• Enable automatic updates
• Manage external trust
• Limit data collection & use
12. IDENTITY SCHEMES
• Provide broad user benefits
• Make it citizen/user-centric
• Decentralised & federated
• Trusted throughout lifecycle
• Transparent and auditable
13. SURVEILLANCETECH
• Necessary & proportionate
• Minimise data & retention
• Limit purposes & access
• Oversight & accountability
• Don’t be ‘evil’, or facilitate it
14. AUGMENTED REALITY
• Tackle online abuse
• Be fair with ads & targeting
• Ensure data quality
• Take care with location data
• AR/VR use may be sensitive
15. BIG DATA & ANALYTICS
• Limit scope / purpose
• Be responsible and ethical
• Understand anonymisation
• Try prevent reidentification
• Correct bad data & decisions
17. AUTONOMOUSVEHICLES
• Ensure secure connectivity
• Address trolley problem
• Get government support
• Get insurance co backing
• Leverage sensor data wisely
18. DRONES
• Regulate for safety & privacy
• Geo-fence for safety & security
• Handle GPS spoofing / jamming
• Risk-based registration/ license
• Monitor misuse and respond
19. REGULATION & LEGISLATION
• Keep it light touch
• Limit strict / restrictive rules
• Use to open opportunities
• Status quos are not sacred
• Accept always behind curve
20. BLOCKCHAIN
• Use appropriately
• Beware of trade-offs
• Features can help, or bite
• Regulators & users matter
• It’s just another database
22. SECURITY GIVES PRIVACY
• False dichotomy begone
• Remember Ben Franklin
• Backdoors undermine us all
• Design for privacy, by default
• Build and operate securely