October 7, 2022
As we observe the evolution of the war in Ukraine, particularly the use of cyberwarfare, we are presented with many questions about the long-term evolution of the cybersecurity landscape. Likewise, we've seen the pandemic bring about the rapid acceleration of digitalization — its place in our lives is no longer in question. But before plunging…

As we observe the evolution of the war in Ukraine, particularly the use of cyberwarfare, we are presented with many questions about the long-term evolution of the cybersecurity landscape. Likewise, we’ve seen the pandemic bring about the rapid acceleration of digitalization — its place in our lives is no longer in question. But before plunging headfirst into this technological race, should we not ask ourselves where this evolution might be taking us of in terms of cybersecurity?

Based on the trends we’re seeing develop in 2022, we have several diverging roads ahead of us. For a moment, let’s take a look at four possible scenarios that could emerge over the next 20 years. The one in which we end up will be the result of choices we make right now about how to regulate and implement cybersecurity measures and countermeasures; perhaps this will inspire us to do things differently.

1. Peace in the Digital Space, for the Common Good

In 2040, due to technological breakthroughs caused by intense research and a worldwide awareness of the importance of preserving this now vital new space, the digital space is declared a “common good of humanity” by the United Nation’s General Assembly. It is therefore protected by international conventions that prohibit its militarization, respect privacy, and enforce a high level of security to eliminate criminal action. A special agency based on the model of the WHO or the UNHCR is created to protect it.

2. A Balance of Power in Digital Space

In 2040, through global investment and regulation, the digital space has become a vital area with a high level of security. Only the most powerful states are able to confront each other in this digital space — and at great expense. They do so with restraint because their societies and economies, as well as global trade, would suffer from a deterioration of digital security (just as today, aerial combat is rare, due to the high price of modern fighter planes and the high utilization of airspace by citizen travelers). Cybercrime would have disappeared because of the cost and the expertise it requires. The digital space would be globally inaccessible to non-state players. A Digital Security Council would be created, with the great digital powers as its only permanent members.

3. Digital Insecurity on a Controlled Scale

Digital insecurity is present in 2040 as it is today, but it remains on a small scale and does not call into question the model we know. States adopt positions, establish regulations, and implement policy incentives to strengthen the level of security. They do so while continuously conducting offensive actions to preserve their interests, even if it means destabilizing what they are building. Cybercrime persists by exploiting vulnerabilities and reusing offensive techniques and tools developed by states, but its impact is sustainable, both politically and economically, thanks to cyber insurance. Unfortunately, as in the material space, the weakest — i.e., vulnerable users, small businesses, and fragile states — are the first victims.

4. The Global Digital Space Collapses, Regional Alternatives Rise

A few years after a wave of global-scale attacks which in some cases generated major human and economic consequences, the unfettered expansion of the digital space has resulted in total collapse by 2040. The global model has become untenable, due to uncontrolled data localization, technological monopolies dictating conditions, toothless international law, and ineffective national rights. It is therefore deeply questioned by states and citizens. New spaces, based on a national or regional approach, have been built. Beyond the legal aspects, they rely on differentiated technologies to avoid systemic effects. Quality and safety are regulated, potentially at the expense of price and innovation, and interfaces are controlled. By losing its universal specificity, the digital space has aligned itself with the physical space, for better or for worse.

What’s Likely?

The first scenario, resolutely optimistic and therefore unlikely, is nevertheless plausible and would allow everyone to take advantage of the benefits of digital technology. Many precedents currently exist to safeguard areas such as Antarctica or the deep seabed, and these have continued to be respected, so why not the digital space? More broadly, a high level of confidence in the digital space allows technological acceleration to address the major challenges of our time, particularly around healthcare and energy.

The beginnings of the fourth scenario are already perceptible with the balkanization of China and Russia. In that scenario, insecurity both of state and of cybercriminal origin has not disappeared — it has increased further in the most fragile regions, which we are seeing today with cyberattacks on Ukraine, Taiwan, and other rivals.

Obviously, the future is unwritten, and the most likely scenario will be a combination of the four. One certainty remains: the need to invest in cybersecurity technologies and skills so that humanity can control its future. If we can create a world where cybersecurity is global and digital systems are impervious to attack, we can establish a safe place for international commerce, communications, and community to flourish.

Source