Endpoint Evergreen: How Cybersecurity Protects The Sustainable Development Goals
Sustainable Development Goals?
The UN wants to achieve the seventeen Sustainable Development Goals by 2030. Have wanted to since 2015. The only problem is, the SDGs are global and massive. So massive, in fact, that eliminating poverty, hunger, and gender inequality are just three goals, just a sixth of what they plan to achieve!
A target like providing global work (that doesn’t make employees want to call dark web hitmen on their boss) is ambitious, and there’s sixteen more of them. It’ll take decades, or even lifetimes to achieve them all.
But as one of my professors said, “where there is challenge, there is opportunity for growth.” Which aligns perfectly with the cybersecurity mindset, I think.
Cybersecurity is always growing because it has to. Our industry scours for bug fixes and vulnerabilities because our enemies are learning with often frightening speed.
Climate disaster is also frightening. We still have a lot of hops to make, and there’s going to be a lot of bugs and vulns on the way to a world of benign emission. But if cybersecurity teaches one lesson, it’s that the way forward is to never stop growing.
So here’s how cybersecurity protects twelve of the seventeen Sustainable Development Goals — and is growing an innovated world worth thousands of years.
SDG 1: Eliminate poverty.
It’s possible to make millions in assets with just one liability — a computer.
Well, that, and Wi-Fi, and food, and water, and shelter, and transportation, and you can’t forget the investment in your mental health through entertainment, and…
…yeah, getting rich, or hell, making a decent living isn’t easy in the modern world. (That’s your cue to pat yourself on the back.)
In today’s economy, learning to pay yourself is crucial. Coding, art, and writing are just a few ways to make it online. You could freelance in dozens of disciplines.
Or you could start a fully remote business spanning the whole world! Look at Awesome Motive, a software and media company. Look at Arkency, an agency of programmers and business consultants. Even look at how Medium pays writers! You can make a living on your own now more than ever.
But unfortunately in this case, the smaller they are, the harder they fall. According to cybersecurity provider StrongDM, three quarters of small businesses bankrupt after ransomware attack. And the 2021 stats look even uglier — four of five ransomware victims had less than a thousand employees.
A good chunk of small businesses don’t invest in cybersecurity, but they really should. The internet is like a messy cable setup that makes your IT guy ask for therapy. It’s all (uncomfortably) connected, meaning multi-network attacks are possible. One software-based cyberattack in 2021 affected hundreds of businesses.
The software VSA was installed in hundreds of networks, including IT consultants and many small businesses. IT providers needed the software to protect clients, so the evil hacker group REvil strategically targeted it to cause the most damage.
And then asked for $70 million.
Like, how shameless do you have to be to make capital E “Evil” 80% of your group’s name?
In this case, hacking was a domino effect that nearly damaged over fifteen hundred businesses. It even got the attention of the White House.
As tech advances and somehow gets more crucial and more valuable, there will be an increasing need for cybersecurity freelancing. We can prevent under-the-mat attacks from forcing small, helpless businesses into bankruptcy, and encourage a fair system where people of all backgrounds can generate wealth.
SDG 4: Quality education and lifetime learning worldwide; SDG 5: Gender equality.
I couldn’t quite decide if this one was in goal four or five so I just decided to double down…
The internet is a wonderful resource for women to break into male-dominated fields.
Cybersecurity unfortunately happens to be one such field. In 2022, women held approximately 25% of cybersecurity jobs across the planet, according to ISC2.
While these numbers are goosebumpingly low, they at least appear to be growing. Of the surveyed cybersecurity workers under age 30, 26% were women — a higher percentage than any other age group.
Youth appears to be positively correlated with rates of women in cybersecurity. And you know what else has more young people?
The worldwide web!
The internet enables a woman to break into tech fields, and provides a sense of community through her process. See Girl Develop It, an educational resource for software development. They do workshops, one-on-one study sessions, hackathons, and career fairs, not even mentioning the networking! Take a look at this local group in Burlington, Vermont with over a thousand members. Girl Develop It is just one example of how the internet breaks down barriers and pushes our world forward.
Inclusivity is healthy for the environment, because it’s healthy for the growth of cybersecurity. Toxic workplaces struggle to hire — and if they do swindle people in, those people will naturally move to happier jobs.
From a business standpoint, it’s kind of like maintaining your computer long-term rather than buying several new ones. Frequently firing and retraining costs so much more than hiring for the long haul.
Unnecessary training costs cause budget slashes to other areas. And this is where moral shortcuts happen.
