Discussion Questions
: “The difficulty in predicting the future is that the outcomes are unreliable, due to the occurrence of wild-card events that distort the relatively well-understand trends for the near to mid-future.” Offer an example of such a “wild-card” event and some ways in which the security professional might address it in an effective manner. Regarding the need for the security industry as a whole to maintain the professionalism and competencies needed to address emerging threats and hazards, what do you feel are its primary areas of weakness and what proposals could you offer to address them?
The Future of the Security
When considering what awaits the security profession in the years to come and those that will operate within it, developments and forecasts related to security science will in large part be impacted by what has occurred in the past and in present day. What
might
occur, what is most
plausible
and
feasible
given current and expected occurrences, and what has proven to be effective (or not) will all need to be considered in determining those issues that will remain relevant or change. So predicting the future (not in the form of Nostradamus or similar prophets) as it relates to security is a technique that considers probable or desirable outcomes in the face of known or anticipated risks. So given this backdrop, where is security heading?
Physical Security
As long as there are structures that people operate within and house various assets, there will continue to be a need to offer needed protection related to them. All of the topics discussed in this course related to walls, fencing, sensors, alarm systems, guards, locks, and other such issues will be needed in some form or fashion. Whether through manual or technological means, these will remain a constant for the security administrator in providing appropriate defensive measures for the material, tangible assets they oversee. Concerning technology, the same trend will continue in serving as a needed aid in providing security moving forward. Mobile devices of various types, functions, capabilities, and their ability to access data, the ever-increasing use of robotics and the functions they can carry out, sensors that will be able to gain more intelligence regarding detection, and high frequency security cameras that will have the capability to verify the chemical compound of an object at a distance are just some of the many technical innovations on the horizon. Yet, just as technology has taken on a greater role in providing these efforts, so too does technology represent ever-increasing concerns to the security manager.
Cyber Security
As society becomes connected on an ever-increasing basis, attention must be directed towards what implications this environment has related to not only security, but related privacy concerns as well. In
Future Scenarios and Challenges for Security and Privacy
(2016, Williams, Axon, Nurse, & Creese), the researchers took a ver.
Capitol Tech U Doctoral Presentation - April 2024.pptx
Discussion Questions The difficulty in predicting the future is .docx
1. Discussion Questions
: “The difficulty in predicting the future is that the outcomes
are unreliable, due to the occurrence of wild-card events that
distort the relatively well-understand trends for the near to mid-
future.” Offer an example of such a “wild-card” event and some
ways in which the security professional might address it in an
effective manner. Regarding the need for the security industry
as a whole to maintain the professionalism and competencies
needed to address emerging threats and hazards, what do you
feel are its primary areas of weakness and what proposals could
you offer to address them?
The Future of the Security
When considering what awaits the security profession in the
years to come and those that will operate within it,
developments and forecasts related to security science will in
large part be impacted by what has occurred in the past and in
present day. What
might
occur, what is most
plausible
and
feasible
given current and expected occurrences, and what has proven to
be effective (or not) will all need to be considered in
determining those issues that will remain relevant or change.
So predicting the future (not in the form of Nostradamus or
similar prophets) as it relates to security is a technique that
considers probable or desirable outcomes in the face of known
or anticipated risks. So given this backdrop, where is security
heading?
Physical Security
As long as there are structures that people operate within and
house various assets, there will continue to be a need to offer
needed protection related to them. All of the topics discussed in
this course related to walls, fencing, sensors, alarm systems,
2. guards, locks, and other such issues will be needed in some
form or fashion. Whether through manual or technological
means, these will remain a constant for the security
administrator in providing appropriate defensive measures for
the material, tangible assets they oversee. Concerning
technology, the same trend will continue in serving as a needed
aid in providing security moving forward. Mobile devices of
various types, functions, capabilities, and their ability to access
data, the ever-increasing use of robotics and the functions they
can carry out, sensors that will be able to gain more intelligence
regarding detection, and high frequency security cameras that
will have the capability to verify the chemical compound of an
object at a distance are just some of the many technical
innovations on the horizon. Yet, just as technology has taken on
a greater role in providing these efforts, so too does technology
represent ever-increasing concerns to the security manager.
Cyber Security
As society becomes connected on an ever-increasing basis,
attention must be directed towards what implications this
environment has related to not only security, but related privacy
concerns as well. In
Future Scenarios and Challenges for Security and Privacy
(2016, Williams, Axon, Nurse, & Creese), the researchers took
a very methodical approach in considering some 30 predictions
obtained from a variety of organizations and disciplines;
consolidating them into ten defined scenarios. These scenarios
took into consideration a range of not only technological
possibilities that might occur over the next decade, but those
that represented commercial and political ramifications as well.
A brief overview will be provided regarding these various
situations:
Growth of the Internet-of-Things
. The Internet-of-Things will permeate all aspects of daily life
moving forward, making the lines between the physical and
virtual worlds less defined. Unfortunately, this only lends itself
to increased online risks and related threats and attacks.
3. Proliferation of offensive tools
. Although all public or private sector entities will not find
themselves targeted by nation-states or other forms of
government, the capabilities represented by a variety of simple
attack tools can place individuals and organizations alike under
the pervasive risk of identity theft.
