Its Time for Cybersecurity to Talk About Climate Change

  /     /     /  
Publicated : 23/11/2024   Category : security


Its Time for Cybersecurity to Talk About Climate Change


From e-waste to conference swag to addressing data center energy consumption, cybersecurity stakeholders need a whole-industry approach to being part of the solution and reducing the risk of climate change.



BLACK HAT USA – Las Vegas – Wednesday, Aug. 9 – 
In a summer where extreme weather across the globe has intensified discussions around climate change and what to do about it, cybersecurity has been somewhat mum on the subject. But the reality is, there are plenty of steps that the infosecurity community can take in order to do its part.
Thats the word from Chloé Messdaghi, head of threat research at Protect AI. In an interactive community session today at Black Hat USA, entitled
Climate Change and Cybersecurity: Building a Resilient Future
, she laid out the relationship between climate change, cybersecurity, and promoting environmental sustainability, and lobbied for an ongoing industrywide discussion on the topic.
During the interactive Q&A, she covered five main areas where the industry can move the needle to cool the warming planet, including the carbon footprint of infosec, reducing energy consumption, sustainable procurement,
protecting critical infrastructure
from climate-related disasters, and supporting renewable energy systems.
I really hope we can come up with some collective plans, from the private sector perspective, for tackling some of this stuff, she tells Dark Reading in an interview. We need to acknowledge how we play a role in making things a little bit worse, in areas like the usage of data centers, and e-waste, and even our love for swag. And also, AI takes a lot of energy.
When it comes to where the cybersecurity industry can most immediately make a positive difference, Messdaghi cited electronics recycling and e-waste as relatively low-hanging fruit.
Say your company is getting new laptops or new machines, she explains. Its possible to donate those to a local school or library, for instance, instead of having them go into a landfill.
Marketing materials and giveaways for trade shows and other events is another area where the industry could see a quick green return on investment.
People dont realize that when you go to a conference, the majority of the freebies and giveaways are all made from plastic — even the T-shirts that you think are cotton, she says. Its plastics everywhere when it comes to swag. And of course, we still need to do sales and marketing, but there are ways to be better about it — whether thats sourcing goods locally instead of exporting them to international shows or offices, or paying attention to what things are made of.
While many vendors do have sustainability programs, its important to make sure theyre not just lip service, she adds.
There is this thing called greenwashing, when companies will have sustainability reports, but if someone were to ask questions and poke holes, they would find that the ESG [
environmental, social, and governance
] rating is not equal or equivalent to what theyre actually doing.
Messdaghi acknowledges that addressing some of the other areas of concern, such as reducing security companies data center footprints and energy consumption that goes along with powering the cloud and running
processing-intensive artificial intelligence programs
, will be tougher to get going on.
There arent frameworks in existence for making green changes, there arent regulations or standards when it comes to climate change and cybersecurity. So until we have something like that, I dont see us changing things where it becomes so easy for everyone implement.
One of the main positive changes that Messdaghi would like to see sooner rather than later is the development of a robust, vocal open dialogue between industry stakeholders on climate change.
We just dont talk about it, she says, beyond corporate announcements of sustainability pledges. But the reality is that climate change is also a risk management issue, as floods and excessive heat and other natural disasters take out facilities and
create operational chaos that threat actors can exploit
. There are more than a couple of ways to push for this.
She adds, referencing climate change denial and the chilling effect that controversy around the topic sometimes engenders, Its going to take a whole of industry effort, and we are going to have take this out of the political realm eventually. Nobody actually disagrees that cybersecurity in general takes a lot of energy. There shouldnt be a political position on that, any more than theres a position on the temperature at which water boils.
She notes, I do have hope that the people that attend the talk will also become vocal about the need to change. It has to happen.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Its Time for Cybersecurity to Talk About Climate Change