Respect pays. Inclusivity retains employees, and creates sustainable businesses for a sustainable world. A more welcoming, ethical cybersecurity industry is more equipped to protect the planet from cyber attack.
SDG 6: Sustainable water and sanitation for all.
In the 21st century, even water is going online.
Automating water and wastewater processing drops the cost of hydration. AI’s ability to analyze information means it can predict water quality if fed enough data. Once these predictions are accurate enough, we could see hyper-efficient factories capable of skyrocketing productivity — potentially on a global scale.
Assuming hackers don’t mess everything up like usual…
Malicious hackers could tamper with chemicals in water management facilities. In May this year, the American EPA had to alert an alarmingly high number of water systems about cybersecurity weaknesses. Seventy percent of them didn’t pass the EPA’s Safe Drinking Water Act guidelines. Seven out of ten.
This isn’t just theory! A 2024 case involving Russian attackers caused flooding in Muleshoe, Texas. And in 2023, Iranian hackers tampered with water pressure in several American states. Look at this tweet:
Considering many water management systems still use default passwords, cybersecurity is going to be a little important for the future of water management.
SDG 7: Ubiquitous access to sustainable, reliable, and affordable energy.
One of the most outdated elements of computers is how we power them. As the population climbs and tech evolves, electricity costs will only rise. And power grids can’t handle intense storms.
In February 2021, Winter Storm Uri wracked Texas, cutting off power for 4.5 million homes. It killed hundreds of people.
Uri broke some circuits in American culture. I mean, in the United States, in one of the richest countries, all it took was one winter storm to upend and threaten millions of people? What does that mean for marginalized countries who don’t even have internet connection?
Sorry, telephone pole, but you’ve electrocuted your last bird. It’s time for a smarter form of energy. Namely, IoT smart grids, a more over-the-weather solution.
The interconnectedness of IoT means when power blows out in a storm, recovery work won’t just be physical. Ideally, construction workers won’t have to venture out into the blizzard to fix the telephone lines. And online streamlining of data means electricity providers can tell instantly where the source of an outage is.
Plus, AI could revolutionize electricity rationing with its prediction and decision-making abilities. Newer tech can be monitored and analyzed in ways old tech can’t, which gives power companies more power (heh) to adjust systems according to energy demand. Naturally, minimizing waste of unused electricity will reduce wasteful emissions.
A digital power grid is a hackable power grid, which may be a reason why companies haven’t updated their hardware yet. The 80 million kilometers that need to be replaced are the main reason, of course. But it’s worth the investment. Not only does power grid security encourage development of smart grids, it protects life.
SDG 8: Global access to quality work opportunities, and global economic growth.
Remote work has the potential to be the next big thing in sustainable business. That is, if scammers and hackers don’t blackhat it to death.
Socially, it enables businesses to hire worldwide. Environmentally, it eliminates around 5.7 tons of annual CO2 emission per person — assuming a twenty-seven mile commute, and 240 days of work each year. And financially, businesses save big when employees go remote — over $11,000 saved per part-time employee, according to Forbes.
The digital ecosystem, as always, is filled with scam artists looking to make a quick buck — and job recruitment boards are not exempt from their manipulation. The perceived integrity of remote jobs is battered by vulnerabilities, according to Norton. Among these are phishing emails, crypto fraudsters, fake job posts, “I’ll pay you back” scams for work equipment, malicious networking, and catfishing… catfishing? Huh, didn’t know LinkedIn was a dating site now.
Totally legit conversation.
If the credibility of online job posts plummet, more people will look for office jobs instead.
And remote workspaces are naturally going to be more exposed to cyberattack. DDoS attacks literally zero out productivity for remote workers. Lack of physical paper means all data produced by these employees can be breached digitally, increasing the attack surface exponentially. Remote, and potentially confidential meetings like Google Meet and Zoom can be hacked and recorded! And worst of all, home networks are hard to secure without encroaching on work-life balance — assuming employees don’t work on insecure, public networks!
Clearly, cybersecurity is integral to the safety of both remote employees and employers.
One example from fantastic year 2020 is the hacking of hedge fund Levitas Capital. All it took to lose $8.7 million and shut down the fund was one click on a “link to a Zoom call.”
That’s how it usually goes. One click, then the dominoes fall from there.
And it’s hard to stop that one click normally. But during the pandemic — a climate characterized by fear, anxiety, and isolation — employees were even more vulnerable to phishing scams. A study by Qualitrics observed the emotions of 2,700 employees, and they do not look pretty.
Social engineering is about making people make decisions — often emotional decisions. When someone’s stressed or isolated, they‘re generally easier to manipulate. So you can see why the pandemic left businesses more vulnerable than usual.
If remote work is viewed as unsafe, businesses won’t offer it. And if remote employees have to stress about being hacked, they’re less likely to continue working remotely.
By cultivating a digital sphere where employee’s networks are protected, and by teaching the workforce good cybersecurity habits and digital literacy, we will increase remote work revenue. This will make remote work more common — and decrease emissions.
SDG 9: Infrastructure, industrialization, and innovation.
At this year’s Pwn2Own Automotive, Tesla challenged hackers to break into their electric cars. And elite Team Synacktiv earned $450K for doing it twice.
EVs follow the same design patterns as other computers. So it’s no shock that they have the same vulnerabilities.
Of course, no one’s going to store sensitive data in their cars. You don’t put your card number and the three digits on the back into your car’s dashboard. But you do feed that information into electric car chargers. Public-facing car chargers. Which also happen to feature exact location data.
Yeah, there’s a reason Tesla gave Synacktiv so much money.
I think the natural and natural-supporting solution to this data insecurity is mass-producing private EV chargers.
Sure, the resource costs of producing home chargers far outweighs the resources needed to build EV chargers at gas stations. Financially, charging an EV overnight is much cheaper (and more time-efficient!) than guzzling oil into gas tanks. (They’ll be even cheaper after we figure out how to optimize those damn batteries…)
While charging electric cars still creates emissions, private chargers let you choose if your power comes from sustainable sources.
If it takes investing in privacy to get drivers to go electric, I think that’s a worthy trade.
Mobile network security will be crucial once the EV rev-olution happens and cars go online. But we have to get there first. And to get there, people need a reason to get electric. Cybersecurity around EVs is critical when the EV industry is in such a vulnerable, infantile state.
SDG 10: Reduce inequality within and between countries.
Governments are notorious hackers. But countries don’t engage in crazy ransomware attacks on one another, and they haven’t taken down any power grids. At least that we know of.
But they have used spyware. Lots of spyware.
Most governments are starving for information on other countries. Wars, more than ever, are able to be fought in the shadows — which is bittersweet for civilians. Sure, propaganda can be spread online, and civilian privacy is lost through surveillance. But civilians are most threatened from government hacking.
In 2007, the United States and Israel unleashed the most sophisticated malware ever on an Iranian nuclear development facility, in an attempt to stop Iran from getting their hands on a nuke. This attack was done despite Iran having previously stated that this facility was meant to progress civilian nuclear development.
So a few years later, Saudi Aramco, a massive oil company with American roots, gets hacked. And what shows up on the computer screens but burning American flags?
If we want to build a world without intercultural hostilities, malicious hacking from governments must end. It’s corrupt action that contributes to racism. In fact, some evil governments may socially engineer biases into their citizens!
Raising cyber intelligence globally will raise awareness for this issue. If people know the dangers of propaganda and malicious hacking — that this is strictly government beef — they will be less likely to be manipulated. And a more cybersecure world may be a bit harder to hack; if vendors resolve zero days faster, it’ll be harder for governments to take these corrupt confidential actions.
SDG 11: Design cities around inclusivity, resilience, and sustainability.
What if the city had a brain? Cities that think may not be too far away!
Combining AI and IoT has made waves in the data industry — and in sustainable development! Designing cities around less bumper-to-bumper traffic and more walkability will help people’s mental health and reduce emissions. Data on air quality shows the real-time results of these designs, supporting research and development.
So tech does support the environment. But the environment also supports tech.
In 2021, South Africa designed three post-apartheid cities. One of these cities, Lanseria, was built around harvesting rainwater and solar energy, as well as providing an average five minute commute — on foot!
But of course, a wide area network the size of a city is highly vulnerable. Hackers are salivating like rabid coyotes at the thought of smart city sensor data. Imagine the havoc if hackers could break traffic lights, air quality regulators, rainwater harvesters, solar panels, and radiation sensors. When the whole city is digitally powered, the whole city can be digitally devastated.
With the rise of smart cities, city-scale ransomware attacks could be possible. And imagine the Twitter hellsite rage erupting from that! If you’re looking for work, cities will need some cyber professionals soon to stop some #controversy.
SDG 12: Ensure sustainable consumption and production patterns.
If you wanted to do the most damage to companies, where would you start?
Hacking Finance would definitely piss off employees. Hacking Marketing would definitely dispel the brand illusion.
But those two only target one company. If you really want to do so much long-term damage to as much production and consumption as possible, hacking a major supplier will put companies in quite the bottleneck.
Tech is advancing so quickly in the 21st century, the World Economic Forum is saying we’re in the Fourth Industrial Revolution.
The interconnectivity of IoT mixed with the data understanding of AI means factories are going producing some complex stuff pretty soon. And in unexpected places, too. Would you eat a dinner cooked entirely by AI?
Mining, surprisingly, also gains big. By using IoT sensors informed with AI data understanding, miners have a handy prediction tool that tells them “hey, don’t mine here,” or more likely, “hey, there’s probably this substance this many inches deep into this rock, be careful.”
Goldspot Discovery Inc is a pioneer in the gold rush of AI. They’re investing big in AI’s data abilities in their search for gold. And it’s earning them big. Check out this gold prediction map!
Better understanding of cave systems would protect miners from disaster, especially in an industry where progress-related risk is pretty dangerous. If you were in a mine, wouldn’t you be afraid of cave-ins, especially if you’re taking supporting rocks away from the cave? When you’re doing the equivalent of playing extremely high stakes Jenga, relying on new technologies to give you your information is terrifying.
These technologies, which the WEF dubs as “Earth Observation,” could reduce oil and gas companies’ methane emissions by forty-five percent. Nearly slicing it in half. But if miners can’t trust AI’s predictions, and it causes a cave-in, then progress will halt.
AI makes predictions based on mountains of data. So making sure AI isn’t fed the fake gold equivalent of data isn’t just an innovation issue — it’s a cybersecurity issue. If someone could inject malicious data into the AI, they could tamper with its prediction abilities and actually endanger the lives of miners. Ensuring AI is fed the proper data is cybersecurity, if you ask me.
SDG 15: Protect and sustainably use terrestrial ecosystems.
Every action costs energy. Flying a plane, filling a bathtub, benching 315 at the gym. Every action. (Although that last one might require more roid rage than raw energy… )
Even something as eco-friendly as planting a tree requires energy. But it’s sort of like the finance idea of assets and liabilities — to plant the tree, you have to spend the calories and oxygen to dig the hole, plant the seed, water it every day, that sort of stuff. But the overall energy in the world, or energy revenue, is higher long-term because you took the action of planting the tree.
Technology is the same way. Senior Researcher Jens Gröger from Germany’s Öko-Institut said one online search emits around 1.5 grams of CO2. But don’t worry, your web surfing does not (and should not!) end, because the energy cost of a paperback is a kilogram, and a newspaper costs 4 kilograms. You’d have to search four thousand times to produce as many emissions as one newspaper. So don’t worry about your emissions next time you look up “latest AI news” or “how to make home eco-friendly.”
While the energy costs of using paper for books has decreased, there’s still a real threat from technology. According to the BBC, digital technologies emitted 3.2 trillion pounds of greenhouse gasses in 2019. Even if it’s barely a problem when one person’s doing it, there’s immense danger in what everyone’s doing.
We can beat the heat, however, in several ways. One of these ways is by using eco-friendly search engines!
One such search engine is Ecosia. It’s powered by 100% renewable energy, and it’s got a really cool premise — search fifty times or so, and the company gathers enough revenue to plant a tree.
However, not-for-profit, goodwill organizations like Ecosia spend 100% of their profits on charitable funds. Ecosia is less well-known than other large search engines, and in the event of a cyberattack, it could be devastating.
Cybersecurity is crucial to protect the good faith of organizations like Ecosia and keep emissions down.
SDG 16: Promote peaceful and inclusive societies for sustainable development, provide access to justice for all, and build effective, accountable, and inclusive institutions.
It’s no secret that a lot of harassment is exposed online.
Harassing someone in-person can reward you with a bloody nose and a fat lip at the end, but the internet doesn’t have that buffer. In marvelous year 2020, 20% of American adults were harassed online for their political views, 14% for their gender, and 12% for their race or ethnicity. Add in the fact that LGBT Americans were harassed twice as much as straight Americans, and you see how online harassment works against civil rights movements.
And it’s not just sly comments here or there, either. Twenty-five percent of Americans — over sixty percent of victims — experienced stalking, physical threats, and even sexual harassment.
It’s not helpful that the internet has become a cultural cornerstone. It’s quite hard to “just turn the computer off.”
As the internet is a communal, intercultural space, online discrimination in the US trickles down to other countries, directly influencing their cultures.
If we want to overcome the coming climate crisis, we need to work together. Cybersecurity can bridge our division by placing more focus on keeping individuals safe, rather than just businesses. And the first step towards a more respectful internet is preventing online harassment at work.
Tall Poppy is a cybersecurity firm “making digital safety accessible for everyone.” They offer digital footprint assessments for employees, to help them individually understand their online presence.
