Published by The Lawfare Institute
in Cooperation With

PDF Version

It is generally not possible to know that you are at the knee of the curve, but we are at a moment in time that is the knee of not one, but two curves. The first is that of dependence—societal interdependence by way of digitalization. The wellspring of risk is dependence, but while under interdependence risk is transitive, its benefits are not. If alternatives to digitalization are lost, interdependence rockets skyward and with it risk for all, albeit with rich benefits for some.

The second is the most comprehensive of all rights, the right most valued by civilized men: the right to be left alone. If alternatives to digitalization are lost, those who opt out of that digitalization will live outside of society to a degree unprecedented in its isolation. Our tradition of tolerating that which freedom begets can generally be passive in its expression; once past the knee of this curve, passivity will no longer do.

The uniqueness of this moment is defined by the confluence of two obligations: the obligation to provide for the common defence and the obligation to secure the blessings of liberty to our posterity. As the U.S. Army Ranger Handbook says, "Two of the gravest general dangers to survival are the desire for comfort and a passive outlook." Should we wait until it is unarguably clear that we did pass the knee of the two coincident curves and on into their sequalae, it would give no decent man pleasure then to say "I told you so."

Dan Geer has a long history. Milestones: The X Window System and Kerberos (1988), the first information security consulting firm on Wall Street (1992), convenor of the first academic conference on mobile computing (1993), convenor of the first academic conference on electronic commerce (1995), the “Risk Management Is Where the Money Is” speech that changed the focus of security (1998), the presidency of USENIX Association (2000), the first call for the eclipse of authentication by accountability (2002), principal author of and spokesman for “Cyberinsecurity: The Cost of Monopoly” (2003), co-founder of SecurityMetrics.Org (2004), convener of MetriCon (2006-2019), author of “Economics & Strategies of Data Security” (2008), and author of “Cybersecurity & National Policy” (2010). Creator of the Index of Cyber Security (2011) and the Cyber Security Decision Market (2012). Lifetime Achievement Award, USENIX Association, (2011). Expert for NSA Science of Security award (2013-present). Cybersecurity Hall of Fame (2016) and ISSA Hall of Fame (2019). Six times entrepreneur. Five times before Congress, of which two were as lead witness.

Subscribe to Lawfare