Building Human-Centric Cyber Security into Next-Generation Connected Systems

Digital technologies have become central to modern life, as most machines, systems, and everyday devices now incorporate at least some digital functionality and connectivity. This ongoing digital transformation of society has fundamentally changed how we interact with one another, do business, make financial transactions, access healthcare, and more.

This is true in the developed parts of the world, as well as in developing areas. According to a United Nations estimate, in just two decades enhanced digital connectivity has become available to about 50% of the developing world’s population, opening up many new possibilities for financial inclusion, improved access to trade and public services, and other opportunities for people to live better, healthier lives.

While digital technologies offer great benefits to humanity, today’s architectures are challenged with ballooning numbers and types of cyber security threats, which are putting organizations and individuals at risk and eroding trust in these systems. For example, more than 90% of all healthcare organizations reported at least one security breach in the last three years, and 61% said they do not have effective mechanisms to maintain proper cyber security.

Growing cyber security threats to today’s computing and communications systems are a result of the following factors:

• Data creation and transmission are exploding in both the enterprise and consumer spaces, yet data flow and data management aren’t consistently implemented.
• Organizations have many disparate applications and services from many vendors, but the dependencies of these applications on each other are not always well understood by the organizations, nor are the contents of an application or a service.
• New technologies, applications, and devices are being introduced every day to collect and process data, but it is unknown which data is being collected, how it is being collected, and where it is being stored and processed.
• Next-generation communications systems may lead to more risks from less secure data transmission.
• Centralized data collection creates honeypots of information that can be breached by bad actors.

Thus, there is an urgent need to understand, anticipate, and address future cyber security requirements while continuing to manage the requirements of current systems, in order to protect not just the data itself but the digital infrastructure as well.

To bring together diverse stakeholders for new technical thinking and explorations leading to more trusted, secure, and human-centric cyber security technology, IEEE Standards Association (IEEE SA) has formed the Cyber Security for Next-Generation Connectivity Systems Industry Connections Activity. It is especially timely because the potential points of vulnerability have dramatically increased in recent years as more people work remotely.

IEEE SA’s Industry Connections (IC) Program helps organizations and individuals incubate new ideas and solutions around rapidly changing technologies prior to standards development. The program offers an efficient and effective environment for collaboration by enabling participants to quickly achieve consensus and produce output such as proposals for standards; white papers; peer-reviewed specifications; guides and position papers; conferences and workshops; and other jointly developed solutions.

The Cyber Security for Next-Generation Connectivity Systems IC Activity is focused on the following three areas:

1. Human centricity; decentralization of identity; distribution in processing; heterogeneity in controls; and self-healing systems: Decentralized, distributed, and heterogeneous systems are the wave of the future. Effective cyber security implementations therefore must create a data boundary to enable safety for people. They also must incorporate more transparency so that verification processes can be developed that ultimately will lead to self-healing systems.
   • From a human centricity point of view, a person should be able to control their own personal data so they know what they are sharing and with whom they are sharing it. People should be able to delete their data from systems (with appropriate checks and balances). And they should own their identifiers or credentials, issued to them from various parties like passports. Because this information is private, schemes need to be evolved to share only bare minimum information with smart devices, sites, and services.
2. Cyber security needs for special use cases: These include the Internet of Things (IoT), desktops, edge devices, and Artificial Intelligence (AI) and its specific needs for cyber security. With regard to AI, explorations will encompass data collection, the composition of data sets, the AI/human interface, and the execution/runtime of AI programs.
3. New and developing areas: The effects of new and developing technologies such as quantum computing, Web 3.0, and 5G/6G wireless communications on current and future cyber security architectures will be explored.

The Cyber Security for Next-Generation Connectivity Systems IC Activity will contribute to IEEE SA’s effort to address the need for equitable, reliable, and sustainable connectivity to meet the ever-increasing data needs across the globe.

Through the Connectivity & Telecom Practice, IEEE SA brings together volunteer stakeholders to evaluate, validate, and develop solutions to help provide digital access to all, including the unconnected or under-serviced populations.

This IC activity is drawing great interest from Asia, Europe, and the United States. In order to tackle the many technical issues involved and the diversity of digital applications, we are looking for more participation to bring a wider range of perspectives to cyber security solutions.

Stakeholders from telecommunications and network service providers, semiconductor manufacturers, equipment designers and manufacturers, technology providers, academia, trade associations, regulators, and any interested individual are welcome to join.

Get Engaged With the Cyber Security for Next-Generation Connectivity Systems IC Activity
Learn More About IEEE SA’s Work in Connectivity and Telecom