To celebrate this year’s Safer Internet Day, several industry experts offer their advice to Open Access Government in support of the ‘together for a better internet’ theme
Every year, on 11th February, approximately 150 countries worldwide pull together on Safer Internet Day to raise awareness of emerging online issues from ransomware to cyberbullying.
This year’s Safer Internet Day mantra is ‘together for a better internet’, a sentiment that is reflected in the advice from the below industry experts that Open Access Government spoke to in recognition of the day.
The big ‘R’: ransomware
Alan Conboy, Office of the CTO at Scale Computing discusses how, despite only being at the start of 2020, the news cycle has been flooded with organisations – from airlines to banks to hospitals, even entire local governments – falling victim to ransomware attacks:
“Threats such as these are evolving at an unprecedented pace, so causes like Safer Internet Day, serve as an important reminder for organisations to review their security measures and consider modernising any legacy or outdated defence infrastructures.
“Businesses must realise that traditional legacy tools are not only slowing their digital journey down, but leaving them vulnerable to tactical and well-organised criminals. Organisations should be taking advantage of highly-available solutions, such as hyperconvergence and edge computing, that allow them to not only keep up with changing consumer demands, but deploy the most effective cyber defences, disaster recovery, and backup.”
Steve Nice, Chief Technologist at Node4 looks into how cyber criminals will develop their tactics into the future:
“The standard response to Safer Internet Day will be about the importance of installing anti-virus software, ensuring all software is up-to-date, enabling two factor, making sure to not download apps from emails, ensure you have a strong unique password, and not to enter your credentials from a link sent via email.
“But, looking to the future, cyber criminals will begin to employ big data analytics to feed AI systems that target their prey more efficiently for phishing emails. Cyber criminals will continue to use phishing emails to deliver ransomware to target businesses, as they know that their assets are valuable, and to continue working they have to pay. However, what we’ll see is this activity spreading to household users who will have their cars and homes targeted. Wouldn’t you pay to get control of your car or home back? It may still be a few years off, but it’s inevitable.”
Joy Beland, Senior Director, Cybersecurity at ConnectWise explains how constant online presence lends itself to nonchalance in our behaviour:
“Being safe online means that how and when we use our devices needs a second look. Does an important looking email from a semi-familiar name warrant opening that attachment from your cell phone, or do you wait until you’re on a computer with good malware protection and can identify the full email address of the sender? When using a search engine, are you careful to read the actual URL of the website that shows up in the search results, or are you going off the headline that comes up in regular font when you select the results to click on? That second of hesitation may seem inconvenient, but a little extra scrutiny online can be the difference between a happy, productive day and a disaster costing thousands in time and money.
“The biggest threats today are business email compromise and extortion – mainly ransomware. There are many good resources to guide you in protecting yourself from these, and the solutions are not just technical. Education about what to watch for, like validating the sender’s email address and being careful to click legitimate websites when scrolling through search results, are key to staying safe.
The human element
Agata Nowakowska, Area Vice President at Skillsoft looks into why phishing and ransomware are just some of the attacks that pose significant risk to organisations, even when they have comprehensive security tools in place:
“This is largely due to the human element. A recent Kaspersky report found that employee errors or unintentional actions were responsible for 52% of incidents affecting operational technology and industrial control system networks. On Safer Internet Day, employee training must be top of the agenda. All too often the effects of human error can be avoided with clear, simple, and consistent training. For example, providing regular ‘bite sized’ videos that help employees recognise malicious emails can be a hugely effective – yet technically simple – tool to mitigate many of these threats.”
Jan van Vliet, VP and EMEA at Digital Guardian agrees:
“IT security tools are not infallible against human behaviour so businesses need to also apply security to their business practices. A business’s first line of defence is its employees. Malicious individuals are abusing the fact that junior staff implicitly trust their seniors and that they fear for their jobs if they do not act quickly as instructed. As a first resort make sure your staff are trained to require third party validation for any financial transaction or introduce payment procedures requiring multiple sets of independent eyes. You must put in place processes and beliefs that when out of the ordinary requests come through they should be questioned.”
At home and at work
Andy Swift, Head of Offensive Security at Six Degrees comments that one of the great things about Safer Internet Day is its relevance to both our personal and professional lives:
“Whether I’m advising clients or speaking to friends at the pub (not that they’d tolerate me talking about cyber security for too long…), three pieces of advice I’ll give to anyone looking to stay safe online are:
“1. Use a password manager. We’re all expected to use incredibly complex passwords to keep our Personally Identifiable Information safe, and rightly so. But there’s no way we’ll remember them all without some help. Use a reliable password manager and resist the urge to go back to using ‘Monday1’ for everything.
“2. Check for HTTPS websites using valid certificates. Sometimes thinking about all the sensitive information you share online can give you a headache. Bank details, passport numbers, addresses… Do yourself a big favour and ensure you only share sensitive information with HTTPS-enabled websites with valid certificates. HTTPS is a secure way to share data with a website, and it prevents cybercriminals from intercepting any information you submit. HTTPS-enabled websites are easy to spot – look for the little padlock on the top-left of your web browser.
“3. Don’t rely on your web browser to protect you. Today’s web browsers are better than ever at warning you about dangers lurking within the websites you visit. However, they can’t stop you if you still decide to download malicious content. Don’t rely on your web browser alone when you’re online – keep your wits about you and use your common sense at all times.”
The growth of the Internet of Things
Rob Mellor, Vice President and General Manager EMEA at WhereScape reflects on how far we’ve come since the first websites were launched:
“As of the beginning of 2020, there are now 4.43 billion websites and a new forecast from IDC estimates that there will be 41.6 billion connected Internet of Things (IoT) devices generating 79.4 zettabytes by 2025. As the number of websites, IoT devices and amount of data increases, it can present a challenge to IT teams looking to incorporate data into existing analytics environments. In addition, businesses also need to ensure their organisations and customers remain safe and protected.
“For businesses looking to maximise the value of their data and keep it safe, data automation software is a great option. Data automation significantly reduces the amount of manual coding, allowing IT staff to dedicate more time to deliver results for the business. In addition, data infrastructure automation also aids in data privacy and compliance. Automation does this by enabling businesses to know where each piece of data sits and who can access it, as well as tag it and track its lineage in order to have a complete picture of how it is being used.”
This Safer Internet Day provides a vital reminder for businesses, and individuals, to follow advice from professionals and to keep their wits about them as the internet continues to develop into a force to be reckoned with.