ISSE 2016: the boundaries of critical infrastructure

News by Max Metzger

Jan Rochat, CTO of AET technologies, reminded an ISSE 2016 audience that the security boundaries of critical infrastructure are not quite as concrete at they seem

Last week, Jan Rochat, CTO of AET Europe gave a presentation to the banking community:he told them that what they do would eventually be made obsolete by the likes of Facebook and Google. Perhaps predictably, they called him crazy. The next day Rochat concluded, Donald Trump was elected president of the United States and ‘leader of the free world'.

The point being that the seemingly impossible, can and does happen. That is also the case with the looming threats against critical infrastructure: the roads, hospitals, electrical grids and trainlines which underpin the basic operation of modern life.

Even that is not so easily definable anymore. Data that is used to build our critical infrastructure flows from multiple sources and then out to another array of devices. The data which a wearable heart monitor puts out might go into a hospital whose data might in turn feed into a smart city infrastructure: “all those consumer devices are becoming part of critical infrastructure” ergo, what you do online has an effect in the real world. It also means that the boundary for something like a medical centre, does not end at its doors.

So how to solve this? Well, said Rochat, regulation will be important in marshalling this. But, “The influence of regulation on technology is critically dependent on the technology of regulations”.

We need only look to Martec's law for insight here; it states that  “technology changes exponentially, organisation changes logarithmically”. Simply, the growth of technology not only in size but complexity too, will always outpace the growth of regulation and government's ability to comprehend and tackle the problems.

intech, technology to help the financial sector comply with new regulation, has been much vaunted by the sector. Rochat says Regtech too, is required to allow regulation to keep pace with the interminable growth of technologies influence in our daily life.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews