Haley recently joined Komand as a marketing intern. Prior to joining, she's focused on content marketing efforts for many high-tech VC firms here in the Boston area. We asked her to write about her view on security in a highly digital world, and lessons to help educate younger generations on the need for security measures.
For a generation who takes such pride identifying with nonpareil tech capabilities, we evidently ignored a key basic.
The phrase itself, cybersecurity, has no personal connection to my world other than late night FBI crime show reruns. You know, the ones starring the classic hacker character in a black hoodie always found frantically typing away in his dungy basement. My thoughts are never burdened by the concern for the safety of my electronic's stored information. Or I should rephrase- I wasn't concerned.
The lack of consideration wasn't founded due to ignorance towards the general idea of cybercrime. I had heard of it quite often, maybe even too often to allow it to seem threatening. I mean, I'm not an avid Ashley Madison member, I don't spend my free time playing with the newest children's toy from Vtech, I don't run a large international corporation, nor am I a person of high profile.
So, why should I care?
There's a reason why the global cybersecurity solutions market continues to expand at such a rapid rate. It was estimated to be US$75-77 billion in 2015, and is expected to reach US$170 billion by 2020.
Everyone in this modern world is a hacker's target.
A hand chosen victim, to an innocent employee who simply happened to click on the incorrect link, we are all subsequently affected by cybercrime in one way or another.
With the IRS, U.S Government's Office of Personnel Management, and the Pentagon all falling victim of recent attacks, the endless search for a trustworthy organization to safeguard personal data becomes increasingly difficult. Though we cannot control the fate of who will fall victim or when the next attack will take place, we can ensure our own personal system is as secure as possible. This means that we must be cautious as to what information we choose to share and whom we share it with.
This surge of focus on protecting data, should be perceived as efforts to protect people.
Lesson #1 : A smartphone is a mini computer,
and should be treated accordingly.
Just how much power and potential do our little devices hold?
Your smartphone has the ability to connect to any public network in its vicinity, and is actually encouraged to do so. In exchange for your naive attempt to save a few dollars on your mobile data plan, you put your device and personal information at great risk. After viewing a 7 minute Youtube tutorial, I'm quite certain that I could begin my career tomorrow as a successful cafe hacker. It's a surprisingly simple exercise, minus the complex terminology that makes it seem an arduous task.
A smartphone is like an infant child : You never let it out of your sight, it’s carried around wherever you go, and you can’t imagine living without it. One would think that the amount of attention paid to a device would directly translate to how secure it is, yet smartphones are seen as the ultimate spy tool by hackers. Think of just how much information is taken, tracked and stored on that tiny computer in your pocket- it's lacking the security system that it deserves.
All the great innovations that make our lives easier through the use of smartphones (i.e. online banking, communication platforms, picture storage, front-facing camera, health files and contact databases) can easily be used against us as a weapon of self destruction.
New systems are created for simpler usability, easier accessibility, faster processing and more efficient use- not for better equipped security.
In this particular instance, one way to protect your data from intruders is to be weary of free and open wifi. Even if free wifi saves on precious data usage, it also opens you up to the potential of unwanted access. Remember those cafe hackers?
Lesson #2 : This is just the beginning.
Internet of Things (IoT): noun \ˈin-tər-ˌnet\ \əv \ˈthiŋ\s
- All things in house are connected to the internet… reveal all types of info. Find wifi in pacemakers, snipers, baby monitors, etc. Gartner forecasts that 6.4 billion connected things will be in use worldwide in 2016, and will reach 20.8 billion by 2020 (Gartner, Inc., press release, November 10,2015)
Think back to the FitBit you received for Christmas... how it's been on your wrist ever since, yet you find little to no practical use for it. Well, even that thin plastic band has the potential to be hacked and manipulated to stream your own personal data to an unknown source. Just imagine for a second if someone hacked into your Fitbit, and tracked all of your daily motions and heart rates. They would therefore be able to tell when you were sleeping, when you were driving, or when you left your home for that daily run.
That's scary, and that’s just a Fitbit. When you think of the ceaseless possibilities of what future technology can bring into our daily lives, you must also be attentive to how vulnerable they make you. It's a difficult thing to find your own balance of security and practicality, yet is an inevitably necessary effort.
Lesson #3 : Don't be self-absorbed.
With smartphones at the verge of becoming the primary source of internet use, security accountability decreases, and employee responsibility must in return increase. Whether the device is company provided or personally purchased, the cyber knowledge that you acquire, and your decisions based on that knowledge, directly affects your entire realm.
With an approximate 222,856 - 251,415 incoming attacks per day, every day, corporations should make it a high priority to instruct all employees on the key safety measures and procedures to ensure that no one is an obvious weak spot in the organization. With IT departments laboriously battling the ramifications of hack attempts, you, as an employee, are compelled to do everything in your power to not create more of a botheration. Those working on handling security issues are infested with thousands of alerts per day- many of which need manual investigation. (Learn how Komand can help with manual security tasks)
Although changing your way of life in hopes to establish a secure system will not happen overnight, you can start with a valuable basic: A good password.
If you're like me, you have that trusty 8-character password, use your outdated Norton security scanner twice a year, and maybe even decide to clear your browsing history... only when you're exceedingly bored while waiting in a long checkout line.
In 2012, password theft alone increased by 300%... yet here I was, with the same password for every account since the young age of 9. Following my analysis on the process of creating a "good" password, I adjudged that the key to my identity was in serious need of revision. I am sad to announce that ILuvDogzzz<3 is now a thing of the past.
The generation that I belong to is at greater risk than most, due to our obsession with the latest models, and the newest applications required to fulfill that need of instant gratification we so long for. We have a general tendency to believe that we're invincible, and that said consequences do not pertain to us. But, we aren't, and they do. Those consequences of ignoring the obligated precautions and procedures of cybersecurity not only puts us and our identities out there for grabs, but places our contacts and employer's wellbeing in an unsafe environment.
It's like when my Grandmother received a malicious email disguised as an e-greeting card for Christmas 2010. She naturally felt it was her duty to open the card she had received, accidentally clicked on a few wrong links, and so for the next couple of months my entire family received multiple messages from grammy explaining her secret tricks on how to enlarge male genital parts. It made for an uncomfortable Thanksgiving, to say the least.
PSA : Don't be Grandma...