For many years, computer scientists and venture capitalists have posited that value of any Internet-based technology or service increases by approximately the square of the number of users.
Yet, that model, known as Metcalfe’s Law, departs significantly from current experiences on the Internet. For example, the relationship does not account for service degradation due to an overabundance of users or bad actors who steal value from the network, according to Rod Beckstrom, an entrepreneur and the former head of the National Cybersecurity Center. Just last week, Microsoft founder Bill Gates cut himself off from Facebook, canceling his account because, in the words of one media report, “it was just way too much trouble.”
Instead of focusing on the number of nodes in the network, we need to focus on the transactions, Beckstrom argues.
“The key to cybersecurity is the number of transactions that we want versus the number of transactions that we don’t want,” he told attendees at the DEFCON Hacking Conference on Friday. “If we can find what the value of the network is to you–and 1.5 billion people–that’s what is important.”
Beckstrom started with a simple equation, that the value of a network is equal to the benefit it provides minus the cost to provide it, and tailored it for the security world. The reduced form of the equation expresses value, V, as:
V = B - C’ - SI - L
“SI” is the security investment that a company or person spends to avoid losses and “L” is the actual losses due to poor security. “B” is the benefit, and the remaining costs, “C’ ”, are all those outside of the security investments and losses.
Using this equation, security management can focus on minimizing the costs of computer security, “SI” and “L”. On the other hand, proactive defenders, such as law enforcement, can focus on raising the security costs of the bad guys, Beckstrom said.
“Hackers have to spend a lot of money on trying not to be found–that’s the security investment,” he said. “Loss is getting caught or being taken to court.”
The model easily scales and has similarities to profit-and-loss relationships, so corporate financial officers can easily get their heads around the concept. Unfortunately, the model is only as good as the data, and that can be a problem, Beckstrom acknowledged.
Forget dating apps: Here’s how the net’s newest matchmakers help you find love
Fed up with apps, people looking for romance are finding inspiration on Twitter, TikTok—and even email newsletters.
How AI is reinventing what computers are
Three key ways artificial intelligence is changing what it means to compute.
These weird virtual creatures evolve their bodies to solve problems
They show how intelligence and body plans are closely linked—and could unlock AI for robots.
We reviewed three at-home covid tests. The results were mixed.
Over-the-counter coronavirus tests are finally available in the US. Some are more accurate and easier to use than others.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.