CYBERSECURITY,
THEY SAID
Our present and future in a single word
IT’S CYBERSECURITY AWARENESS Month again, but we at ACDS don’t just wait until October to publicize the importance of cybersecurity. Since the very beginning of our newsletter—and of the launch, in 2021, of ITArkansas Magazine—we’ve probed and interviewed and published smart people’s smart takes on the subject. Here, in observance of this year’s Cybersecurity Month, are some passages that continue to resonate.
————————————–
“PRIVACY ISSUES ARE not new….But what’s happened in the last decade, the 2010s, is that the proliferation of data has just been on an astronomical rise. And a lot of it is data that’s being collected through observation. For example, when you go to a website and order something, you know you’re putting in your name, your address, your phone number, your credit card—you’re in control of that. But what you don’t know are the things that websites or search engines are doing in the background when you use these digital services—things like identifying what pages you look at on a website, how long you stay on, and even things like your location at a particular point in time. All of which become very revealing in ways that you probably wouldn’t expect.”
–Jennifer Barrett Glasgow, EVP, Policy and Compliance, First Orion (February 2020)
“CYBERSECURITY HAS EVOLVED into information warfare. We’ve all read about election interference, and if you go look at social media, you can see some interesting examples of what our adversaries are trying to do to us. There are governments out there that have lots of people and lots of resources training all the time about how to muck around with our stuff. And we don’t have a lot of people or an endless amount of money training all the time to combat that.”
–Lee Watson, CEO, Forge Institute (March 2020)
“IN RECENT YEARS we have seen a rise of the so-called deviant mobs, weaponization of information, radical and extremist groups, propaganda dissemination, misinformation, fake news, and the like….Adversarial actors often distort or manipulate historical and cultural facts and present to the public to influence their beliefs and behaviors, something that can be considered as transforming folklore to fakelore. This is the new asymmetric warfare, where the war of ideologies is fought with tweets, bots, and trolls as opposed to bullets, bombs, and missiles.”
–Nitin Agarwal, Ph.D., Maulden-Entergy Chair and Distinguished Professor of Information Science, Director, Collaboratorium for Social Media and Online Behavioral Studies (COSMOS), UA Little Rock (November 2021)
“THE EXCITING THING about IoT is that it’s closely related to different technologies that are converging right now. I’m talking about mobile device technology, 5G, and machine learning. The converging of those three technologies is going to bring about major changes for a lot of different domains….I would say there are challenges right now for the short-term and the midterm….The first and most important challenge, I think, is security and privacy.”
— Iván Rodríguez-Conde, Ph.D., Assistant Professor, Department of Computer Science, UA Little Rock (November 2020)
“I REALLY THINK parents should be talking with their children about cybersecurity. And that reminds me, when I hear the word cyber, I think of all technology, not just cybersecurity. I have four boys, ages 10 to 22, and I talk with them about what they should and shouldn’t do with their technology….You want your kids to understand the ethical means of what you can and can’t do with technology, but that’s also huge from a safety and a physical security standpoint. Don’t post your location. Don’t share your personal information, because once it’s out there on the web, it’s out there….In the old days, kids were taught not to talk to strangers. Now everybody is talking to strangers all day long.”
–Scott Anderson, Executive Director, American Cyber Alliance (October 2020)
“[AT THE CYBER Arena], one of the modules we do is about mobile forensics, and it’s probably one of the most eye-opening to students about online safety and security. They go through a supposedly deleted cellphone image, and they’re able to recreate everything….And the students are like, ‘Wait, these are deleted files?’ Yes they are, and from the ‘deleted’ files we can create this entire case. And the students are just like, ‘Oh my god.”
–Sandra Leiterman, Managing Director, UA Little Rock’s Trojan Cyber Arena (May 2021)
“ONE OF MY projects [in the Navy] was to serve on a task force for the Secretary of the Navy at the Pentagon, looking at patterns in best and worst organizations. At some companies, people think that cybersecurity is too complicated, and other people don’t want to talk about it because they don’t want to expose their shortcomings. What our task force found was that the best organizations had a culture that supported productive discussions about security.”
–J. Foster Davis, Co-Founder and COO, BreachBits (November 2021)
“WHAT WE REALLY need is to get business buy-in to blocking more addresses. There’s a saying, and I didn’t come up with it, that the network or website that’s best for business is one that’s worst for security. And the network that’s best for security is the one that’s worst for business. So the most secure website or network would be one that nobody could get to. But then you couldn’t sell your wares or your product. It’s not always been good for my career to be the one who says to the businesspeople, ‘We need to block this.’”
–Eric Wall, Chief Information Security Officer, University of Arkansas System (March 2019)
“A LOT OF people say they want security, but they only want it so long as it’s not going to inconvenience them. When it starts to inconvenience them, it becomes the villain instead of the attackers, so they’ll start to fight against that….And I tell them, ‘I can do only so much in the background, but a good portion of this security work is going to take your involvement. It’s not just IT, it’s also processes. It’s physical security. It’s mindset. It’s even how you run your business. If you’re a business owner and you’re badmouthing security all day long, do you think your employees are going to take any kind of security seriously?”
–Christopher Wright, Co-Founder, Sullivan Wright Technologies (October 2021)
“ONE OF THE confusing things is, there’s cyber safety and there’s cybersecurity. And especially in October, Cybersecurity Awareness Month, you always hear about privacy, be aware of social media, change your passwords, and so on—which is great. Everybody needs to do that. But cyber safety and cybersecurity are two different things. Cyber safety is sometimes called cyber hygiene, which basically means keeping your network clean and up to date.
“But cybersecurity is a profession. It’s work, organizations have to invest in it, they have to pay for it. If we want to develop a workforce here in Arkansas, we can’t just take cyber safety and teach more of it. It requires actual professionals that study and get really good at this cybersecurity task. We’re not going to get out of this mess from good safety and hygiene alone.”
— Philip Dale Huff, Ph.D., Assistant Professor of Cybersecurity and Director of Research, Trojan Cyber Arena, UA Little Rock (ITArkansas Magazine, vol. 2, 2022)