On Security Awareness - Mundo Hacker Day

June 16, 2015 | Jaume Ayerbe

If you allow me to quote once again Gabriel García Marquez,

Demons should not be trusted, even when they say the truth

That passage came to my mind few days ago when I had the honor to be a speaker at Mundo Hacker Day, a two-day cyber security event in Madrid, Spain backed by the popular TV program with the same title on Discovery Channel.

AlienVault also exhibited at Mundo Hacker Day.

I approached the event very open minded but not really sure what to expect from the audience, as it was not the traditional professional event around cyber security but geared towards a wider general public. I had only had the chance to watch the program on the TV but never have made it to their live events; however, during my talk, it became quickly apparent through the questions being asked that individuals were concerned about their own online security, whether from a privacy point of view of their digital memories, or from a fraud point of view involving their bank accounts or other sensitive data.

Amongst the audience, and on the expo area, the number of schoolteachers, journalist and like-minded professionals willing to help their students or peers to step up from an illiterate functional status shocked me. Well, that sounds too much when we talk about teenagers, but not so much when we talk about journalists. And the two communities are very sensible, whatever the kids are doing today is going to hang with them, online, for years to come if not ever.

If we talk to a journalist, whether freelance or part of a larger organization, they are a clear target, with a large list of followers and greater interest by cyber criminals to hack their web site and post fake messages pretending to be legitimate.

Collectively we are not doing a great job in educating cyber users about cyber risks. You might argue about the profiles discussed so far, but let me shed some light on this other case. A good friend of mine asked me to urgently visit his office, as a virus had made it to their computers and they were unable to carry on. It’s a small business, about a dozen servers, food industry, not IT intensive, all of a sudden a variant of CryptoLocker has been spread and all their machines hard drives are cyphered. You know what comes next …

Like many small IT departments, they were unknowledgeable on cyber security, even though they are university-educated computer science engineers. So many challenges, with the perception hackers won’t bother with me, I do not have that much information … up until you discover you just lost all of your data, and while your bank account has not been compromised, you are actually not only unable to invoice your customers, but you are simply unable to serve their orders as everything is gone, or actually it is there but you just can’t read it.

As an industry we may use fear as a way to motivate buyers, but the fear, the uncertainty is real, and it is not a question of ‘if’ but ‘when’ you will get hacked, and collectively we need to do a better job at educating kids, journalists, small and medium businesses, and every individual IT user. At the end of the day, we all carry a smart phone with computing and connectivity capacity that was simply not dreamed of 10 years ago on a desktop system.

It turns out I was quoted on national TV discussing the security awareness topic as one of the highlights of the show. So, I would like to capture your feedback: What Security Awareness measures have been successful in your organizations? Which one would you like to field test? Please reach out with your comments.

Jaume Ayerbe

About the Author: Jaume Ayerbe

Jaume Ayerbe has been in senior management roles with a number of high tech companies, including established large vendors (Microsoft, HP) and up-and-coming startups. Jaume has a tremendous wealth of international experience helping customers in Europe, the Middle East, and Latin America. At AlienVault Jaume leads the sales team running the business in the old and new continent speaking either Spanish or Portuguese. and he continues to reflect how despite the diversity of business cultures customers face the same issues when it comes down to managed their IT Security. Jaume holds two Engineer degrees, an MBA, a number of professional certifications.

Read more posts from Jaume Ayerbe ›

TAGS: hacking

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Watch a Demo ›
Get Price Free Trial