November 15, 2013

Companies are increasingly vulnerable to the rising phenomenon of state-sponsored economic espionage, said Craig Mundie, a global expert on technology and public policies, during a recent fireside chat with Dean Merit Janow.

Speaking on “The Future of Technology” November 8 at Faculty House, Mundie said that a number of governments are using their national resources to steal commercially valuable assets from another country´s businesses — with the express purpose of giving them to businesses in their own country.

Watch Craig Mundie's remarks in full.

Unfortunately, many firms maintain what Mundie called a “medieval mentality.” Conventional defense techniques to improve the perimeter of security of businesses networks are only effective against non-state spies, he said, but today “it is almost guaranteed the case that the Trojan horses are already inside the castle.”

“The network is international in its basic architecture and so you cannot rely on the national law enforcement mechanisms,” Mundie said.

Additional steps need to be taken such as the compartimentalization of key assets and questions about continuity of some operations need to be raised, he added.

Mundie is widely considered a visionary expert on the fields of technology regulations. He has played a crucial role at Microsoft as its key strategist working with former chairman Bill Gates to develop the company's global strategies around technical, business, and policy issues.

He also serves in President Barack Obama’s Council of Advisors on Science and Technology, and is a liaison between the U.S. administration and foreign governments including China, Russia, and India.

At the Columbia event, Mundie also warned about the threat of cyberterrorism:. “People don´t really appreciate the speed and scale at which devastation of the world can be brought using cyber methods.”

“It is unlike anything we have ever really known before,” he said. “Even nuclear and biological threats don´t propagate at the same rates and scale of impact.”

Suggesting that policymakers are not as familiar with cyberterrorism as they are with other traditional threats, Mundie also called for more cooperation between countries. “I think governments have to come to grips with the fact that they need some ‘co-opetition,’ which means they can compete in certain areas like military espionage but they should better help each other against cyberterrorists.”

Mundie also touched on personal privacy in the context of the fight against terrorism, an issue brought to the fore by recent disclosures about the United States’ massive surveillance program.

“The best and probably the only effective way to track terrorist activities and other things is by looking at anomalies in the data patterns that define everybody´s use,” he said.

“We have to change the model away from the one that worried about knowing when data were collected and controlling how long it might be retained, which was sort of a bland instrument,” he said. He called for a regulatory frame that requires all data to be annotated at its point of origin and storaged indefinitely.

Like the “no-shots, no-school” laws, in the future digital world, society will automatically require an override to mandate certain uses of data that an individual may not like, he said.

Mundie said that health care is an area where citizens will have their personal freedoms curtailed for the benefit of society as a whole. “The future health care is going to be driven by data and letting a subset of the population say ‘you cannot see my data’ is basically taking the population statistics and distorting them.”

— Fernando Peinado MIA ’14

Watch Craig Mundie's remarks in full.