Is part of this learning process realizing that we can’t delegate cyber security to technology alone?
There are fantastic new technologies like cognitive intelligence that SIX, for example, is rightly using in its security operations center. But algorithms alone won’t protect us. Even the best firewall is worthless if we, as users, act negligently. My research has demonstrated that personal actions now and again have facilitated some of the biggest cyberattacks. Every one of us makes dozens of security decisions every day: We open the door without knowing who’s on the other side, we use the same password for multiple websites, we click on links with no clue where they might lead, or we connect a private device to our workplace’s WLAN. We can use technology to automate those decisions and thus minimize human intervention, but human error will still occur. We therefore need to instill a security awareness, to become or stay a little paranoid.
You live in Tel Aviv, where you grew up. Do Israeli citizens have a heightened security awareness given the political situation?
The reality in which we in Israel live has brought forth astounding innovations. Pressure makes diamonds, after all. Time and again we have had to devise quick, and thus creative, security solutions for sudden threats. Perhaps originally envisaged as temporary solutions, many of them ended up standing the test of time. My perception of the Swiss, for example, is completely different. The stable environment that Switzerland has enjoyed for decades has enabled the Swiss to this day to always be prepared for any eventuality. Those two traits – creativity and constant preparedness – can both be helpful in the battle against cyberattacks.
Let’s look a little into the future. The Internet of Things integrating the physical world with the cyberworld is now becoming a reality. And biohackers are already working on using technology to enhance the human body.
That’s right, and that creates an unfathomably large target for attacks. Compounding the problem is that innovations in biohacking right now are not coming from companies or universities. It is flourishing in a do-it-yourself community that is experimenting with implanted chips and corresponding software. But we don’t have to go to that extreme to become concerned. Think of heart pacemakers or insulin pumps. Patients with pacemakers or insulin pumps already regularly have to run software updates today. So hacking computers was only just the beginning.