Navigating around the Cyberthreats in the Digital Economy
Every day we become more and more reliant on technology for even the simplest tasks. Simultaneously, our digital economies become more and more vulnerable to cyber attacks by those with malicious intent. Personally, we have all encountered some form of cyber intrusion, whether it was phishing, hacking, or a virus attack, an assault on our digital lives. We invest in anti-virus software, discard dubious emails and posting and messages in the various social media platforms like Facebook and instant messengers like Whatsapp. However, we are not in control of our own data: it is available in our bank accounts, our medical records, municipal accounts and a host of other repositories where we have placed our trust. Cybercriminals are keenly aware of this, and try to exploit our weaknesses on all these sites. What needs to be done?
How Safe is Our Data?
Well, it depends on who has your data and how diligent they are about protecting it. While we have Acts that protect our data privacy rights, such as the GDPR, they are generally reactive, and can only be applied after the event. They also differ from country to country, which might create extra complexity - what is the situation if there is a data breach on a cloud server, where the company using the cloud services is in Denmark, the CRM software is provided by an Israeli firm, the cloud service provider’s headquarters are based in the US, and their servers are scattered across the globe, from Chile to Russia? Which law or laws apply and who is ultimately responsible?
From our own perspective, we also have a supply chain to be aware of, from our ISP (internet service provider) to the software we use and our ability (or inability) to detect suspicious emails and instant messages purporting to come from our friends, our banks and other service providers. While some phishing emails are so obvious (no, the United Nations is not sending you a million dollars Covid relief from a gmail account), cybercriminals are becoming very ingenious. We should have cyber protection software that lessens the risks, but our real defence is our own intelligence and cynicism
Cybercrime in the Good Old Days
Stealing data is nothing new, from the earliest days of data being available, people have taken advantage of its accessibility. True, the only way to get hold of the data was by being physically in the location where the data was stored and being able to access it via some device, such as a monitor and keyboard. Even in large IT shops, there were rarely more than 4 or 5 employees in “IT Security”, whose primary job was to grant you access to the company’s computer system. So most crime was carried out by disgruntled employees, and limited to stealing mailing lists and selling them, or moving funds from dormant bank accounts to one of their own. This was before the Internet.
Then Along Came the Internet
We would not have a Digital Economy without the Internet. It has freed us to interact and transact with anyone anywhere in the world, find information (good and bad) in seconds, that we would have probably only found in a library, if at all. It has laid waste to many businesses that were based on bricks and mortar, and those that survived had to learn how to join the digital economy if they were to be sustainable. The Internet has brought us great benefits, from improved access to education, to a cheap and easy platform to start a small business. However, it has also benefited those who would harm us, and cybercrime is a rapidly growing reality
Understanding Where the Vulnerabilities Lie
It is very easy to understand where there are weaknesses in even the most protected environments: if there is an IP address, or a device that has an ability to connect with the Internet, there is a potential for hacking. So, apart from an organization’s own on-premise IT installation, there are billions, not millions, of ports of entry. The one that comes to mind first for most CIOs is remote workers and employees where BYOD (bring your own device) is allowed. Then we all use the cloud to a greater or lesser extent. However, here we probably have more protection than we know; companies like Microsoft spend billions against cyberattacks annually. Even then, there is a human problem in getting employees with the skills to work in the cyber defence space. There is the risk of emails, social media hacks and spam and instant messaging (e.g. Whatsapp) hacks. However, these all pale into insignificance, when you consider the Internet of Things.
There is a Spy in my Kitchen
We are all familiar with movies and TV series where listening devices are planted in people’s houses, without realizing that most or all of our devices have sensors built in them, from your washing machine to your pop-up toaster. Maybe a fridge that hooks up to the Internet is not such a good idea. Right now, there are 10 billion IoT devices out there communicating in some way or other. Some of them have been built and designed to be cyberproof, based on standards put out by bodies like the IEEE, but the majority of them have no or little resistance. There is still work to be done on finalizing those standards, and the legacy IoT devices out there do not comply. So we can expect that cybercrime will not stop in the near future, as long as there are easy backdoors into the Internet. It also means that the sheer volume of the workload for cybercrime prevention is beyond human control, and requires automated intervention.
Fighting the Good Fight
As mentioned above, nearly every body overseeing good governance and standards is constantly reviewing the risk of cyber vulnerabilities and have drafted standards and practice notes to be followed to mitigate and prevent cyber risk. The NIST has defined a risk management framework for organizational cyber threat resistance, called the Cybersecurity Posture
While this should be adopted by every organization, it should be noted that it does not address the issue of finding the criminals and stopping them, but that is a topic for another day.
AI to the Rescue
Artificial intelligence has become a vital defence against cyber crime, at all points in the NIST’s framework. It achieves this in different ways, firstly by identifying anomalous data patterns and behaviour that deviate from normal operations. It does this based on historical data and activities, as well as any supplementary information, which may need to be supplied, like previous cyberattacks and hacks that happened across the globe.
In the unfortunate event of an attack, it will mitigate the effect, applying learning about previous breaches as well as the current hack. It will also accelerate the recovery from a breach by assisting in repairing what has been compromised.
This all sounds great, and IBM has estimated that applying AI to assist in cyber protection can reduce the costs of a data breach by up to 80%. What is often overlooked is that your cybersecurity team cannot be replaced by one or more AI applications; they still steer the ship, but can capitalize on the speed and accuracy of the AI risk detection. There is a big skills shortage in this space, as Microsoft has pointed out, and this could be an ideal career path for those who want to progress in ICT.
Opportunities in Cyber and AI in South Holland
There are many opportunities for honing one’s skills at TU Delft, Rotterdam (Erasmus), and Leiden Universities. They have collaborated to create a centre of excellence for applying AI against cybercrime. Leiden offers an MSc in Cybersecurity, Erasmus offers education in the legal aspects of cybersecurity and TU Delft offers a range of subjects that address more technical issues in fighting cybercrime. South Holland is regarded as a nexus when it comes to combating this scourge and welcomes students, entrepreneurs and professionals to join the fight.