Demonstrating Cyber Security: Making Invisible Breaches Visible

• In Event: The Invisible Aspects of Digital Infrastructure

Abstract

Citizen-consumers use digital infrastructure to conduct everyday, mundane and domestic tasks. These activities are on the increase with the introduction of the Internet of Things products and their associated data and infrastructure. However, the cyberbole (Woolgar 2002) surrounding Internet of Things devices and the promise of increased convenience for citizens-consumers has overshadowed the risks involving the cyber security of devices and their infrastructure.

I argue the risks of breaches around the internet of things and infrastructure more generally are not made visible enough to citizen-consumers to enrol them in cyber security maintenance practices - such as software updates and passwords - with price and ease of use over-emphasised. This in part leads to cyber attacks such as the Mirai DDoS attack and the WannaCry attack. These attacks disrupted infrastructure for websites, web services and platforms and - in the case of the WannaCry attack - caused disruption to the UK’s National Health Service.

This paper uses research based on qualitative analysis of YouTube videos and blogs from cyber security professionals, government departments and manufacturers to argue that the level of problem amplification (Latour 1999) around these issues tend not to translate into material practice for citizen-consumers, who are ultimately responsible for the maintenance work of their individual cyber security. How might the main actors in the Internet of Things and cyber security space better demonstrate the risks of lax cyber security? How might future demonstrations of cyber security breaches attribute agency to citizen-consumers to enrol them in maintaining their own pieces of infrastructure?

Author

• Jessamy Perriam, Open University