In the case study “Ransomware Doesn’t Scare Me; Listeria Does,” what I found especially interesting was the idea of overnetworking, and the security ramifications of doing so. For instance, their solution was to de-network, reducing possible security holes and breaches for other people to get through. This also reminds me of the fact that Coca-cola’s recipe is still unknown, after all these years, simply because it’s kept locked in a safe, and never moved online. Other systems with similar risks of being over-networked include healthcare, with the advent of online prescriptions and the transfer of sensitive information online and to manage machines, and also public utilities, which are at the risk of being hacked and leaving thousands to their own devices. Some elements that should never be allowed to be on the internet include sensitive information rarely ever used, such as the cheese recipe, or otherwise confidentially guarded, such as details about a patient’s confidential information. Otherwise, a leak of this information could be potentially catastrophic.
The second case of “Who Invited Her?,” is an important demonstration of the need to speak up when it matters. Sara could have easily stayed silent, which would have not drawn the ire of those around her, but it would have also kept the security vulnerabilities in the system open, without anyone realizing them. Additionally, if these ideas weren’t given any weight, such as if the CEO dismissed her thoughts, it would have led to the loss of millions as the company continued to futilely battle security issues. Despite being an unattractive option, Sara’s thoughts were still important, and the benefits of at least seriously considering her ideas were enormous. It was important that she challenge the technical assumptions that their security systems were always going to be 100% better than the analog versions of them, and that having things online posed little to no security risk at all. Her words also challenged the implicit gender and hierarchical assumptions that the CEO’s thoughts were always correct, as he was the one that championed the move to a more digitally linked infrastructure.
Overall, these cases draw light to some security issues that may come up with our project. DO we really need a digital alternative to what we’ve had for years? And if so, what would be the ramifications of using these systems security wise, as we increasingly shift to a digital word more interconnected, and more exposed to threats than ever.
