Bruce Schneier presented a talk about security and privacy in the world-sized web at Harvard University’s Berkman Center on February 16, 2016. This hour-long presentation included questions and answers (Q&A) as well. Schneier made general comments on the technological advancements that are permeating every walk of life through the use of mobile computing, cloud computing, and the Internet of Things (IoT). He remarked that local connectivity is preferred over global connectivity, which increases the risk potential. He commented that we are good at predicting technical things, but not social things. He mentioned that cyber-physical systems (CPSs), persistent computing, and autonomy are beneficial aspects of technology.

In this talk, he touched on the threats from users, criminals, corporations, and governments. He discussed what we have learned from past experiences to secure these systems and how technologies, laws, regulations, financial incentives, and social acceptance can help us with security and privacy aspects in the future. He emphasized that new risks from non-human actors are huge. It is important for people to realize that data manipulation, destruction, and denial are taking place. In this regard, he pointed out that people do not want hackers to take control of a car, but would like the police to have the capability to safely take control of a car when needed. It was noted that data separately is incredibly private, but in a collective form it is very useful. In this regard, he mentioned the advantages of having more health-related data. He concluded the talk by pointing out that attackers have an edge over defenders, and there is a security gap due to the rapid growth of technology. His comments on the privacy aspects were more to the point of how systems could be configured so that people’s privacy could be protected. He did not shift the responsibility to protect the privacy aspects to the users. Overall, his comments were well thought-out and showed the difficulty in protecting information stored electronically.