Cybersecurity is about the individual level, even if it may not seem like it. Social engineering attacks seek to isolate and manipulate one person. In their annual DBIR, Verizon recently found that 68% of data breaches were caused by social engineering, or even human error.
People really do make a lot of mistakes! That’s why supporting people is necessary for a global culture of respect.
At the corporate level, if employers respect employees and invest in digital safety, employees will be more respectful toward their employers. By following Tall Poppy’s individualized approach, the cybersecurity industry will impact the way we respect each other. And at the individual level, a respectful online climate will help us fix the physical climate.
SDG 17: Support developing countries.
According to the Angel Ganzalez Sanz of the United Nations Conference on Trade and Development (that’s his abbreviated title), the least developed countries only count 27% of their populations as online, despite the fact 63% of people globally have internet. If these numbers are to be believed, most internet users are from developed, first-world countries. And thus, online culture, online information, and even development of technology is almost fully controlled by countries with wealth.
This means cultures without wealth don’t get the mic. And sure, Apple, Google, and Microsoft tech could be passed over to least developed countries, which would let them contribute to online culture. But they would still be using platforms from developed countries — never given a chance to develop tech of their own.
If some countries aren’t be heard as much, then those countries’ concerns aren’t given global attention. That leaves those countries more vulnerable to climate change.
So the challenge is providing these countries internet access without being overbearing or controlling about it. And in quite a timely manner, if the goal is to be accomplished by 2030.
India is one such developing country, and the India Stack program is a prime example of digital representation. See, India has a national identity program called Aadhaar which uses fingerprints, iris prints, and a face photo to determine who’s who. Around 95% of Indians have an Aadhaar number, and its uses are limited right now, potentially due to the Supreme Court of India’s ruling that “no person should suffer for not having Aadhaar.”
One feature is biometric attendance tracking for meetings. Quite lame, but that’s mostly due to combining meetings and attendance in the same sentence.
It’s crazy that there haven’t been more use cases for this yet, because according to the India Stack website, Aadhaar numbers use Indians’ biometrics, names, ages, addresses, mobile numbers, email addresses, and genders.
Tech companies recognize the possibilities with a database of people. And if you’re like me, reading that last paragraph triggered your data breach alert hard. A hacker in a database of 1.32 billion people is like a reading addict in the Library of Congress. (Reading addicts still exist, right?)
Cybersecurity is imperative in protecting the India Stack. Countries developing new, revolutionary tech of their own are going to need a lot of protection. India Stack gives the example of a social media platform that only allows users of a certain gender to sign up. This could be extended to building a digital message board only made for people you graduated with. And that’s just the tip of the iceberg.
As the India Stack says, “the possibilities are manifold.” And that extends to hackers.
By protecting innovation worldwide, and giving voice to all, we further the global fight against climate change.
Because we’re stronger when we work together.
Cybersecurity is the backbone of an evergreen world.
I originally designed this blog to be sustainability second, and cybersecurity first. But after all my research for this post, it’s clear that the values of cybersecurity push us to a wealthier and greener future.
Long-term stability lowers the cost of replacing corrupt devices. And if we need less computers, there will be less e-waste. In an ideal world, the business models which mass produce computer hardware will crumble. Because in a world of ultimate cybersecurity, computers never need to be replaced.
But when hackers damage company computer networks, they damage the operations of the business, sowing blackhat chaos. Recovery costs a lot — both environmentally and financially. Affected companies can even bankrupt, discouraging further investment in online business.
Which is a shame, because the internet has made us more connected, more informed, and yes, more resourceful than ever. AI’s ability to process data and make decisions, combined with IoT’s integrated networks, will provide both known and yet unknown energy management capability.
But electricity is able to be hacked.
No one will ride self-driving cars if hackers can hijack them.
And surely, there will be headlines about city-wide data leaks.
These fears are warranted, as change is a scary beast. As we grow the garden of digital innovation, there will be the coyotes and termites of the online world — there will be ransomware, and privacy concerns, and DDoSes, and intergovernmental spyware.
There will be AI-based cyberattacks. Hackers are only going to get stronger.
Imagine if we can match, or exceed their strength. If we keep the internet safe for companies, then we protect a healthy world. As innovation’s bodyguard, we’re in the business of redefining business forever. And in so doing, we’ll bring the world together to face the challenges of tomorrow.
That’s why I made this publication. To educate about cybersecurity, sustainability, and ethical business. To defend digital business today, and plant the seeds for a breathable tomorrow.
Because the endpoint is an evergreen Earth.
