Our society and economy have become critically reliant on a variety of digital infrastructures. We depend on the steady availability of connectivity and the correct functioning of countless technologies and services that we no longer directly control. Distant events can have instant, long lasting, and serious local effects. Cascading network effects today present a much larger risk to the whole economy than any time before in history.
The financial crisis of 2007 was a teachable moment about the obscure and under-appreciated risks of highly interconnected and interdependent systems. We have only increased our dependencies since then.
The ongoing digitalization and trends towards connecting everything increase efficiency as well as the consequences of a chance occurrence, malfunction, misconfigurations, malicious attack, political power play, or sanctions. Switzerland currently runs the risk of creating critical dependencies and issues through the premature use and, in some cases, uncontrolled procurement and deployment of digital products and services. Such issues will only become manifest in the long term (or in a crisis) and can then only be corrected at huge expense and effort.
Ignorance concerning the level of security and the increasing dependencies within and amongst the infrastructures lead to critical threats as digitalization progresses. Tight coupling, complexity, and increasing dependencies on few and dominant players, services, technologies, and infrastructures result in a huge accumulation of critical risks in the digital society. Things are objectively getting more complicated, coupled, and interdependent at super linear rate.
Political: High concentration of dominant manufacturers and infrastructures in just a few countries. Control of the digital infrastructure has become a proxy for political power, since countries can easily reach across borders to disrupt real-world systems. The diffusion of the Internet into the physical world radically escalates governance concerns around privacy, discrimination, human safety, democracy, and national security.
Switzerland requires a solid identity that covers companies, citizens, and foreign nationals with work permits, and offers a level of trust comparable to the Swiss passport. The legislation required must be established and the infrastructure set up.verything is connected and gets more complex. We can no longer operate in isolation and effective and sustainable measures for the protection and availability of products and infrastructures go beyond the securing of individual systems. After the financial crisis of 2008, economists developed the notion «too big to fail» when describing financial firms whose failure would have catastrophic implications for the economy that it would be irresponsible to allow them to become insolvent.
We have to identify and assess «to critical to fail» infrastructures of the digitalization and develop strategies to minimize dependencies, protect these infrastructures, and increase resiliency of the digital society and industry. We should consider doing this before a crisis hit.
Complexity in systems and infrastructures leads to increased vulnerabilities, failures, errors, human confusion and difficulty of recovering from an issue. We need to favor simple and consistent architectures, designs, and implementations to avoid unnecessary complexity and dependencies. Prediction, complete testing, and modeling of all states is not possible is such systems, we therefore must assume and account for failures and compromise and design that systems fail safe and secure. The only thing that ever-yielded real security gains was controlling complexity.
