We are living in a digital economy that highly relies on the increased use of innovative and cutting-edge technologies fostering secure, smart and sustainable ecosystems. The quick adaption and integration of emerging technologies such as Artificial Intelligence in diverse sectors and industry reflects the business need for effective and efficient processes, business optimization, informed decision-making, and reducing production defects and waste. These align with the scope of the European Net Zero Act (net-zero manufacturing capacities), Digital Product Passport, and UN Sustainable Development Goals. However, sustainability is not limited to environmental goals only, it must be technologically sustainable as well which means the information technology systems’ ability to operate under disruptive or adverse conditions and rapidly recover from any such incidents. The future of technology¹ predicts that by 2030, reading and writing data on DNA and lab-grown food will be common, the majority of the tech will be either AI-powered or enabled, digital infrastructures (healthcare, manufacturing, transport, fintech, etc.) and smart homes will have zero latency connectivity and much more. Imagine if any of these critical and public-faced infrastructures/entities suffer an outage or downtime, and how it may impact human lives, it is hard to assess it precisely at this point. This is why there is a pressing need for building both operational and cyber resilience within the digital economy. A fully transparent ecosystem where the public can rely on and trust that the confidentiality, integrity and availability of their data will remain intact. The massive CrowdStrike incident is an eye-opener for the rest of the tech and implementing industries, and if these lessons are not learned, they will certainly repeat due to negligence.
The cyber threat landscape that includes data loss, malicious attacks, regulatory noncompliance, financial loss, etcetera has widened due to risks associated with emerging technologies. This is because the technologies were developed before standards and policies were in place which led to gaps, that if exploited, could potentially compromise the implementing infrastructures. For an example if a builder having years of experience in construction and building is asked to repair or renovate an old building, he/she may take into account the different infrastructure requirements, architecture, design, lifespan, quality of construction, and climate. Imagine, a scenario where the builder is asked to fix a new styled window in an old architecture, what would be the implications? It may require custom changes to the layout but there may be possibilities of damage to the property such as gaps, cracks, etc. Similarly, in technology when new and old technologies are brought together, there are various complexities and risks that need to be mitigated before they are connected and made live. If these risks are not assessed and managed properly, they open security gaps in the environment leading the environment susceptible to cyber risks. One of the most recently asked questions is “can the next global tech outage be prevented?”. Industry may employ diverse systems that rely on different technologies and have inter-dependencies as well. A research in cloud computing mentioned business operations that had technological inter-dependencies and were impacted as a result of cloud downtime². The research also highlighted the lack of alignment between the cloud, IT and Business Strategies and standards, leading the business environment vulnerable to several risks. There are various factors that contribute to IT outages such as interoperability issues, security flaws, hardware/software faults, force majeure, human error, et cetera and there have been many discussions on technical forums regarding achieving 100% uptime and availability. In a recent article, Deloitte³ mentions that there is “No such thing as Hacker-Proof”. One can incorporate the best practices and tactical incident response but there are no 100% guarantees – even the best systems can fail. So, it is important to be proactive and have contingency plans in place when such circumstances occur. Operational and cyber resilience is essential for every critical and public-facing entity. One may ask, is our healthcare system resilient and can it operate fully without any disruptions if there are more cyber incidents or outages? These are the scenarios we must prepare ourselves for. Inhabiting a digital era where people in general appreciate better services and quicker response times from the digital applications and services that they use. It is important for the commoners to have a better understanding and awareness of the technologies that they are using. The 2024 statistics by EMBROKER reports cybercrimes increasing by 600%⁴. Cybersecurity is for everyone and is everyone’s responsibility. As an example, no matter how many security and defense measures are put in place by a person to protect their home, if they are the ones to open doors to an intruder without verifying, all those measures are in vain. Similarly, a people-centric cybersecurity approach is required where people take ownership and responsibility for learning and operating securely online/digitally. Cyber and Emerging Technology capacity building and awareness are one of the key factors to fostering a secure, operational, and resilient digital society and ecosystem – fulfilling the vision of e-Pakistan.
¹https://www.pluralsight.com/resources/blog/it-ops/tech-in-2030
²Dhirani, LL, and Newe. T.”Securing industry 5.0 using 6σCYBERNETIC framework.” Mehran University Research Journal Of Engineering & Technology 43.2 (2024): 220-238.
³https://deloitte.wsj.com/cio/no-such-thing-as-hackerproof-1376539265
⁴https://www.embroker.com/blog/cyber-attack-statistics/
Author’s Bio
Dr. Lubna Luxmi Dhirani is an Associate Professor at the Department of Electronic & Computer Engineering, University of Limerick. She is a Course Director for the BSc Cybersecurity Practitioner Apprenticeship program taught at UL. Lubna is a Senior Member IEEE and the first WIE Ambassador from Ireland in the IEEE WIE (UK&I section). She is the PI for the EU-funded CATCH_VR project from UL. Her research interests include cybersecurity, cloud, cyber law and regulations, standards, privacy, and risks in emerging technologies. She has delivered more than 35 technical workshops, tutorials, masterclasses, panel and keynotes at International conferences and platforms. Lubna is involved in initiatives supporting women in STEM, she is a former DELL StemAspire mentee, and recipient of the SFI Confirm EPE Champions Award 2021. Email: Lubna.luxmi@ul.ie
Navigating the Global Tech Outage: How to Stay Ahead of the Curve
on 13/09/2024