Digital security has been necessary ever since scientists booted up the first computers. It was needed when information exchanges came via punch cards and floppy discs, which Joseph Steinberg recognized at an early age.
His interest in digital security resulted from general curiosity when he was 8 years old as he wondered how systems’ various security features worked.
“How, for example, did software companies manage to protect their floppy-disk based games against illegal copying? And how did schools prevent unauthorized students from viewing or changing grades in a school system?” he pondered.
Steinberg took that childhood passion and turned it into a career. However, due to a cyber skills gap leading to 4 million open jobs, people like Steinberg are overworked trying to protect our networks. That’s why everyone must step up and do their part to improve digital security in the workplace.
The biggest threat — employees
The biggest cyber threat to every company comes from employees, who can potentially inflict serious harm, either intentionally or accidentally, and either directly or indirectly through third parties.
“Addressing human risks requires a blend of both education and technology,” said Steinberg. “You must educate your employees, for example, to internalize that they are targets and you must train them that they must be careful.”
Many organizations see technology as a substitute for humans when it comes to digital security, and technology can help reduce both the likelihood of people being exposed to dangerous situations, as well as to reinforce the training (e.g., how to spot phishing emails). However, these programs must be used in tandem with training and knowledge to be effective.
The rise of AI
Many companies see artificial intelligence (AI) as the wave of the future. AI will change the way every industry operates at some point but in their haste to make this digital transformation, many companies ignore the security risks AI introduces.
AI dramatically increases the need for improved cybersecurity, because the technology allows computers, without the involvement of humans, to make decisions that impact humans.
“If an AI-enabled system is hacked, the impact could be much more devastating in the physical world for people than when a more typical, non-AI system is hacked,” said Steinberg.
AI can be used for good and evil, and cyber attackers are increasingly using AI as a weapon.
“AIs that learn about corporate defenses, as well as about previously launched attacks and their results, can help attackers select attack methods, times, and technologies,” Steinberg said. “Additionally, AIs can be used to analyze information about organizations and associated personnel, and to craft effective social engineering attacks or spread false rumors on social media.”
So, while AI can benefit a company and streamline a lot of processes, there is still a need for human interaction to monitor AI.
Again, technology is meant to assist security, not replace it. It is part of a well-rounded security system.
Investing in digital security systems
There is still a misconception that only large enterprises are targeted by cybercriminals. Hackers go wherever the data is and they’ll go after small companies because they are often less protected.
Because attacks are costly, in fines and remediation, many businesses close after a breach. Investing in an information security program can literally mean the difference between flourishing and going out of business.
“Understand that you are a target,” said Steinberg. “People who believe that criminals want to breach their computers and phones act differently than people who don’t understand this reality.”
How you behave will determine just how digitally secure you really are.