Cybersecurity experts on staying safe in the Corona era

Written by Published in Meetup reports-posts, Uncategorised

WEBINAR

Cybersecurity may be the second-biggest threat of our time.

Women in Digital Switzerland recently hosted an online meetup with two cybersecurity experts, Monique J. Morrow and Sandra Tobler.

WDS cybersecurity meetup

Online meetups in the age of Coronavirus

Women in Digital Switzerland organises monthly meetups to discuss the latest tech trends. And because the latest trend is social distancing, we met online.

This international event was joined by attendees from the USA, Berlin, Madrid as well as more local spots like Lausanne and Geneva.

Sign up to our email list or follow us on Facebook to be the first to know about the next meetup. Our meetups are open to both members and non-members.

Cybersecurity: “Do we care? Should we care? Or is it game over?”

How many things around you are connected to the internet right now? Look beyond whatever device you’re reading this on – everyday objects like watches, lightbulbs, and even bidets are now online, collecting information without you being aware of it.

“You are pulsating with data,” said Monique J. Morrow. With over 25 years’ experience as a global technology leader, Monique was selected as one of the top Digital Shapers 2018 in Switzerland. She has a number of other accolades: Forbes Magazine listed Monique Morrow as one of the top 50 women globally in technology. OneWorldIdentity recognized Monique as of the top 100 influencers in identity for 2019. In May 2019, Monique was recognized by Cybersecurity Ventures as one of the top 100 women in Cybersecurity. In March 2020, Monique was one of several innovators featured in Red Bull Innovator Magazine.

“The amount of data is getting bigger,” says Monique. “But who is taking that information and putting it together? For what purpose?”

In the meetup, Monique pointed out that cybersecurity and privacy are interlaced. By tightening your personal and professional cybersecurity, you can help protect your privacy for years to come.

Digital footprints are indelible. Once information leaves your possession, you no longer have any control over what happens to it.

The next digital age

Monique has a vision for the “Digital Age 2.0.” She proposes three key elements to get us there:

  • A tighter regulatory framework – with a focus on data ownership rights, and user controls.
  • Technology to meet the times – we’re already seeing this in blockchain and cryptocurrencies.
  • Increased awareness – GDPR regulations are a great start; now we need audit enforcements and impactful penalties for those who break the rules.

All of these steps have something in common: putting the user in the center of the conversation.

The final step is the self-sovereign identity and decentralization. Users will be able to provide relevant information – for example, that they’re over 21, or have a certain amount in the bank – without revealing anything else.

Learn more at the Decentralized Identity Foundation or w3.org.

Be a leader in the next digital age

Changes can be disruptive, but they also represent opportunities. Be a leader in the next digital age.

  • Know the rules – and follow them. You don’t have to be certified as a cybersecurity expert to advocate your company meets best practices.
  • Talk to your friends – Monique emphasized citizen engagement is key. (Not sure where to start? Joining WDS is a good first step.)
  • Vote. Not all political parties are as engaged with digital rights as others. Support those that put people’s rights above company profits.

A coronavirus complication: security threats

“You have to assume your password and email address are public information,” says Sandra Tobler.

It’s a common mistake, but “using simple, or the same password for all applications… it’s game over.”

As a security expert, Sandra has built a career around staying safe. She is an entrepreneur who worked in the IT space for many years, including roles with IBM and S-GE before co-founding security startup Futurae together with two PhDs from ETH Zurich’s System Security Group.

The pandemic has changed a lot of things – including phishing scams. Now, scams are targeting hospitals, or claiming to be from the authorities such as the WHO.

On top of this, companies are grappling with sudden work-from-home orders. Although white-collar telecommuting has been possible since at least the 1970s, and tested thoroughly from the 1990s, as recently as February 2020, many companies were struggling to figure it out.

Sandra shared she has seen a lot of companies relying on their staff’s personal devices. BYOD (bring your own device) is by its nature less secure, as companies have less oversight on what’s installed and how it’s used. At a minimum, teams can insist on strong passwords, two-factor authentication and regular backups of vital data.

Plug the leaks – practical tips from cybersecurity experts

“In my view, every single data point is extremely important. As soon as a hacker can generate data, it’s extremely important,” says Sandra.

“Hackers are not just a single person in a basement. They can integrate data [from different sources], and use that data to generate entire identities.”

One of the best ways to keep your data secure is to use two-factor authentication (2FA). “But As few as 10% of users enable 2FA,” says Sandra. “The reason? Usability. And companies hate it too.”

It’s often cumbersome (meaning more calls to the IT help desk), and creates friction in the user experience.

If you use SMS (text messages) as 2FA, you may be congratulating yourself right now (I was). But Sandra explains this isn’t good enough.

The issue is telecom infrastructure wasn’t designed to carry secure messages. That secure SMS is more like a postcard than a sealed letter: anyone who knows where to look can read it.

Other security measures may sound futuristic but aren’t as secure as they seem. Machine learning makes it possible to create deep-fakes of any voice. And face ID is not secure (or strictly GDPR compliant). Storing biometric data (like voice, retina scans, fingerprints or face ID) actually means you’re more vulnerable.

“When a password is leaked, we can reset it,” says Sandra. “But we can’t reset biometrics.”

“In a nutshell, it’s a big issue.”

An issue that the startup Sandra cofounded, Futurae, aims to solve. They create security solutions with a user-first perspective and work with some of the biggest brands in Switzerland.

Strengthen your cybersecurity

Cybersecurity is a big issue, but it’s one we have control over. These three tips will set you on the right track.

  • Educate yourselves on the most common coronavirus scams (and if you see them, report them to your IT team)
  • Follow best BYOD practice – back up your own device
  • Create strong passwords, and set up 2FA on all applications

What’s next?

We can’t wait to see you in person. Before that time, stay safe, and join us virtually in our next virtual meetup.

Sign up to become a member of Women in Digital Switzerland, or join our email list to be one of the first to know about the next meeting.