The Little Dutch Boy was a piece of American fiction Written in 1865, but it Would Have Never Worked….
“When a dike is about to break, a finger just does not cut it. Dikes don’t typically leak—they weaken until whole sections are washed away. No finger will help when that happens.” From DutchGeneology.nl
Sometimes I wonder if we are taking a finger in the dike approach to cyber security. That is not to say that our current cyber security tools and marketplace are not important or not needed. In fact the level of innovation in this space is broad and deep and certainly necessary. Protection against phishing, malware, viruses, intrusion, and data leakage amongst others continue to progress and this protection continues to provide great value to enterprises and governments alike.
There will always be bad actors and we will always need to continue to build and evolve new tools to root them out and stomp them out. The wonder I have is more around the Internet we are trying to protect; is it just a leak(s) or is it being weakened until whole sections will be washed away? Does the prevalence of identity theft, ransomware, phishing, DOS attacks, site takedowns, spam, grift, and even character assassination and disinformation point more to weakening than a simple set of leaks that can be plugged? And if it does, is there something more basic we need to be doing to the structure to shore it up?
Recently I have been promoting the idea of a fundamentally safer internet. I must say the reactions have been disappointing. I have been told there is no problem (really?!). I have been told that if we had some fundamental structural changes that would make it a safer place, there is no way we would be able to get countries to agree. I have been called naïve. I have been called some things I would not repeat here ☺
Yet, there is demand for change. New privacy laws and new regulations are being enacted almost every day. When a country acts to protect its citizens, it does not always or even often ask other countries to agree. It acts. That is the nature of sovereignty. But will this piecemeal effort ever be able to solve the fundamental underlying weakness? Or is it just many many more fingers in the dike? Is it just delaying the possible collapse rather than preventing it?
What are some of the objections to doing something more fundamental?:
- It’s too hard
- It’s too late
- Countries won’t agree
- Putting in guardrails will stifle innovation
- We already have tools, people just need to use them, it’s not a real problem
- Criminal actions existed before the internet, there is nothing new here
- Victims are the price of progress
- ….
What I hear is CAN’T!! We CAN’T solve the underlying problems so we should not waste our time trying. It is hard not to compare this CAN’T to the many CAN’Ts that have preceded it. There were certainly many CANT’s that came when we proposed to move all communications to an IP network, yet, voice, video, chat, entertainment, commerce, banking, VR, and AR to name a few have all arrived and thrived.
Perhaps my favorite overcoming of CAN’T right now is the electric car. A quick visit to the US department of energy dates the first electric cars back to 1833 (yes 1833). It lists the first “practical” electric car in 1870, the first electric car in the US in 1889, electric car popularity in 1899. More recently, GM built an all-electric car in 1996. Despite this history, when Tesla was incorporated by the founders Martin Eberhard and Marc Tarpenning in 2003, CAN’T was more popular than CAN.
Fortunately, there was at least one individual in addition to the founders who was willing to bet everything that it COULD be done; that was Elon Musk. He bet everything he had and he skirted with keeping the company afloat many times. He also faced a litany of objections from many business and auto industry experts:
- Not practical
- Not enough range
- Range anxiety
- No charging infrastructure
- Charging is too slow
- New car companies always fail (DeLorean, Bricklin etc)
- A car company has to scale to at least 100K units and Tesla will NEVER reach that
Here we are in 2022 and Tesla is building 1 million cars a year and every other major car company believes that electric cars are the future. Tesla did not look at objections as obstacles, Tesla looked at objections as opportunities and challenges. They built range, they built a supercharger network, they built level 3 charging, they built a new more dense battery.
So when it comes to the Internet, what does CAN’T really mean? Does it mean we throw up our hands? Or do we see the challenge for what it is? Do we see the opportunity when it is staring right at us? What we can’t do is let it all collapse because along with all the problems, it has changed the world in so many wonderful ways. It has created opportunity; it has flattened the earth and enables inclusiveness. It has brought people closer together. It has accelerated science, and accelerated progress.