Just before RSA Conference in April, I attended an event that has stayed with me for the past six weeks. This event featured prominent speakers and industry experts from business and government, and the confidential discussions got me thinking. My biggest takeaway from the event:
We are living in a state of continuous compromise.
When I say, “we,” I mean all of us living in the U.S. and in many other countries. And when I say “continuous compromise,” I’m speaking about more than just the constant security compromises and threats that organizations face.
I’m talking about a systemic erosion of trust—in media, in government, in science, and other institutions—that’s accelerated over the past five to 10 years, as technology has advanced, social media has spread, and disinformation campaigns have become a geopolitical weapon. I’m talking about living in a state where it’s getting harder and harder to distinguish truth from fiction, and where our nation’s adversaries are actively exploiting this erosion of trust for their economic and political advantage.
To live in a state of continuous compromise means to live in a world where we must constantly question what’s real and what’s fake, what’s legitimate and what’s malicious.
The social, economic and political implications of having to live in this ambiguous state are significant, and I want to start a civil discourse on this very pressing topic.
Over the next five weeks, in a series of weekly blog posts publishing Mondays, I will explore this concept of continuous compromise, along with a central question: How brittle is trust? I’ll also examine several promising yet potentially trust-breaking technologies that are advancing at breakneck speeds, including quantum computing and generative AI, and I’ll tackle engagement with China.
Trust doesn’t disappear overnight, and systemic loss of trust in institutions isn’t caused by a single explosive event. There’s a gradual shift toward distrust, like the way topsoil erodes over time from earth that isn’t protected by vegetation. In that sense, the effect of a deterioration in trust is more like radiation than an explosion, where daily exposure to ever more convincing bits of disinformation leads to a state of continuous compromise.
As cybersecurity professionals, we’re used to being skeptical and asking logical questions: Is the email real, or is it fake? Is this a legitimate user or a malicious actor? We tend to think in terms of threat vectors, attacks, and response actions, but the notion of continuous compromise and the question of trust will demand new thinking.
It’s time to start a serious conversation about these issues. I hope you’ll join me. Trust is likely to become more brittle in the coming years. But brittle isn’t broken, and if we act now, we can prevent this erosion of trust from breaking beyond repair.