Technology has changed all aspects of our lives, including the way we transact. In our digital economy, money is not the only currency consumers place value in as they also see trust, time and treasure as important drivers, writes Intel’s TREVOR COETZEE.
In the conventional economy, money is the only currency. But we are increasingly inhabiting a world comprised of the cloud, mobility, the Internet of Things and an infinite number of goods and services that are exchanged online.
In this so-called Second Economy, money isn’t the only currency. In this technological and social realm, trust, time and treasure are the new currencies – and one of them is worth a lot more to cybercriminals than money.
The Second Economy is built on the psychological currency of trust. When we transact online, we trust that the company we’re dealing with will protect our information.
But trust is under relentless attack and is the prime casualty of cyber conflict. Hacktivists aren’t after money. Rather, they want to embarrass their targets and reduce their brand value by sowing mistrust. Each attack serves to erode the trust of customers in a company’s ability to withstand future breaches and protect their interests. And when trust is lost, it can do as much damage as lost funds, if not more.
A cyber defence focused primarily on protecting financial assets is therefore insufficient. The problem, however, is that public concern about personal data loss is falling despite a rise in data thefts. Also, breach victims are not typically penalised, even when their own negligence contributes, which suggests that breach costs should be evaluated in the Second Economy.
In the Second Economy, time matters more than money.
On the one hand, cybercriminals, or black hats, have time on their side. They design their attacks at leisure, crafting carefully thought out and executed strategies that can sometimes go undetected within a network for months, even years.
They also use time to their advantage in ransomware attacks by attaching deadlines to ransom pay-outs for the safe return of data. Under such immense time pressures, victims are more likely to respond impulsively and pay the ransom.
On the other hand, victims, or white hats, are in a constant race against time and are always reacting under pressure. When a breach occurs, time is the ultimate weapon – detecting and remediating threats as quickly as possible becomes the goal in a race where every second counts and time most certainly is money.
The time it takes an organisation to respond to breaches depends on the tools, policies and political structures that are in place before the notion of a threat is even recognised.
But the status quo in most organisations is that separate divisions have separate security policies, which slows down their response times. An IT strategy that allows for new technology to be rapidly onboarded will ensure that new software releases will not hinder productivity and that software updates are not time-consuming.
In the Second Economy, money – or profit – is not the only treasure that black hats are after. When it comes to sowing mistrust, cybercriminals could be motivated by principle – as it often seen in attacks by ‘hacktivist’ group, Anonymous – while nation-states identify targets to expand their province.
Whatever their treasure, black hats have clear incentives motivating their next move, and with each attack, the trust economy is ultimately corroded. These fast-moving, fast-adapting black hats govern the terms of cyber conflict and control the pace of innovation and the nature and timing of assaults. Organisations play a perpetual game of catch-up, yet they consistently ignore or rationalise the risk.
This must change.
Gaining the upper hand
Individual users cannot shirk responsibility for helping safeguard the Second Economy and, at the strategic level, today’s siloed, reactive, barely collaborative defence posture must yield to a new white hat paradigm that is adaptive, aggressive, proactive, newly generous on information-sharing and unpredictable.
If we are to secure the now indispensable, Interned-based Second Economy, we have to reject conventional defence paradigms in favour of radical new thinking. Where we have relied on old playbooks, we must be newly unpredictable; where we have hoarded information, we must become collaborative; where we have undervalued cyber defence, we must prioritise it.
A good start is at the organisational IT level through adopting technology platforms that accept new security software quickly and result in a better-aligned ecosystem. We need to develop a whole spectrum of response plays and not simply plan for an unlikely worst-case scenario.
No single solution can eradicate all threats. We need a superior platform that allows for swift on-boarding of new technologies, over an architecture backed by common tools and workflows, along with automation and orchestration capabilities – one that doesn’t multiply operational complexity for already overburdened staff. An integrated platform also offers the benefit of tapping into aggregate innovative capabilities of hundreds of potential players, all connected over the same infrastructure. This gives white hats a fighting chance at making time their ally.
Cyber security professionals with a more simplified back office infrastructure, as provided by fewer vendors in their environment, report experiencing fewer threats, better detection times and more confidence in their security posture than those with a more fragmented, multi-vendor approach.
There also needs to be organisational change. CEOs must advocate for more strategic, proactive defence while end-users must develop better security consciousness.
Finally, we need bold information sharing. By hoarding information, we make the Second Economy more vulnerable. Better defence depends on better sharing impulses. Bold, perhaps altruistic information sharing gestures by cyber defence organisations can change the culture.
Our economy is no longer a physical one but one of connected networks and systems where cybercriminals have put us on the defensive. We now live in a world where more than money is at stake and where we’re fighting against time and working to justify trust.
If we’re going to win the race, we need to abandon old security playbooks to become more unpredictable and collaborative and make cyber defence a priority.
* Trevor Coetzee, regional director, South Africa and sub-Saharan Africa, Intel Security
How we use phones to avoid human contact
A recent study by Kaspersky Lab has found that 75% of people pick up their connected device to avoid conversing with another human being.
