As we reflect on recent regulatory changes and trends, we notice a heavy focus on privacy and cybersecurity across the globe. The European Union has recently passed the General Data Protection Regulation (GDPR) and the Payment Services Directive 2. Taking it a step further, in July 2018, the EU proposed a new Cybersecurity Act (9350/18) mandating cybersecurity certification for critical infrastructure industries.
It’s been three years since the U.S. Office of Personnel Management’s (OPM) two data breaches shocked the country and spawned immediate cyber initiatives in response to the theft of millions of highly sensitive records –possibly now resulting in identity fraud, as reported by the Wall Street Journal. In the months that followed, the nation’s agencies were required to make an honest accounting of vital systems and the state of their security.
Editor’s note: Keren Elazari, cybersecurity analyst, author and researcher, will give the closing keynote address at CSX Europe 2018, to take place 29-31 October in London, UK. Elazari recently visited with ISACA Now to discuss the hacking “ethos,” whether data privacy should be considered a right or a privilege, and more. The following is a transcript, edited for length and clarity.
ISACA Now: What prompted you to take an interest in cybersecurity research and analysis?In one word: Curiosity. Always asking more questions, always poking fingers into things I don’t understand – I believe that is the quintessential hacker mindset and that is what has always defined who I am. Even as a child, I was always really interested in technology and curious about how things worked. I would break things, take them apart, crawl under the table to disconnect the cables and see what would happen if I put them somewhere else.
These days, when we turn on the television or listen to the news, we are likely to hear about the latest hot topic in technology: blockchain. Typically, a breathless announcer is giving news of the latest ups and downs of the popular cryptocurrencies, such as Bitcoin and Ripple. Our society seems to be mesmerized with the “Bitcoin phenomenon” and its seeming financial volatility.
We have also heard the stories of Mt. Gox and other scurrilous entrepreneurs who have bilked investors out of their savings. Due to this type of coverage, cryptocurrencies sound to most like a sham and something that has nothing to do with the fundamentals of our businesses. However, nothing could be further from the truth. Blockchain, the technology that powers Bitcoin and other cryptocurrencies, has many different use cases, and has the potential to absolutely transform not just information technology (IT), but also identity management, land management, voting, shipping, records management and nearly every other industry that you can imagine.
There is no doubt that social media has penetrated the daily lives of billions of people. According to Statista, the number of monthly users of social media is slated to reach 3.02 billion people by 2021, which is around one-third of the world’s population. With social media becoming second nature to so many people in every corner of the world, the risk associated with its use is staggering.
We are online all the time creating a permanent archive of ourselves and our families. For many people, our personal posts spread into our professional lives as well. This has gotten us into the current state we’re in. Can we separate our personal selves from our business selves online? Will that post affect me professionally? Will the post affect the company I work for? All these questions are being played out online on a daily basis.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.