The exposure of the PRISM data-collection program might not fall squarely under the heading of the third annual International Cyber Security Conference, which concluded on Wednesday at Tel Aviv University. The secret data-collection program, by which U.S. intelligence agencies routinely vacuum up huge amounts of private communications from Internet users, stands outside the realm of safeguarding the cyberworld from attacks. PRISM is defended as an antiterrorism measure, necessary to detect plots as they are hatched between evildoers communicating with one another online.
But it turns out that, from the point of view of the watchers gathered in Tel Aviv, it’s all about expanding their gaze even further. The chairman of RSA, the digital-security company best known for its password key fobs, made the case for “full visibility into all data” as essential to detecting and thwarting threats to the cyberworld as well. Art Coviello, who is also executive vice president of EMC, which now owns RSA, said computer security is no longer about throwing up a fire wall between a piece of equipment and the outside world. Consumers now move between so many digital devices, and entrust information to the cloud, that the idea of “a perimeter” has been falling apart since 2007. Coviello gestured to zettabytes — four levels up from a gigabyte — to drive home his point that there’s just too much data moving out there to protect on site: understanding, he said, that 1 zetta is equal to 4.9 quadrillion books, the world traffic in data was a quarter of a zettabyte in 2007, but had become 2 zettabytes in 2013 and by 2020 might be 40, or even 60.
“The attack surface is great,” says Melissa Hathaway, a former cyberspace specialist for the White House’s National Security Council, noting the profusion of smartphones, tablets, laptops and other devices that eventually will produce what several speakers referred to as “an Internet of things.”
Safeguarding the data that moves among all these things is no long a matter of building walls and more one of learning to spot threats in the massive flow. “Big Data makes an intelligence-driven model viable,” Coviello says. Seeing everything that flows among servers around the globe, he says, “will allow us to spot the faint signal of an attack.” It is the nature of “hacktivism,” or malware, or anyone threatening the orderly functioning of the cyberworld: “Full visibility into all data,” he says, will allow cybersecurity authorities to “spot abnormal behavior in people and in the flow.”
All of this of course requires the trust of the people whose data is being collected and studied, even if only from a distance, as “flow.” In the slide show that accompanied Coviello’s remarks, this small matter was brought home by a particular image: a Rubik’s Cube, shaded gray and blue, and adorned with arrows and labels taking in the areas that needed to be addressed: security management, intelligence, controls. As it happens, an actual Rubik’s Cube figured in the cloak-and-dagger that led to the exposure of PRISM: Edward Snowden, the former CIA and NSA computer specialist who passed on documents to the Guardian and Washington Post, identified himself to Guardian reporters in the lobby of a Hong Kong hotel by carrying a Rubik’s Cube — the ’70s-era puzzle being the geek version of the red carnation in the lapel, apparently.
Snowden has said he exposed the program — and came forward publicly to acknowledge doing so — so that ordinary people would have the information to judge for themselves whether to tolerate PRISM, which U.S. officials had kept secret. For their part, most cyberprofessionals clearly think it’s no big deal. Another of Coviello’s slides predicted that, by 2020, the advance of social media would result in an utter “absence of privacy.” But he also acknowledged that not everyone likes the sound of that.
“Given the reports in the U.S. press recently,” Coviello said from the podium, “we do need to have a better conversation about privacy.”