It is difficult to predict technology more than 10 years out with any certitude, but what I observe is that change and innovation happens earlier and faster than we expect. We are constantly surprised at what technology can do.
Since most cyberwar is conducted covertly, governments avoid any public acknowledgment of their own abilities and shy away from engaging in any sort of 'cyber diplomacy.' Statecraft conducted in secret fails to create public norms for deterrence.
We live in a world where all wars will begin as cyber wars... It's the combination of hacking and massive, well-coordinated disinformation campaigns.
The importance of human judgment does not evaporate in the future, and as connected individuals, we will have to exercise sound judgment about what we choose to share or not share about ourselves.
At a certain point, a critical mass of people either have used the Internet or have expectations. Anything less than the free flow of information will be seen as having something taken away. We've seen time and again - in Egypt and Iran, for example - that creates a backlash.
I often say Policy Planning is very analogous to a venture capital firm. A venture capital firm sees an interesting idea and puts money behind it; in Policy Planning, we look for promising ideas and then put contacts and relationships behind it.
Iranian young people are one of the most pro-American populations in the Middle East.
For people involved in pre-meditated crimes, whether it is terrorism or robbery or something else, their use of technology means that they leave a digital trail, and the room for error goes up dramatically. In the future, it will be easier for violent people to make mistakes and get caught before they commit their crimes.
By definition, transnational crime crosses borders, but efforts to combat it mostly do not.
While the specifics of Russia's interference in the 2016 American election remain unclear, no one doubts that Moscow has built a robust technological arsenal for waging cyberattacks.
I think companies need to put up tools that put privacy and security in the hands of their users and make it easy to understand those tools. In Google's case, two-step verification is a perfect example of this.
