More data, more technology – how to keep the human mind involved?
If you work with cybersecurity, you know that things are evolving fast. By the end of this day, new methods have already been invented that did not exist yesterday. Malicious actors and security professionals are pushing each other for creative solutions. Yet the security of companies – even the strongest ones – can ultimately be in the hands of an individual. For this reason, understanding is the key, as futurist Mika Aaltonen points out.
A single cleverly constructed scam is enough for a company to lose both its reputation and a large sum of money. Let’s say a cybercriminal pretends to be a business partner. First they may refer to those great pictures from a golf trip, next the names of colleagues will be dropped casually into the conversation. As the trust is won, all it takes is a request and a few clicks. As a consequence, the information, money or both of them have gone into the wrong hands.
What should we do to protect both people and data?
“The first starting point is that people will learn to understand how the internet works” says Mika Aaltonen. He is a futurist and Adjunct Professor (Complexity & Foresight) and Advisor of the Board of Rona Finland Oy. Of course, if you work in the core of computer networks, Aaltonen’s message may sound surprising. But whereas the internet in its early days was a playground of the PC support department, today every employee operates online in one way or another.
The cashier checkout system is online, as well as the construction worker’s time tracking and CEO’s calendar. Furthermore, all the information between them moves digitally. Not to mention where we spend the lion’s share of our free time.
“The Google- and FBI-funded company Recorded Future and its projects prove how data can predict where you are tomorrow with an accuracy of 20 meters. Does every internet user understand this?”
It’s all about big entities, yet understanding is built piece by piece. With this in mind, Rona team has decided to package the large topics of cybersecurity into small, easy-to-adopt pieces. The new information must have a genuine connection to the everyday life of the user – whether it benefits their work or leisure.
Responsible companies will take care of their employees’ cybersecurity skills
Many of us share the stories of our lives on social media, not only with our faces but also under our real names. People have always told their lives through narratives. However, today these tales are not shared by the campfire, but in public. Therefore, with a few searches, it’s easy to combine your private life with your CV and work life.
No, it’s not just a matter of age or generations. On the contrary: the management of complex privacy settings may be as confusing for millennials as it is for those approaching retirement age.
“The big trend is that privacy and security first shifted from the national level concept to the company level, and furthermore from the company level concept to the individual level. Because of that, companies can no longer take care of the company’s cybersecurity without taking care of the security of their employees”, Aaltonen continues.
It is up to the employer to decide which tools will be available: either top-down commands and ready-made training modules, or employee-driven, customized content in an easy, mobile format.
The engineer of the future needs to understand sociology as well as anthropology, says Mika Aaltonen
Lack of information is not a problem. On the contrary, we produce the same amount of data globally in two hours as the mankind had produced by 2003, says Mika Aaltonen in his book. In other words: if you encounter a problem, someone has almost certainly shared a way to solve it. The challenge is what are we going to do with all the information. How do we turn it into understanding?
Instead of mere knowledge, we need more situational understanding. It will consequently lead to smarter decision-making.
“Certain capabilities have received special attention and they are appreciated,” Mika Aaltonen comments on the development of recent decades. These include, for example, technical data analysts and developers.
When technology has taken the front seat, even the most ambitious security plans include gaps because the human factor remains strong. However, in recent years, development teams have begun to bring together new perspectives and also the expertise of sociologists and anthropologists, among others.
“As we walk the path from common understanding to whoever does the work behind this, we get to technology education. Thus, it would be a good idea to include more human perspectives to engineering and technology studies at college or university level already. ”
From quantity towards quality
The global waves of last decades – the economic crisis of 2008, the emergence of the climate crisis and, most recently, the covid-19 pandemic – have already made the wheels of change spin. In the light of these changes, it’s clear that the old industrial society will not come back. Innovations are constantly needed, but not at any cost. Private data protection and cybersecurity threats are already addressed in the main news broadcasts.
We do not want to be overwhelmed by an insignificant flood of information. We want to live up to our values at home and work, online and offline. We want to learn something new and find the things that are essential to us, among the millions of social media posts, news articles and online learning applications.
“The whole innovation debate should be expanded to include more aspects than technology and economy, only”, Mika Aaltonen concludes.
Would you like to discuss more on how to engage in cybersecurity? How to communicate acute threats as well as grassroots level practices effectively?