Much of our everyday life has moved online with the pandemic continuing to play a role in how we work and connected to others. This migration has meant that security and privacy continue to remain top-of-mind for both security professionals and those who may not have given these cyber issues a second thought once before.
In our discussion, we focus on Theresa’s experience with election security, social engineering, and about her book “Manipulated: Inside the Cyberwar to Hijack Election and Distort the Truth.” We likewise look at how the cyber operatives behind misinformation campaigns choose their targets, and how digital empathy and human-centered design can help combat cybercrime.
“Nation-state hackers invade social issues–such as fracking, elections, or vaccinations–all while posing as Americans, ” Theresa explains. She recounts how, in researching her volume, she found herself speaking to a group of Macedonian hackers who targeted the 2016 election, merely to discover the hackers were apolitical. “We’re pro-capitalism, ” they told her, explaining how they’d generated detailed simulates that showed how much revenue they could earn by move certain candidates rather than others.
“Microsoft was one of the early presidents in offering free tools to help governments improve their voting engineering. They looked at something that could be a revenue generator, then chose to make it about the public good instead.”–Theresa Payton, CEO of Fortalice Answer and co-founder of Dark Cubed
During our dialogue, we talk about how social engineering attempts are often built easier by our own trust natures, with vacation photos, birthdays, and other personal content providing the raw data hackers are dependent upon. Since privacy decideds for social media usually require users to opt-in, many customers are unknowingly laying their online lifetime out like a buffet for hackers. And, since many people don’t read the terms of service, they often have no idea what data is being collected, or what it’s being used for. Theresa mentions a study done by MIT researchers that acquire even anonymized data grabbed from phone records, credit card transactions, and mobile apps can be easily cross-referenced by zip code and gender to narrow the user’s identity to within just five people.
Theresa and I agree that people cannot be expected to be experts on cybersecurity or system designings, which is where digital empathy comes into play. As we to be all right at build security into systems, employees can be free to do what they were hired to do. “Microsoft has been producing the route in going passwordless, ” Theresa says. “I’m aroused that technology has finally caught up to our needs. Now we’ll only is restricted by our own creative minds.”
Find out how Theresa ran from operating as a bank administrator to handle cybersecurity at the George W. Bush White House and get some tips-off on how to protect yourself from social engineering schemes–listen to the full episode.
In this ongoing podcast series, I talk with cybersecurity influencers about the evolving menace landscape and explore the promise of systems powered by AI, IoT) and other emerging tech. In every episode, we’ll look at how to empower people and organizations to create a more secure, productive digital environment.
Listen to Afternoon Cyber Tea with Ann Johnson on:
Apple Podcasts: You are also welcome to download the episode by clicking the Episode Website link. Podcast One: Includes the option to subscribe–so you’re notified as soon as new episodes are available. CISO Spotlight page: Listen alongside our CISO Spotlight episodes, where customers and security experts discuss similar topics such as Zero Trust, compliance, running passwordless, and more.
In the meantime, bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity. Or reach out to me on LinkedIn or Twitter if you have guest or topic suggestions.
The post Afternoon Cyber Tea: Privacy, the pandemic, and the protection our cyber future seemed first on Microsoft Security .
Read more: microsoft.com