With all of last week’s big security news at Cisco—Global Cybersecurity Scholarship program, CCNA Cyber Ops certification, and CCIE Security v5.0—I’d like to provide some further security fuel for thought and motivation this week. And what better place to go for that than to TED Talks? We all love TED Talks, right?
CSO, the IDG publication providing news, analysis, and research on security and risk management topics, makes it easy by having collected all in one place “10 Security TED Talks You Can’t Miss.” Says CSO, “These talks tackle some of the biggest security challenges of our time, from securing medical devices to how cyberattacks can threaten world peace. … We think you’ll be better for having taken the time to listen and consider their messages.”
These 10 talks are all relatively short—ranging from 9 to 19 minutes in length—so not a huge investment in return for the kind of wisdom, insight, and passion that TED Talks can provide. Many of them are galvanizing calls to action. You could start each day off with one talk for a couple weeks, or else listen to them all in one 2½-hour sitting.
Whether Sobering, Chilling, or Inspirational, the Talks Are Riveting
Here’s a taste of what awaits:
- “Hackers: The Internet’s Immune System”: Cybersecurity expert Keren Elazari discusses how hackers—even with the scary power they have—ultimately make the Internet a stronger, more resilient place by forcing the networked world to respond and evolve. The key, she says, is to find those hackers who are less motivated by financial gain through organized crime and more fascinated simply by the power of being able to “break things.” We need to harness the latter to be our heroes, showing us the weaknesses in our systems and how to fix them.
- “Fighting Viruses, Defending the Net”: In this talk, computer security expert Mikko Hyppönen provides a history of the computer virus, showing us with intriguing examples how viruses have evolved from the province of hobbyists and teenagers to that of organized criminals with increasing sophistication. More than devoting all of our energy to antivirus methods, we must undertake a concerted global effort, he advocates, to finding online criminal gangs and taking them down.
- “Hire the Hackers!”: British journalist Misha Glenny paints a vivid picture of the struggle in which we are engaged for control of the Internet. We are fixated on “dazzling technological solutions” when what we should be doing, he argues, is gathering more “human intelligence” on the character and nature of hackers and, instead of imprisoning them, focus on improved socialization and better use of their extraordinary skills.
- “All Your Devices Can Be Hacked”: It is not news to us that with the potential of the Internet of Things (IoT) comes the decided risk of so many connected devices being hacked. Avi Rubin, expert in systems and network security, provides chilling examples of how cars, smartphones, and medical devices can be compromised. Developers of today’s technology must take security into account from the very beginning and think outside the typical threat models, Rubin stresses.
- “How Cyberattacks Threaten Real-World Peace”: Author Guy-Philippe Goldstein gets us to think about how cyber weapons could be used to trigger armed conflict. The problem is complicated by the fact that one country might not even be able to determine where a cyberattack is coming from, thus creating dangerous room for confusion. Also problematical is the fact that when a country builds a cyberwar unit for defense, there can be a fine line between defensive and offensive uses of that unit.
- “Governments Don’t Understand Cyber Warfare. We Need Hackers.”: Today’s platforms for cyberwarfare can be deployed by activists, criminals, and corporations faster than governments can react, according to information security researcher Rodrigo Bijou. Governments are not adapting and learning fast enough, he says, and are using mass online surveillance that just causes more fear. Individuals and organizations need to step up because they have the power to work across borders more rapidly and effectively than governments can. The technological opportunity and cooperation should be inspiring, not fearful, he adds.
- “What’s Wrong with Your Pa$$w0rd?”: Computer science and engineering professor at Carnegie Mellon University, Lorrie Faith Cranor, shares with us the extensive research that she has done in the area of passwords. She gets us thinking more seriously about the passwords we create by showing us the techniques that cybercriminals can use to hack them. Her presentation contains useful tips for creating stronger passwords.
- “The 1s and 0s Behind Cyber Warfare”: Cybersecurity researcher Chris Domas gets down to binary nitty-gritties here. In an engrossing account, he relates how he employed visual pattern recognition to translate all those 1s and 0s into images that he could then use to radically simplify and speed up the process of pinpointing vital cyber information. This approach creates “a new weapon in the evolving theatre of cyberwarfare” and allows cyber engineers to “become first responders in emergency situations,” Domas says.
- “A Vision of Crimes in the Future”: The author of the book “Future Crimes,” Marc Goodman, says he is afraid of what he sees when he looks at the future of crime and terrorism. He uses the example of the 2008 Mumbai attacks to show us how we seriously underestimate what cybercriminals and terrorists, who have now proven themselves capable of building whole terrorist operations centers, can do. He talks about how new technologies such as 3D printing and IoT can be used to ill effect and how human DNA might be hacked. Goodman ends on the constructive note of suggesting approaches that we can take in the face of so much threat, notably to engage average citizens as a whole to take action.
- “Everyday Cybercrime and What You Can Do About It”: In this final segment, James Lyne, global head of security research at the security firm Sophos, shows us some of “the cybercriminal’s latest and nastiest creations.” We are given a concrete look at the modern cybercriminal, infiltration techniques, and the ways in which you make yourself vulnerable. The next time we get a “shiny new toy,” Lyne urges us to look at it carefully in terms of what it can expose about us and learn its best practices in terms of basic security. On a broader level, Lyne believes that we need to focus more aggressively on how we are developing our talent pool.
You can find all 10 TED Talks from CSO here. Which of the talks resonates most with you? Let us know why in the Comments below!
Fired up to do something about security and cybersecurity? Be sure to investigate the Security and Cybersecurity learning and certification pathways on the “Certifications” page. And don’t forget to look into our new Cybersecurity Scholarship program.
Gary Pfitzer is a content manager at Learning@Cisco, focused on bringing various aspects of today's IT journey to light through business papers, blogging, customer success stories, and other writing.