The Edward Snowden saga has cast light into the murky world of cyber espionage and cyber conflict and raised questions about the security of our online systems and data.

Cyber conflict or warfare is often presented to the public as a disaster waiting to happen. Often prognosticators of cyber doom repeat the same story, Stuxnet being a favorite example, to spread their warnings to a fearful public. The other common method is to tell stories of the worst-case scenarios based on speculation and imagination, with little evidence to back up claims. We hear stories of a cyber Pearl Harbor where the critical infrastructure of a country will be taken down by malicious hackers bent on destruction.

The problem with these warning is they are based on very little evidence of how the international system really works. Purveyors of cyber doom are taking advantage of the fear that comes from cyberspace because of our dependency on networked communications, and dependency makes us vulnerable.

Loading article content

Fear alone should not drive policy or action because the evidence of cyber conflict in the international sphere is scarce at best. States are restrained in their malicious cyber actions because generally there is very little to be gained from the tactic and escalating cyber conflicts will only bring the collective wrath of the international community on the violator. The real danger in cyberspace comes from the weaknesses laid bare in the targets themselves: vulnerabilities of our own making.

Basic cyber hygiene is the first step. We need to build systems that are safe and protected. Critical systems need to be cut off from global networks and those with access to these systems need to be controlled and monitored. As the Edward Snowden case shows, the danger here is not from governments spying on individuals – governments have very little time or inclination to sift through these massive databases of information without cause – the real problem is that this information is now collected and easy to access, even for a contractor based out of Hawaii. That Mr Snowden was able to get access to so much information, so easily, is the true risk to our cyber future.

We have become complacent about how we interact in cyberspace. The interesting development in cyberspace is not the threat that comes from this arena, but the trust we place daily in the system with our information, finances, and personal details. Everything one can possibly want to know about an individual can likely be found on a laptop or tablet. This trust we place in how we share and communicate information is a weakness. The danger is not from the tactic of cyber war, but rather from the temping nature of the target.

The vulnerability we exhibit in cyberspace is often of our own making. When a target is as juicy as the complete development project of critical weapons system, the entirety of digital communications of everyone in the United States, or the financial details of the New York Stock Exchange, how can an enemy not take the bait?

Mr Snowden has laid bare the weaknesses inherent in our systems and trust we place in the digital sphere.

There are two responses to this process. First we have to be more careful with digital security. The new step by the US government is to make information access much like nuclear weapons access and require two individuals to consent for secure information requests. This is the right step that needs to be replicated in the UK.

Secondly, we also need to reconsider who our enemies are and how we treat other international actors. Conflicts in cyberspace are directly connected to normal international relations disputes and issues. It is now more critical than ever to ensure that co-operation is the norm, rather than conflict.

These steps need to be taken to ensure our future, both in the digital sphere and the physical sphere. Security is not assured, but it is common if simple steps are taken to avoid the worst abuses system.

Dr Brandon Valeriano is a lecturer in global security at the University of Glasgow.