“In five years, the Internet will be much safer than it is today, thanks to technological advances that address common problems at scale.”
This prediction from Chris Hockings, CTO of IBM Asia Pacific, may seem a little ambitious given that AI-driven cybercrime is growing at an exponential rate, deepfake technology is enhancing social engineering attacks, and the power of quantum computing is on the horizon.
But Hockings spoke to TechRepublic about how he thinks the technology will accelerate at an even faster pace in the coming years, with the passcode at its core.
The future of digital identity in Australia
Digital identity is a key area where Australia is making significant progress, and passcode technology is a central component of this progress, although passcode adoption is lagging in Australia.
Hockings highlighted how digital identity systems are helping to reduce the risk of breaches. Notably, Australia’s myGov is a passcode project that has national implications. Implementing passcodes can effectively eliminate the main source of fraud for users who adopt them, he said.
“Globally, 16% of breaches are due to lost or stolen credentials, and it is the leading initial attack driver,” Hockings explained. “Digital identity offers the opportunity to significantly reduce the attack surface. The more people adopt these technologies, the less susceptible they will be to cyber breaches.”
Emerging threats: deepfakes and quantum computing
Elsewhere, other threats are certainly emerging. New challenges such as deepfakes are forcing governments around the world to hastily draft laws to combat them, while quantum computing looms on the horizon. Once quantum computing becomes a reality, traditional encryption techniques could prove ineffective.
However, Hockings said there are solutions to counter these problems.
“Deepfakes are a major concern, but with the right technological advancements, we can create systems that filter out untrustworthy content at scale,” he said.
Hockings believes the core problem with deepfakes as an attack vector comes down to identity. The internet was originally designed so that content could reach everyone. However, with the implementation of digital identities (including the possibility of myGov), people are gaining more control over the content that is leaked.
“Today, we rely entirely on SSL when we use websites,” he said. “I think the answer to what is happening is that there will be protection mechanisms and the focus will move from protections and a sort of ‘zero trust’ approach to the content that we experience, rather than the current reactionary approach of ‘detect and respond.’”
Meanwhile, IBM is striving to be at the forefront of solving the challenges posed by quantum computing. The speed and power of quantum computing, which are on the horizon, mean that “brute force” attacks could defeat even 2048-bit encryption. It could take a decade or more for quantum computers to become powerful and error-free enough to do this.
Since IBM does not expect to deliver its first error-correcting quantum system until 2029, there is still time for organizations to focus on security to ensure their response to quantum computing is not reactive.
A solution to the cybersecurity skills shortage
One of the most pressing issues being discussed across Australia is the cybersecurity skills shortage, something Hockings acknowledges, highlighting in particular the challenge of gender bias – currently, only 17% of cybersecurity professionals are women.
“Even from my own experience, I have teenage daughters who are thinking about going to university and I have seen the options in cybersecurity emerging,” she said. “They are there, and obviously there is also the standardisation of TAFE courses. But in terms of attracting women into the industry, those efforts need to continue to grow.”
However, Hockings also suggested that the extent of cybersecurity skills shortages, both now and in the future, is “overinflated”.
“It’s not just about the number of people available,” he added. “It’s also about technological innovation that can help existing professionals be more effective and eliminate the need for other people to do certain parts of those jobs.”
IBM has long recognized the importance of fostering talent and sustaining innovation, Hockings said.
“We have been able to sustain innovation for over 30 years, which is quite an amazing feat,” he explained. “This is reflected in our enterprise clients in Australia, with many initiatives involving partnerships with universities, running hackathons and other activities to generate interest and create a pipeline for bringing skills into organisations.”
As security becomes a more personal issue and the “zero trust” approach to authentication and identity allows people more control over how they access and interact with content, digital literacy will be key. This allows people to feel empowered to make decisions about security.
However, Hockings is confident that this shift in mindset around security will result in a safer Internet where cyberattacks that rely on a large surface area will become obsolete.