Privacy becomes reinterpreted
. As it is with many issues, the overall concept of privacy can
be viewed and defined differently. Nowhere is this more evident
than in those labeled as “digital natives,” individuals who have
been raised in an age of unfettered Internet access and increased
use (and dependence) of social networking. Although the
development and use of these platforms has become
commonplace and offer a host of benefits, they can be seen as
invasive and present a number of risks and concerns regarding
confidentiality.
Repressive enforcement of online order
. Issues related to free speech have and will continue to have an
impact on security; where liberal versus what might be seen as
repressive approaches regarding online activity are taken.
Issues regarding surveillance, censorship, and regulations not
only have the potential to impact attacks that are carried out in
the cyber operating environment, but could inadvertently affect
commerce and free enterprise as well.
Heterogeneity of state postures
. An environment made up of dissimilar or diverse elements can
certainly be a positive in many ways. However, when there is a
great disparity in how Personally Identifiable Information (PII)
is defined, cooperation over cyber norms could be negatively
impacted. This would generally be seen at the uppermost levels
where certain governments may decline to prosecute their cyber
criminals; where working relationships would no doubt be
impacted. However, even in corporate America, this could be
seen as well to varying degrees.
Traditional business models under pressure
. Each and every day, it seems that the landscape the overall
4. business community, associated operating frameworks, and
issues related to intellectual property are all impacted by not
only competitors, but those that would wish to do them harm
through nefarious means. Although financial capital, ingenuity,
and innovation will remain in high demand, “the evolution of
new business models would see individuals’ personal data
become the most valuable commodity (2016, p. 3). As such data
resides in global repositories on an ever increasing basis,
associated security concerns will also increase.
Big data enables greater control
. There is really nothing new with manipulating data in order to
produce a desired outcome (as can be in every election cycle
related to polls), but the amount of data that will continue to be
accessible moving forward will have a great impact on how an
individual’s behavior might be managed by both corporations
and government. Such analysis could be utilized to customize
everything from advertisements to campaigns, but straying away
from these types of activities must be viewed with suspicion
and appropriately guarded against.
Growth of public-private partnerships
. It should come as no surprise that as the amount of
information submitted, stored, and retrieved about individuals
increase, that it would be shared between various entities as
well. However, even though the sharing of data between those
within the public and private sectors can offer a number of
advantages, the risk of confidentiality being violated as the
spectrum of these partnerships increase as well.
Citizens demand greater control
. The demand for transparency has become commonplace in our
world today, especially as it relates to those who hold elected
office. Yet the same demands and expectations by members of
the public regarding personal data held online will require
appropriate approaches and policies.
Organizations value cyber-resilience
. As more activities are carried out within the virtual
environment, it becomes increasingly important for
5. organizations to be resilient in the face of attacks on it. These
can come as a result activities carried out by external
perpetrators, but insider threats but also be considered. Also,
those known as “Advanced Persistent Threats” can especially
wreak havoc and must be guarded against. This is where an
attack is carried out on an entire network by unauthorized
personnel and remains there undetected for a long period of
time.
After offering insight regarding each of these issues, the
researchers turned their attention to what challenges await
professionals in regards to both security and privacy in light of
current practices. It was noted that a number of gaps can be
found in existing guidelines; those that will prove insufficient
in addressing the level to which technology permeates daily
life. At its core, a fundamental understanding of online presence
and protection of it is needed at the individual level. Likewise,
organizations and the documents that have been developed to
offer needed guidance would appear to fall short in relation to
many of these issues noted. For instance, current
recommendations do offer protection against certain risks as
long as applicable devices are identified, inventoried, and
monitored. Yet as it relates to the Internet-of-Things, it is
expected that many of these devices will be personally owned;
incorporated as part of their clothing or implanted. Therefore,
accounting for each of them would simply not be feasible. So
much work needs to be done in the areas of research and
development, education and training, and the accompanying
policies and guidance needed to enact and govern appropriate
security measures.
References
Code of Ethics. (n.d.)
ASIS International
. Retrieved from https://admin.asisonline.org/About-
ASIS/Pages/Code-of-Ethics.aspx
Borodzicz, E. P., & Gibson, S. D. (2006). Corporate security
education: Towards meeting the challenge.
6. Security Journal
,
19
(3), 180-195.
Griffith, M., Brooks, D.J., & Corkill, L. (2010). Defining the
security professional: Definition through a body of knowledge.
Paper presented at the
Proceedings of the 3
rd
Australian Security and Intelligence Conference
, Perth, Western Australia. Retrieved from
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1004&context=
asi
Securing Our Future: Cybersecurity and the Millennial
Workforce. (2017).
Raytheon
. Retrieved from
https://www.raytheon.com/sites/default/files/2017-
12/2017_cyber_report_rev1.pdf
Smith, C., & Brooks, D. J. (2012).
Security science: The theory and practice of security.
Burlington: Butterworth-Heinemann
Williams, M., Axon, L. Nurse, J. & Creese, S. (2016). Future
scenarios and challenges for security and privacy.
Department of Computer Science, University of Oxford
. Retrieved from https://www.cs.ox.ac.uk/files/8337/2016-rtsi-
wanc.pdf
Zorz, M. (2015). Do ethics get in the way of security
professionals?
Help Net Security
. Retrieved from
https://www.helpnetsecurity.com/2015/05/13/do-ethics-get-in-
the-way-of-security-professionals/