You're best known as a security expert but our theme today is "trust". How would you describe the connection between the two?

Security exists to facilitate trust. Trust is the goal, and security is how we enable it. Think of it this way: As members of modern society, we need to trust all sorts of people, institutions and systems. We have to trust that they'll treat us honestly, won't take advantage of us and so on – in short, that they'll behave in a trustworthy manner. Security is how we induce trustworthiness, and by extension enable trust.

An example might make this clearer. For commerce to work smoothly, merchants and customers need to trust each other. Customers need to trust that merchants won't misrepresent the goods they're selling. Merchants need to trust that customers won't steal stuff without paying. Each needs to trust that the other won't cheat somehow. Security is how we make that work, billions of times a day. We do that through obvious measures like alarm systems that prevent theft and anti-counterfeiting measures in currency that prevent fraud, but I mean a lot of other things as well. Consumer protection laws prevent merchants from cheating. Other laws prevent burglaries. Less formal measures like reputational considerations help keep merchants, and customers in less anonymous communities, from cheating. And our inherent moral compass keeps most of us honest most of the time.

In my new book Liars and Outliers, I call these societal pressures. None of them are perfect, but all of them – working together – are what keeps society functioning. Of course there is, and always will be, the occasional merchant or customer who cheats. But as long as they're rare enough, society thrives.

How has the nature of trust changed in the information age?

These notions of trust and trustworthiness are as old as our species. Many of the specific societal pressures that induce trust are as old as civilisation. Morals and reputational considerations are certainly that old, as are laws. Technical security measures have changed with technology, as well as details around reputational and legal systems, but by and large they’re basically the same.

What has changed in modern society is scale. Today we need to trust more people than ever before, further away – whether politically, ethnically or socially – than ever before. We need to trust larger corporations, more diverse institutions and more complicated systems. We need to trust via computer networks. This all makes trust, and inducing trust, harder. At the same time, the scaling of technology means that the bad guys can do more damage than ever before. That also makes trust harder. Navigating all of this is one of the most fundamental challenges of our society in this new century.

Given the dangers out there, should we trust anyone? Isn't "trust no one" the first rule of security?

It might be the first rule of security, but it's the worst rule of society. I don't think I could even total up all the people, institutions and systems I trusted today. I trusted that the gas company would continue to provide the fuel I needed to heat my house, and that the water coming out of my tap was safe to drink. I trusted that the fresh and packaged food in my refrigerator was safe to eat – and that certainly involved trusting people in several countries. I trusted a variety of websites on the Internet. I trusted my automobile manufacturer, as well as all the other drivers on the road.

I am flying to Boston right now, so that requires trusting several major corporations, hundreds of strangers – either working for those corporations, sitting on my plane or just standing around in the airport – and a variety of government agencies. I even had to trust the TSA [US Transportation Security Administration], even though I know it's doing a lousy job – and so on. And it's not even 9:30am yet! The number of people each of us trusts every day is astounding. And we trust them so completely that we often don't even think about it.

We don't walk into a restaurant and think: "The food vendors might have sold the restaurant tainted food, the cook might poison it, the waiter might clone my credit card, other diners might steal my wallet, the building constructor might have weakened the roof, and terrorists might bomb the place." We just sit down and eat. And the restaurant trusts that we won’t steal anyone else’s wallet or leave a bomb under our chair, and will pay when we’re done. Without trust, society collapses. And without societal pressures, there's no trust. The devil is in the details, of course, and that's what my book is about.

As an individual, what security threats scare you the most?

My primary concerns are threats from the powerful. I'm not worried about criminals, even organised crime. Or terrorists, even organised terrorists. Those groups have always existed, always will, and they'll always operate on the fringes of society. Societal pressures have done a good job of keeping them that way. It's much more dangerous when those in power use that power to subvert trust. Specifically, I am thinking of governments and corporations.

Let me give you a few examples. The global financial crisis was not a result of criminals, it was perpetrated by legitimate financial institutions pursuing their own self-interest. The major threats against our privacy are not from criminals, they're from corporations trying to more accurately target advertising. The most significant threat to the freedom of the Internet is from large entertainment companies, in their misguided attempt to stop piracy. And the cyberwar rhetoric is likely to cause more damage to the Internet than criminals could ever dream of.

What scares me the most is that today, in our hyper-connected, hyper-computed, high-tech world, we will get societal pressures wrong to catastrophic effect.