Cybersecurity Futures: How Can We Regulate Emergent Risks?

This article reviews nine socio-technical trends that are likely to shape the cybersecurity environment over the next decade. These nine trends have reached various levels of maturity, and some - such as quantum computing - are still theoretically contentious. These trends are: cloud computing; big data; the Internet of Things; the mobile Internet; brain-computer interfaces; near field communication payment systems; mobile robots; quantum computing; and the militarization of the Internet. What these nine trends have in common is that they will be instrumental in generating new opportunities for offending, which will result from an exponential increase in the quantity of data, number of connection points to the Internet, and velocity of data flows that irrigate the digital ecosystem. As a result, more opportunities for malicious exploitation will be available to attackers, "security by design" will be harder to achieve in such a fluid and dynamic environment, and the performance of control mechanisms is likely to erode significantly. Technical solutions to address these challenges are already being developed by computer scientists. This article focuses on a different and complementary approach, finding inspiration in the work of regulatory scholars who have framed promising theories such as regulatory pluralism and responsive regulation to explore options for the necessary institutional adaptation to these future changes.