TREND: Geopolitics and national security increasingly influenced by technology developments (and security concerns)

Overview: Different threat actors increasingly aiming to exploit security vulnerabilities in software/hardware – particularly as increased internet-enabled connectivity and interdependency enhances the ability to carry out more advanced and pervasive attacks.  Example threat actor types include:

1. Foreign intelligence
2. Industrial spies
3. Terrorist groups
4. General criminal groups
5. Disgruntled insiders
6. Hacktivists and more general hacking communities.

Motivations can have political, military or personal emphasis, and the increasing threat landscape leveraged by such actors is increasing demand for PACS solutions.

Impact: is driving an increasingly diverse threat landscape that is creating new and unprecedented challenges for PACs stakeholders to handle, which is in turn driving new PACs technology and service innovations.

TREND:  Conflicts of interest and security “equities issue” within national/pan-national intelligence agencies.

Overview: Key agencies (e.g. the NSA in the US) have dual remits in terms of (1) providing/supporting national security and (2) conducting surveillance – this is referred to as the “equities issue”.

Security vulnerabilities exist in widely used systems (e.g. operating systems, databases, internet email, skype and other telecoms infrastructure). Fixing vulnerabilities creates more secure infrastructures and societies, but limits surveillance capability to eavesdrop on the bad guys (i.e. potential threat actors above) [SCH09]. Hence negative incentives may exist for certain stakeholders to leave such security vulnerabilities open or unattended, or worse still to introduce further vulnerabilities into PACs technologies to support wider surveillance initiatives.

Impact: Trend limits overall societal security and effectiveness/integrity of PACS solutions. May increase the need for better checks and controls throughout the security development lifecycle, and better mechanisms that support software integrity and assurance.