The Field Report with Tom Field

Cybersecurity , Events , InfoSecurity Europe 2017

London Bridge Attack Sparks Call for 'Cyberspace Regulation' Expect Terror Incident to Drive Infosecurity Europe Debates
London Bridge Attack Sparks Call for 'Cyberspace Regulation'
London Bridge, foreground, and Tower Bridge, in background. (Photo: Mirko Toller, Flickr/CC)

Four years ago, I visited London for Infosecurity Europe 2013 and I was a little embarrassed. I'd just flown in from Boston, where terrorists had days earlier executed the Boston Marathon bombing, and I wanted to escape any possible association with that despicable attack. I didn't want anyone to know I was from "there," or from "that."

See Also: How to Scale Your Vendor Risk Management Program

This past weekend, I flew into London for Infosecurity Europe 2017, and I don't mind saying I was a little bit scared. Moments before takeoff in Boston, we (passengers and crew alike) had just learned of the London Bridge terror attacks, and we flew all night with no further news - only our private fears to occupy our thoughts. This was the third such recent attack in the United Kingdom - following the Westminster Bridge and Manchester assaults - and for the first time ever, I was a tiny bit apprehensive about visiting London.

In the wake of the latest atrocity, however, we find ourselves forced to respond to British Prime Minister Theresa May, who has called for a new level of online regulation designed to quell extremism and terrorism activities. 

I caught up on the news after landing, then spent Sunday wandering the city, gathering my bearings and thoughts. What struck me? The contrasts. On one hand, it was a beautiful, sunny, warm morning in the wake of a dark, cold and ugly night. And while in places such as Hyde Park and Soho, there was a sense of business as usual, as citizens and tourists proudly refused to be bullied into hiding, the specter of London Bridge was everywhere. It was on the TV news in the pubs, in the headlines of the newspapers, and you couldn't help but be startled by the sound of every police siren, every time making you ask: "What now?"

I did go to London Bridge. I didn't intend to, but I ended up walking from Embankment to Tower Hill, and my stroll took me right past the crime scene. It was cordoned off by police tape, of course, and investigators remained on the scene. Across the street were journalists capturing the news alongside friends and family members of the victims, commemorating the heartbreaking losses with flowers and notes.

By day's end, I must have walked 10 miles, and I ended up catching a taxi back to my hotel. Traffic was horrendous - in part because it's London, but also because roads around London Bridge were closed. It took longer than usual to get across the city, and when we finally arrived, my driver announced he was quitting for the day. "There's just a different vibe in the city today," he said.

Different vibe, indeed. As I sit here today, on the eve of Europe's biggest annual cybersecurity conference, I'm preparing for scores of interviews with some of the world's top security experts. And I know already that London Bridge will change the tenor of at least some of those discussions.

How relevant is information security to a terror spree involving knife-wielding attackers wearing fake suicide vests in central London? As an industry, we battle - sometimes successfully - numerous types of criminal threats of a less physical nature: ransomware, internet of things botnets, distributed denial-of-service attacks, targeted phishing campaigns. Businesses, governments and consumers are overwhelmed by these and other threats to their data, to say nothing of accompanying critical infrastructure concerns. Some of the greatest minds in the world are focused on untoothing these threats and defending against them, and they face determined and often profit-driven adversaries.

Attempts to outlaw such behavior have, to put it gently, not contained the problem.

Political Response: 'Regulate Cyberspace'

In the wake of the latest atrocity, however, we find ourselves forced to respond to British Prime Minister Theresa May, who has called for a new level of online regulation designed to quell extremism and terrorism activities.

"We cannot allow this ideology the safe space it needs to breed - yet that is precisely what the internet, and the big companies that provide internet-based services provide," May said in her first public address following the London Bridge attacks. "We need to work with allied democratic governments to reach international agreements to regulate cyberspace to prevent the spread of extremism and terrorism planning."

You thought the James Comey and Tim Cook debate over security and privacy was emotional in the wake of the iPhone seized by the FBI after the San Bernardino terrorist attack? That may be barely a warm-up for the discussions we're going to hear now.

I'm not here to come down on one side or the other. I'm not even sure there are only two sides to this debate. The nuances are daunting. There is no doubt that criminals and terror-attack planners are using the internet and internet-connected platforms and devices to plot and execute crimes, and no one wants to inhibit the police from intercepting their communications. But who among us wants to roll back the freedom of speech and privacy we value in our lives? How do you at once have an internet that is an open forum for law-abiding citizens and a trap door for terrorists? Is such a duality even possible?

These aren't new questions by any means, but there is a new urgency to discuss them this week in London. And as Infosecurity Europe begins Tuesday, expect us all to be focusing on the question of whether we can untangle better answers.



About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its diverse cadre of senior-level editors and reporters. He also helped to develop and lead ISMG's award-winning Summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network