NATO Summits, Supply Chain Attacks and a Cyber Ghost of Christmas Future

Last week I was performing in a production of Alan Ayckbourn’s “Seasons Greetings”. It’s a witty, brilliantly observed and poignant play about the tensions, rows and emotional outbursts of a dysfunctional family as they gather to celebrate Christmas.

The run coincided with a similarly tense celebration as leaders of the NATO alliance member countries met to celebrate 70 years of the alliance.

I found myself drawing parallels between the play and the NATO gathering, and I have to say they made me nervous.

Obviously there’s the general background worry about the overall geopolitical situation, but I also started fretting about how these play into our worlds of tech and digital business.

It’s hardly a dark family secret that the established liberal democratic order in western politics is facing challenges from the forces of nationalism and populism, and that tech, and social media in particular, is playing an important role in that trend.

Whether we like it or not, trust is a victim in this environment.

We may still have a burning faith in our politicians’ fundamental ideologies and their ability to get things done the way we want, but it’s becoming increasingly difficult to believe the specifics of what they’re saying.

It’s become like one of Sir Humphrey Appleby’s irregular verbs (Look away now if you’re not a ‘Yes Minister’ fan):

I speak as I find

You take my remarks out of context

He lies through his teeth.

This climate makes me nervous about tech and digital because our industry relies so heavily on trust.

Features like Cloud, APIs, standards, open source and Github are designed specifically to let us build, modify and dismantle digital capability like Lego®, enabling businesses to deliver applications at pace by drawing on a pool of pre-built artefacts and the capabilities of an army of software engineers outside their direct control.

This is brilliant, as long as we can keep trusting the Lego®

For me, the worry is that the twin movements of ‘traditional’ cybercrime and our corrosive political environment create a pincer movement which undermines that that trust and takes us back towards the bad old days of silo’d in-house development.

I was telecoms manager for a global business during the years when trends such as offshoring and Cloud really started to take off.

I had a hard time convincing my peers that to get full benefit from these developments we needed to break away from the old fortress mentality and start trusting the Internet, albeit with the help of some pretty hefty firewall rules and VPNs.

Other network managers might recognise the frustration of trying to win the argument that we really couldn’t afford to build a private physical network for  all our offshore and Cloud providers.

At the same time, our C-level was waking up to the potential of trends like hackathons to get cool digital business stuff quickly and cheaply.

As a result of these two trends, while we didn’t quite end up with complete free movement of software, some of the walls did start coming down and Cloud apps, offshore software development and third party software hot housing became part of business as usual.

It was a transformation echoed in many enterprises from the mid Noughties onwards.

So, what’s changed in our emerging, post-truth, trust averse world?

A major global provider of telecoms infrastructure, has become a pariah in many countries because of security concerns, although like the Mexican physical version, the Huawei one has some gaps.

Cyber criminals have found that they can trawl all that lovely shared code and insert malware to create lucrative supply chain attacks without it being immediately noticed amongst all that multi-sourced, open architecture complexity.

Enterprises, faced with the strictures of GDPR and growing customer nervousness about their data, are still grappling with the risks these present for cloud migrations and the like.

I guess we could reach a point where CIOs and CTOs come under pressure to join the protectionist, trust averse zeitgeist and start banging on about building new (fire)walls between the business and all those baddies outside, or about getting ‘Xxit’ done, where ‘X’ is Cloud (Clexit?) or open source (OSexit? although maybe that sounds too much like an Irish vow of celibacy).

Luckily I think all this is a distant threat, because the benefits of our IT free market are much more clear cut and well established than those of that other union which is currently causing us Brits such angst.

Nevertheless, like Scrooge I’ve seen the shadow of a ghost of Christmas future, and I don’t think we can be complacent.

Of course, cyber security experts will be rubbing their hands and looking for the next lucrative contract, and I wish them well in that, because effective, intelligent, inline cyber security is one way to keep our borders open without letting in the terrorists and the mafioso, government sponsored or otherwise.

I just hope fervently that the erosion of trust between governments, in international alliances and unions and between politicians and people doesn’t get into our digital world to the extent that the productive and loving digital relationships, our Paypals and eBays, never end up in awkward Christmas get-togethers.

And while I’m here, whatever you celebrate around this season, may I wish you a contented, healthy and peaceful time of it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s