How often have we been told that life is about managing risks? Some risks can be avoided or at least managed effectively as much is known about them. But the worst risks are those that are undefinable: we know that they exist but are unable to define them, unable to know when they will strike, or we are completely unaware of their effects.

We take so many things for granted in our modern way of living. Information and communications technology has made our lives so much easier. There is computer software embedded in our cars, in the aeroplanes we fly on, in the MRI scanners that are used to diagnose most potential diseases and in the computers we use to communicate.

From time to time we hear about cybercrime, usually committed by whizz kids who understand the way computers work and try to hack in any software controlled device either for criminal purposes or for pure and simple vandalism.

In the last several months we also hear how countries are probably spying on each other to influence the outcome of elections. So the democratic process that has withstood the test of time in the Western world is also under threat as a result of hackers with perverse intentions.

In one of its recent leaders, The Economist argued that ‘computer security is a contradiction in terms’. The various breaches of security that have enabled crooks to syphon millions from bank customer accounts, the stealing of personal data from important service providers, and tapping into the private e-mails and phone calls of both private and public persons show how vulnerable we all are to cyberattacks.

Up to some time ago banks were the biggest victims of cyber criminals whose main aim was to extract money from ATMs or clients’ accounts. But the spread of WannaCry ransomware was a wake-up call to all those who believe that hacking is a science fiction phenomenon that is unlikely to ever affect the lives of most ordinary people. The worrying reality is that every one of us is exposed to undefinable risks as a result of the ubiquitous use of software in most of the appliances we use on a daily basis.

We often realise the seriousness of certain risks when it is too late. Decades ago asbestos was used in water cisterns, boilers, drain pipes, for insulation against fire, and in factories. Before this noxious product was marketed and used in various building products no one seems to have assessed the risks of using it in homes. We now know of the disastrous effects that exposure to asbestos has had on so many people. Regulation of its use came too late for many.

We need to learn lessons from this and similar incidents that show our inability to launch products on the market without first understanding the inherent risks of doing so. There may be very good commercial reasons for being the first on the market with devices that work with software. But governments and manufactures are in duty bound to protect consumers from the negative effect of a failure of the software to function in a secure way. Here we are not talking merely of personal data protection, but also about the physical safety of those who use such equipment.

I am not one who supports intrusive legislation on companies that are creative and come out with new products that make our lives easier. But there is certainly a very solid argument to convince governments to enact legislation that puts the onus of protecting people when they use innovative products that are driven by computer software.

Most people lack the technical ability to understand the risks they take when they use devices driven by computer software. So they often fail to update their operating systems or ask for information when they suspect that their equipment may not be functioning in the way it should.

Moreover, most companies still do not feel an obligation to inform their clients when their systems have been hacked thereby affecting the safe use of their products and services.

A robust response by governments and companies alike is necessary to ensure that millions of consumers are not exposed to unnecessary risks when using medical, communications, and other software drive equipment.

The WannaCry malware that almost brought to a standstill the National Health Service in the UK was an important wake-up call for all those whose responsibility is to protect people from cybercrime.

 

johncassarwhite@yahoo.com

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.