We interviewed Bruce Schneier at SecureWorld Boston about his views on cybersecurity in 2019.
"I tend to be short-term pessimistic, long-term optimistic," Schneier told us. "I actually don't think this will be the end of society. We’ll figure this out. However, I think we have some rocky years ahead."
One of the things he writes about in the book is the growing significance of "class breaks."
In both security and IT circles, we're used to this idea: if one Android phone becomes insecure, there's a good chance the entire "class" of Android phones are now dealing with broken security until a patch gets pushed down.
However, Schneier says the problem of class breaks is spreading to sectors that cannot handle them. And that puts security at greater risk.
Watch the video of our interview with Bruce Schneier or read his comments on class breaks, here:
[SecureWorld] You mentioned "class breaks" in your book. This is one of the reasons that problems with security getting broken can be so severe.
[Schneier] I mean, class breaks are something we're used to in computers, right, that a vulnerability appears and suddenly every iPhone is insecure. All Windows are insecure, and then we have to get a patch. The real world isn't ready for that.
Maybe think about physical devices like cars. Cars fail, you know, in this irregular stochastic pattern. They break once in a while, and there are repair shops to deal with the steady stream of cars that need fixing. They don't break all at once.
And the mechanism of "all at once" is going to be difficult for the real world to contend with because they don't have that capability. Everybody's refrigerator needs fixing—today. We can't do that.
And while we can't do that, as Bruce Schneier says, there are things we can and be doing around cybersecurity.
Watch or read our complete interview with Bruce Schneier on the state of cybersecurity in 2019 and how we can make it stronger.
Or, if 5G Security and encryption are your concerns, check out what Schneier told us about the way the government views security.
[Webinar Resource: Time Is Up, Let's Rethink DLP Strategy]