Thoughts on Geopolitics and Information Security
Geopolitics is a rather small word for very complex interactions, strategies, tactics, and the planning (of lack thereof) of events. Reading about topics connected to it is probably familiar to you. Few news articles can do without touching geopolitic aspects. Since politics has less technological content for most people, the connection to information security may not be obvious. Malicious software such as Stuxnet/WannaCry has changed this. Due to the events connected to their outbreak (or attack) the motivations of national agendas on the international stage have created awareness. There is a lot more to explore which is not on the radar of most experts, even in the field of information security.
The current trade wars have a major impact on technology and ultimately information security. When it comes to vendors there is a bias in buyers of security tools. The same is true for infrastructure such as mobile phone network components. It’s not just about Huawei, there are a lot of decisions going on when it comes to the question where the hardware and software your economy is build on should come from. The Edward Snowden publications in 2013 briefly raised public questions. The momentum of the disclosed content has subsided. The gadgets and networked appliances of Silicon Valley and like-minded start-ups have made data collection mainstream. CIOs have a hard time closing the daily data leaks caused by „telemetry“ data and constant monitoring.
Then there are the Crypto Wars. Gaining access to information is a process that has been around for thousands of years. Information gathering is not the exclusive domain of the military. Government, businesses, and individuals want the same. The problem is that the calls for weakening cryptography have never security in mind. The agendas are quite different from securing communication and systems. This is a well-known fact among information security experts.
So why bother? Well, geopolitics has become an important aspect of everyone defending networks, systems, and data. Your adversaries might be connected to issues well beyond the security event might suggest. WannaCry is a prime example. This is why we would like to discuss the interactions between geopolitics and information security at DeepINTEL 2019. If you have some ideas, observations, insights, and information regarding this aspect, please let us know. Send your abstract and your ideas by email to use – and present them at DeepINTEL!