Are We Witnessing the Death of the Password? contemplates the shifting popularity of arguably the most widely recognized digital security tool. We talked to experts with government and private-sector backgrounds to get a sense of whether passwords’ days are numbered. Created in the early 1960s by MIT computer science professor Fernando Corbató, he might’ve imagined they would have already faded into obsolescence, replaced by more sophisticated tools, more than 60 years later.
After all, list after list of common passwords, demonstrate a startling lack of creativity — so many sets of sequential numbers, the word “password,” etc. That lack of creativity hints at the fact that users just want to access whatever system they’re trying to get into as quickly as possible. Security staff, however, are the ones encouraging password complexity to guard against intrusion and data loss.
Given the inevitable friction between ease of use and security, where does that leave passwords? Our experts have some interesting perspectives on where they fit into the evolving cybersecurity landscape. It brings to mind the old quote from Mark Twain: “Reports of [its] death have been greatly exaggerated.”
Americans throughout history have rallied to contribute their time and talents at home and abroad toward making progress on vexing societal issues. Organizations like the Peace Corps, AmeriCorps, Code for America and countless others provide a link to the modern citizen cyber brigade. Why not enlist everyday residents to supplement professional cybersecurity staff working inside government in times of crisis?
Our story on citizen cyber brigades looks at these volunteer groups across the country now that some of these early organizations have had a few years to mature. Are these well-intentioned groups delivering on their promise? What challenges have emerged as states have implemented them? More foundationally, are they a good idea?
Our final feature in this issue, What Cyber Response Can Learn from Traditional Disasters, felt especially timely as both the Maui wildfire and Tropical Storm Idalia struck as we were working on this issue. The catastrophic impact of these events on life and property can’t be compared to a less-visibly heart-wrenching cyber emergency. But nonetheless, some recent cyber incidents have garnered “emergency” declarations from government entities due to their far-reaching effects.
But even the hacks and intrusions that don’t grab attention from elected officials bring a timely, coordinated response among professional staff in a variety of disciplines. This fact had us asking whether cyber responders could glean any insight from the more mature field of emergency management. What we found, in fact, is that some entities are starting to foster collaboration between emergency and cyber responders, due in part to some similarity in their work. And again, while the considerations are quite distinct in some areas, an all-hazards plan that includes cyber incidents is well suited to future-focused organizations.
This story appears in the October/November issue of Government Technology magazine. Click here to view the full digital edition online.
