There are ways to plug many of these backdoors and manage the secret keys that encrypt data at the application later. However when I work with customers on cyber, they are ignorant of their security architecture and key management schemes, and they rarely have the budget (or desire) to do it properly. Plus there aren’t enough security experts to go around. They are also ignorant of their risks, and often not accountable especially when it comes to stealing data and privacy, because it’s hard to measure. Financial services and crypto currency solutions are pretty good — because they measure failure very well!

Humans in general are really bad at managing risk that they can’t measure, or doesn’t affect them directly. It’s the same for climate change as it is for security. Managing risk at an institutional level (motivating people, budgeting, rewarding good work, understanding what is effective and what isn’t, metrics, etc) is an art that few people understand.

We are indeed entering a new world.