17 Motivating Cybersecurity TED Talks
Cybersecurity careers are projected to grow 31 percent by 2029, according to the U.S. Bureau of Labor Statistics, as governments and companies seek better ways to protect their information from attacks.
The rise in cyberattacks begs a few questions:
- From where do these threats emerge?
- Who’s best equipped to address them?
- What might the general public do to protect themselves?
In this series of TED Talks, experts in cybersecurity, cyberpsychology, and hacking share their views on the nature of online protection and privacy. They also seek to unmask (literally, in one case) the perception that hackers are nothing but a threat. In fact, hackers might save us.
TED, a nonprofit organization, sponsors a series of talks exploring places and subjects to help us better understand our world and each other. If you’re interested in cybersecurity, these 17 motivating TED Talks are for you.
Nick Espinosa, Chief Security Fanatic, introduces his job through what he calls “the language that is nerd.” “I speak nerd,” Espinosa says. “My job is to be the best nerd-to-English translator to help the world stay safe online.”
Espinosa details his five essential rules of cybersecurity, which revolve primarily around vulnerability. Rule No. 1: “If there’s a vulnerability, someone will exploit it. No exceptions.” Espinosa’s other rules describe how innovation can be exploited and how humans trust perhaps a bit too easily. And his fifth rule? “When in doubt, see No. 1. Everything stems from vulnerability.”
Dr. Romeo Farinacci uses an analogy to introduce cybersecurity’s value from a counterintuitive perspective. Consider cybersecurity as the equivalent of brakes on a car, he suggests. They’re not designed to stop you; they’re designed to help you go faster, safely.
Farinacci, who conducts cyber systems operations for the U.S. Air Force Reserve, says cybersecurity isn’t the nuisance that some people perceive it to be. When executed properly, cybersecurity is a tool that allows people to do their jobs faster and better.
Jaya Baloo, a chief information security officer, begins her talk by scanning the audience for smartphone vulnerabilities. She finds 42 flaws, likely the result of lapsed security updates. These are simple cybersecurity measures that everyone can use to safeguard their data.
The more devices to which we are connected, the more vulnerable we are, Baloo says. Think it’s ridiculous that a vacuuming robot could spy on you, or a refrigerator could deny its owner entry? Think again, she says.
Hackers deliver some of the most interesting TED Talks because they demystify their work while underscoring its need. Take Ymir Vigfusson — he’s a former hacker and current assistant professor of computer science. Vigfusson begins his talk by wearing a ski mask to explain why hackers are the backbone of cybersecurity.
“I believe it is the only way we can rebuild cybersecurity,” Vigfusson says. “Not understanding hacking creates a paralyzing fear of hacking and cybersecurity. You cannot understand defense if you do not understand offense. Let’s embrace it. Let’s all become hackers.”
Dr. Erik J. Huffman, a cyberpsychologist, delivers a fascinating look into the psychology of cybercrime, much of which depends on human reaction. He frames his talk around a story involving his mother and a phony email; noting how even he, a cybersecurity expert, was vulnerable to its pitch.
“When you’re online, your survival brain doesn’t activate as it does in the physical world,” Huffman says. Consequently, people are more vulnerable to online threats because their fight-or-flight reaction doesn’t trip.
Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation (EFF), passionately lobbies antivirus companies to stop marketing stalkerware as a product. Stalkerware allows people to monitor others without their knowledge and is used by those who commit crimes of abuse. It’s an easy, and remarkably cheap way to be a stalker, Galperin says.
“Our goal is both to educate people about these programs, but also to convince the antivirus companies to change the norm in how they act around this very scary software,” she says.
Cybercrime is “out of control,” Caleb Barlow says. In his TED Talk, Barlow cites a United Nations estimate that highly organized criminal gangs conduct 80 percent of cybercrime, representing one of the largest illegal economies in the world. Barlow, CEO of a cybersecurity services firm, shares this statistic in his discussion of cybercriminals and society’s insufficient response to their behavior.
To fight criminals, Barlow argues that organizations need to share security information with each other to create a data pool — much like we do in a health care crisis.
Keren Elazari, who calls herself the “friendly hacker,” is a cybersecurity expert and author who equates hackers to being an immune system for the digital body.
