I have spoken before about my involvement with the Liquid Interactive Future Led Series. Late last year I was able again to join their team and listen in on a candid and informative discussion about where the future may take us. The final subject for 2021 was “Overcoming the cybersecurity challenge”. In the wake of the discovery of the Log4j vulnerability, the technology world was given a solemn reminder of the importance of remaining ahead of the game for the next cybersecurity challenge…
The speakers on the day were Şebnem Kürklü (Manager Technology Transformation & Cyber Security, Aurizon), Dr Ivano Bongiovanni (Lecturer in Information Security, Governance and Leadership, University of Queensland), Rakalene Condon (Head of Product, Everledger), Melissa Crossman (CEO, Cryptoloc Technology) and was moderated by Liquid Interactive’s own Jarrad Lawrence (and congratulations on a great job). With so much to talk about in this realm and such a depth of experience across the speakers, I feel like this panel honestly could have spoken for hours and still have held the attention of the room.
While sometimes it can seem like overwhelming cybersecurity threats abound, one of the topics that the speakers all seemed to agree upon was that we can take significant steps towards being cyber secure by simply making sure that users are kept up to date with relevant training and appreciation for the importance of their role in maintaining security for the technical assets of their organisation. Similarly for individuals, being aware particularly about what data they are sharing about themselves, and how it is being used. For organisations, one of the key factors to remember is human-centered design. Keeping practices and tools built to complement how people use them; solving problems for users rather than creating boundaries and rules that lead to regular frustration and occasional unsafe workarounds.
Who hasn’t heard the story of someone who, frustrated with regular and complex password updates, kept a sticky note with their passwords on their desk?
Technology provides us with opportunities to solve so many problems. It is important to remember that as we integrate it so seamlessly into every aspect of our lives that we remain informed about the choices we are making by doing so. As well as understanding where both our rights and personal responsibilities lie, I think that we can all contribute something to the security of our personal information, as well as organisational assets by remaining willing to actively involve ourselves in opportunities to learn more about cybersecurity.
As our world becomes more and more technically complex, we are inevitably going to be surrounded by various technologies that could theoretically become a risk – Internet of Things (IoT) devices are becoming commonplace, often our smartphones are both collecting and sharing a startling amount of personal data about ourselves – this doesn’t necessarily mean that we need to be terrified of it all, these devices can solve major challenges for us. But it does need to be addressed, by individuals, organisations and society as a whole.
Rather than being so afraid of the technical unknowns in our world, or missing out on advances from which we could greatly benefit, my personal opinion is that we need to pull our head out of the sand and learn what we are doing and what we could be doing to take responsibility and ownership of our own information and cybersecurity. From an organisational perspective, ensuring that technical teams working on cybersecurity truly understand how users are interacting with the system; so that processes are as intuitive and simple as possible to be both maintained and adhered to.
I would also like to take this opportunity to thank our very own Shay Telfer, whose rapid response to the Log4Shell vulnerability meant that we were able to bring solutions, not problems to those of our clients who may be affected.
I feel that the biggest take away from this Future Led session for me was a renewed interest in discovering more and learning what opportunities the future (particularly that of technology) might take us and what that means for the security of my own personal information. If you have a technical challenge that you are interested in solving with a team that takes your security seriously send us an email or feel free to reach out on Facebook, Twitter or LinkedIn.