Connected devices are becoming essential to keeping people in contact with each other, but for many they are also a much-needed comfort blanket in a variety of social situations when they do not want to interact with others. A recent survey from Kaspersky Lab has confirmed this trend in behaviour after three-quarters of people (75%) admitted they use a device to pretend to be busy when they don’t want to talk to someone else, showing the importance of keeping connected devices protected under all circumstances.
Imagine you’ve arrived at a bar and you’re waiting for your date. The bar is busy, and people are chatting all around you. What do you do now? Strike up a conversation with someone you don’t know? Grab your phone from your pocket or handbag until your date arrives to keep yourself busy? Why talk to humans or even make eye-contact with someone else when you can stare at your connected device instead?
The truth is, our use of devices is making it much easier to avoid small talk or even be polite to those around us, and new Kaspersky Lab research has found that 72% of people use one when they do not know what to do in a social situation. They are also the ‘go-to’ distraction for people even when they aren’t trying to look busy or avoid someone’s eye. 46% of people admit to using a device just to kill time every day and 44% use it as a daily distraction.
In addition to just being a distraction, devices are also a lifeline to those who would rather not talk directly to another person in day-to-day situations, to complete essential tasks. In fact, nearly a third (31%) of people would prefer to carry out tasks such as ordering a taxi or finding directions to where they need to go via a website and an app, because they find it an easier experience than speaking with another person.
Whether they are helping us avoid direct contact or filling a void in our daily lives, our constant reliance on devices has become a cause for panic when they become unusable. A third (34%) of people worry that they will not be able to entertain themselves if they cannot access a connected device. 12% are even concerned that they won’t be able to pretend to be busy if their device is out of action.
Dmitry Aleshin, VP for Product Marketing, Kaspersky Lab said, “The reliance on connected devices is impacting us in more ways than we could have ever expected. There is no doubt that being connected gives us the freedom to make modern life easier, but devices are also vital to help people get through different and difficult social situations. No matter what your ‘connection crutch’ is, it is essential to make sure your device is online and available when you need it most.”
To ensure your device lifeline is always there and in top health – no matter what the reason or situation – Kaspersky Security Cloud keeps your connection safe and secure:
· I want to use my device while waiting for a friend – is it secure to access the bar’s Wi-Fi?
With Kaspersky Security Cloud, devices are protected against network threats, even if the user needs to use insecure public Wi-Fi hotspots. This is done through transferring data via an encrypted channel to ensure personal data safety, so users’ devices are protected on any connection.
· Oh no! I’m bored but my phone’s battery is getting low – what am I going to do?
Users can track their battery level thanks to a countdown of how many minutes are left until their device shuts down in the Kaspersky Security Cloud interface. There is also a wide-range of portable power supplies available to keep device batteries charged while on-the-go.
· I’ve lost my phone! How will I keep myself entertained now?
Should the unthinkable happen and you lose or have your phone stolen, Kaspersky Security Cloud can track and protect your device from data breaches, for complete peace of mind. Remote lock and locate features ensure your device remains secure until you are reunited.
Five key biometric facts
Due to their uniqueness, fingerprints are being used more and more to quickly identify and ensure the security of customers. CLAUDE LANGLEY, Regional Sales Manager, for Africa at HID Global Biometrics, outlines five facts about the technology.
How many times in a day are you expected to identify yourself? From when you arrive at work you are required to sign in, visiting your bank, receiving healthcare services… The list is endless. When a system knows who you are, you are able to do any number common, everyday activities. Your identity is unique and precious. It is also easily stolen and the target of many hackers across the globe. Technology is constantly evolving alongside the criminal element, always looking for ways to protect data and identity. One such solution happens to be biometrics and it is rapidly gaining traction in our increasingly complex modern world.
Reliable, secure and fundamentally YOU, unique biometric traits such as fingerprints are being used by banks, enterprises and consumers to verify identity. Biometric solutions offer significant identity protection because they use unique biological details to ensure an account is only accessed by the account holder, a door only opened by the owner. Here are five things that are little known about this technology…
- The uncut identity. Your fingerprint is unique to you. Nobody can use a copy of it to impersonate you. Good technology is capable of scanning down into the layers of the fingertip to differentiate unique elements of a person’s fingerprint, this data is then encrypted and used as a key to unlocking whichever physical or virtual door that the biometric system protects.
- The living proof. No, there is nothing to the stories of fingerprints being used without their owner’s knowledge or permission. Biometric solutions can use specific variables to determine if the finger used to access the system is that of a present, living person. A copy or a fake cannot be used to access a cutting-edge biometric solution.
- Easy and convenient. Queues and documents and paperwork may well be a thing of the past should biometrics take a firmer grip of government and banking systems. The process of registering is easy, and access to identity documents and records is yours alone.
- Security blanket. A thousand passwords and a hundred post-it notes stuck on walls and drawers. An excel file with a list of sites and applications and their corresponding passwords, all a thing of the past. Nobody needs to remember their password with biometrics, they only need to show up.
- Anywhere is cool. Schools, airports, networks, offices, homes, toilets, banks, libraries, governments, border controls, immigration services, call centres, hospitals and even clubs and pubs – knowing “who” matters and biometrics can quickly and conveniently confirm your identity where needed.