People fear hackers because they don’t understand how ethical hackers find and expose internet threats. They also force governments and companies to evolve and improve their networks and online presence. “By exposing vulnerabilities,” Elazari says of hackers, “they push the internet to become stronger and healthier.”
Where are criminal hackers launching their cyberattacks, and how should we defend against them? For those interested in a cybersecurity career, Dr. Srini Sampalli offers a primer on the principal threat areas.
Sampalli, a computer science professor at Dalhousie University, cites five primary threat areas: mobile technology, ransomware, internet-enabled appliances and electronics, big data, and the human factor. It’s easier to con people through social engineering tactics and psychological manipulation (e.g., the human factor) than through hacking, Dr. Sampalli says.
You don’t have to be a security expert or hacker to protect yourself online. Maytal Brooks-Kempler, a cybersecurity awareness expert and consulting firm founder, shares some tools and techniques to help use the internet without fear.
Brooks-Kempler illustrates some basic steps people should take to protect their online profile, including being careful with what they share and what they download. Eighty percent of security incidents involve “the human factor,” Brooks-Kempler says. “Let’s go from being the weakest link to being the strongest link.”
Alex Winter is best known for playing Bill in the “Bill & Ted” movie trilogy. He also is a filmmaker who spent years exploring the internet for a documentary called Deep Web.
Winter argues that this misunderstood internet sector doesn’t traffic in drugs and crime to the extent that people are told or suspect it does. In fact, Winter says, the dark net is “a terrible place to conduct crime” and that we need it to preserve a measure of online privacy. Winter’s TED Talk challenges many preconceptions about the internet.
In 2007, Dr. Amy Zegart explains, a U.S. intelligence report did not include the word “cyber.” In 2009, cyber threats were assessed at a threat level below drug trafficking in West Africa. That’s no longer the case.
Zegart, a Stanford University political science professor and national security writer, details how quickly cybersecurity became the biggest threat to national security and what steps countries must take to safeguard themselves.
Cybersecurity experts do much more than prevent identity theft or credit card fraud. They make sure our power grids stay on and our water supplies aren’t compromised by criminal hackers.
Glenn Murray, CEO of an Australian cybersecurity firm, says this sort of protection goes beyond establishing robust firewalls for utility providers. Murray explains that utility providers must be open about attacks they have absorbed, as well as the risk-assessment procedures they have in place, to help other providers prevent future attacks.
Meet Chris Nickerson, another hacker who wants to deconstruct the stereotype around what he does. “When you type ‘hacker’ in Google, it’s the most depressing thing in the world to me,” he says. Nickerson, who turned his hacking skills into becoming CEO of a business security firm, offers an entertaining rebuttal and some provocative points to consider.
Nickerson wants people to respect “real hackers” — those who expose security issues by hacking into computer systems. Nickerson also says that hackers expose the idea that security can’t be bought; companies spend plenty of money on cybersecurity yet still get hacked. One solution is for hackers to bring more awareness to security issues simply by hacking more systems.
A rapidly growing field of cybersecurity involves medical devices. Stephanie Domas, a cybersecurity strategist, illustrates how medical devices are susceptible to hacking. And, because they can provide access to electronic health records, their target value can be greater than credit card numbers.
Further, medical devices are vulnerable to accidents. Consider one example Domas uses: A device’s antivirus software began running during a heart procedure, rendering the device unresponsive. “An inhaler with a Bluetooth connection is a threat,” she concludes.
Computers don’t deviate from their programming. Humans, however, fall prey to all sorts of decision-making blunders. As a result, Mark Burnette says, companies continue getting hacked because of the humans running their security measures.
Burnette, an information security expert, defines three primary human characteristics that hackers exploit: curiosity, trust, and lack of information. “A key reason hackers are so successful in compromising organizations is that people regularly fall for their cybersecurity scams,” he says.
Dr. Duane Dunston, Associate Professor of Information Technology and Sciences at Champlain College, offers a unique proposal — put middle-school and high-school kids in charge of cybersecurity in their communities.
Dunston anticipates the “Excuse me?” by noting that people eat food cooked by teenagers and hire them to babysit. So, he asks, why not create and train computer-literate students to help manage the security needs of their neighborhood small businesses? “What I’m proposing is that we crowdsource middle, high school, and college students to become the new era of cyberpatriots that act as our local community computer emergency response teams,” he says.