What does the future of IT security look like? This was the question we put to Ebba Blitz, CEO of Alertsec. “IT is a really dynamic industry right now”, she says. “We’re seeing amazing new innovations and developments. We’re living and working in an ever-more connected world, filing our tax returns online, shopping and banking online. And with the Internet of Things, even the fridge will be online and able to order more milk. But that connectivity is creating huge vulnerabilities, backdoor access to our networks and the data that we need to protect.”
What does that mean for IT professionals, and how can our customers keep up with evolving security challenges?
In this special edition of SecureNews, Ebba shares her insights about the IT security challenges that lie ahead and how to mitigate the risks.
Encryption will continue to be the FIRST line of defense
“The internet is opening up a whole world of possibilities", says Ebba, "and we're already seeing benefits. There are new apps that are improving online banking, we get better healthcare services as providers share data, and we can access the office network from home. And there’s a lot of cool stuff that hasn’t even been dreamt of yet.
The demand for IT skills will be huge. That’s great news for young people looking for an exciting career but unfortunately it's also creating a number of challenges for SMB’s, even for those organizations who don’t want to develop apps or don’t even have an IT department.
Hidden cost of a data breach
“IT security skills is the #1 issue that I hear about. Last year, analysts Frost & Sullivan reported that there is already an infosec skills shortfall and it is impacting the ability of companies to recover from a data breach. Nearly 20% of organizations report that it can take up to 3 weeks to correct a breach and restore services. A data breach can mean not only a fine, but also your business being out of action while you try to fix the problem.
Threats from unexpected places
"As our homes and offices become more interconnected, we don’t give a second thought to the fact that the lighting system or printer or smoke alarm is connected to the network. Yet these connected devices provide backdoor access to the computers on the network. It’s a vulnerability that cybercriminals are moving quickly to exploit. Did you know there’s already been one data breach where cybercriminals got access via the air conditioning?
Protecting our own data
“Large organizations used to be the primary target for hackers but as they are becoming better protected, cybercriminals are moving down the food chain looking for easier targets such as small and midsized businesses (SMB’s) that tend to be less secure. I think we can expect to see that threat extend to individuals who are even less aware and even less prepared.
"While smart phone security will continue to get the headlines, it is going to be more crucial than ever to secure the laptops that professionals use at home and on the road. We store more and more personal data on our work computers: it’s so easy to let the browser save our network login credentials and passwords. A stolen, unencrypted laptop takes only a few seconds to hack, providing the login details for the company network.
Protect before the laptop is stolen
“There is one change that I really hope to see in the coming months: companies putting encryption on the agenda before the crisis happens. We continue to get so many calls for help from companies after an unencrypted laptop has been stolen. Even when Alertsec encryption has been deployed, data protection still needs to be top-of-mind and there are steps that we can all take now." Here are Ebba's recommendations:
encrypt all computers to protect personal account details and passwords;
educate your service providers, 3rd party vendors and employees about the risks;
put computers and connected devices on separate networks to avoid the potential risk of a backdoor access to important data;
encourage local schools and colleges to teach future entrepreneurs about IT security from a young age.
Teaching the next generation about IT is something that Ebba takes seriously. Interviewed by NBC about President Barack Obama’s visit to the Global Entrepreneurship Summit at Stanford University, she expressed the hope that Obama's visit would inspire young people to dream.
As it happens, Ebba’s twelve-year-old daughter was attending the iD-Tech camp on the campus.
“She's has been coding since she was 9", says Ebba. "She got interested in IT when we lived in Stockholm, Sweden, but we couldn’t find a suitable tech class. Girls are really excited about the end result, creating apps and games. Tech classes tend to be a bit geeky, which can be intimidating. So I set up a sort of coding ‘dojo’ at the kitchen table for my daughter and her girl friends.”
Since moving to the US, Ebba's daughter has remained just as keen to keep learning. "Initiatives like the iD-Tech camp teach really valuable skills for the future", says Ebba. "Any new business or enterprise starts with a need. These young people will be able to say 'Somebody needs this, I can fulfill this need' ".