In a recent interview, a British intelligence agent from MI6 made the comparison between the climate crisis and the often dreadful data security processes in our society: "The threat hangs over all of us, we know we should act, but no one really knows how to or what we should do."
A collective shoulder shrug is of course both reckless and dangerous, but also somewhat understandable due to the extreme complex nature of the threat. Today's computer hackers could just as easily be bored, spotty teenagers as a criminal network that is looking to steal your corporate secrets. How should you protect yourself when you have no idea who the enemy is? Not even the institutions under most surveillance can feel safe. A few years ago, hackers succeeded in gaining full access to the American federal government's Office of Personnel Management and information about all of the 21 million government employees in the United States, which also included all CIA agents. So if you think you are protected because you have downloaded the latest antivirus software, then think again because you are not.
In line with technological developments, the methods and threats have also changed, and it is no longer credit card fraud and letters from Nigeria that worry data security experts, but much more serious intrusions. There are more and more sophisticated attacks today on apps in order to take control of our mobile phones. Considering the fact that we carry phones with us around the clock and use them both privately and at work, the consequences could be devastating. But an even bigger security problem is likely all the devices and equipment that are connected to the internet (Internet of Things).
In a famous episode of the TV series Homeland, a group of terrorists executes the US vice-president by taking control of his pacemaker.
Do you think this is just fiction? It could actually happen in practice.
"Moreover it is a crime that probably would not even be detected by an autopsy," says Marc Goodman, an international security expert at Singularity University.
Other generative targets for cyber attacks range from traffic lights to energy meters in a nuclear power plant or why not aircraft altimeters...the problem for instance with small devices that are connected to the internet is that they are rarely monitored visually and do not have the space required to install large antivirus software.
So what considerations should we give to data security at work?
Here are four basic but clever pieces of advice!
• Accept the fact that you will be hacked, and draw up a manual on how you and the company should respond when it happens.
• Decide what is important and must be protected at all costs.
• All firewalls can be hacked, which is why they should be monitored manually.
• Collaborate with other companies in your industry.