In response to Clémence Marchal

Privacy and security are related. Privacy relates to any rights you have to control your personal information and how it’s used. Think about those privacy policies you’re asked to read and agree to when you download new smartphone apps.  Security, on the other hand, refers to how your personal information is protected. Your data — different details about you — may live in a lot of places. That can challenge both your privacy and your security.

Some people regard privacy and security as pretty much the same thing. That’s because the two sometimes overlap in a connected world. But they aren’t the same and knowing how they differ may help you to protect yourself in an increasingly connected world.

In response to Liam Richardson

When it comes to privacy vs. security, it’s a good idea to have both. Each can impact your digital health. But what’s the difference?

Privacy and security are related. Privacy relates to any rights you have to control your personal information and how it’s used. Think about those privacy policies you’re asked to read and agree to when you download new smartphone apps.  Security, on the other hand, refers to how your personal information is protected. Your data — different details about you — may live in a lot of places. That can challenge both your privacy and your security.

When it comes to privacy vs. security, it’s a good idea to have both. Each can impact your digital health. But what’s the difference?

Cyber security and data privacy may be big issues for businesses of all sizes, but with the right approach and by taking advantage of innovative solutions available to help combat cyber threats, organizations can take back control of their digital lives.

In response to Fujiko Nakayama

Not a day seems to go by without news of another data breach or cyber security threat hitting the headlines. From Talk Talk and Tesco to Adidas and even Fortnum and Mason, no organization is safe. That’s without mentioning wider issues around how organizations are using people’s data.

Facebook and Cambridge Analytica have been under the spotlight, and Google also recently confirmed that private emails sent and received by Gmail users can sometimes be read by third-party app developers, not just machines.

Not a day seems to go by without news of another data breach or cyber security threat hitting the headlines. From Talk Talk and Tesco to Adidas and even Fortnum and Mason, no organization is safe. That’s without mentioning wider issues around how organizations are using people’s data.

Not a day seems to go by without news of another data breach or cyber security threat hitting the headlines. From Talk Talk and Tesco to Adidas and even Fortnum and Mason, no organization is safe. That’s without mentioning wider issues around how organizations are using people’s data.

Cyber-security threats affect all industries, regardless of size. The industries that reported the most cyberattacks in recent years are healthcare, manufacturing, finance, and government. Some of these sectors are more appealing to cybercriminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.

The threats countered by cyber-security are three-fold:

1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause disruption.

2. Cyber attack often involves politically motivated information gathering.

3. Cyberterror is intended to undermine electronic systems to cause panic or fear.

Cyber-security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security.

With the vast amount of data being captured by sensors and devices, transmitted and then stored, you need to ensure that every piece of data is secure and used as the consumer expects throughout its lifecycle. You should consider how you'll get security updates to remote devices. And you should collect only the data you need. Finally, companies should provide notice to consumers of how their data will be used and ideally give them a choice of whether or not to provide that data. The best advice: consider security at the outset, not at the end of the development process.

SSL is identity verification, not hard data encryption. It is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and its big brother TLS are both used almost everyone online, but the problem is because of this it is a huge target and is mainly attacked via its implementation (The Heartbleed bug for example) and its known methodology. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.

The pervasiveness of data breaches has firmly placed the topic of cybersecurity on the agenda of the Board of Directors. It is part of their responsibility as members of the board to understand the threat landscape, current best practices, and what the company is doing to protect the employees, customers, constituents and shareholders. This has led to the creation and administration of cyber committees, working alongside other risk committees.

In response to Varfolomei Krupin

From tweaking web browser extensions and settings, to using VPNs and anonymous search engines; plenty of tools can help you enjoy the fruit of the internet without sacrificing your online privacy.

its true , but should i always hide ? just a question for you , otherwise i agree with you, 

In response to Gaetano Albertini

Some governments carry out online surveillance and don’t really allow their citizens to web browse privately. In the UK, the Investigatory Powers Act allows government authorities to legally spy on the browsing and internet use of British citizens.

Its fine you brought up this , but where do you stand on it ? For or against? " In the UK, the Investigatory Powers Act allows government authorities to legally spy on the browsing and internet use of British citizens." thats true unfortunetaly , and im against giving so much power to governemnt over me and my personal life. Its almost the same with the apps in youtube , facebook , instagram , whatsapp etc. True they target you on interest , but to do that they browse and collect information about you. 

Unfortunately, cyber adversaries have learned to launch automated and sophisticated attacks using these tactics – at lower and lower costs. As a result, keeping pace with cybersecurity strategy and operations can be a challenge, particularly in government and enterprise networks where, in their most disruptive form, cyberthreats often take aim at secret, political, military or infrastructural assets of a nation, or its people.

Social Media Cyber-Bullying is really a serious issue when many of the people unintentionally fall prey to terrorist activities, false claims and cyber crime tending to the extent of even provoking kids and teenagers to commit suicides.

Cyberspace is notoriously vulnerable to varied and changing attacks by hackers, criminals, terrorists, and state actors. Critical infrastructure, including the electric power grid, air traffic control system, financial system, and communication networks, depends on information technology for its operation and thus is susceptible to cyberattack.

The computer systems of financial regulators and financial institutions like the U.S. Securities and Exchange Commission, SWIFT, investment banks, and commercial banks are prominent hacking targets for cybercriminals interested in manipulating markets and making illicit gains.Web sites and apps that accept or store credit card numbers, brokerage accounts, and bank account information are also prominent hacking targets, because of the potential for immediate financial gain from transferring money, making purchases, or selling the information on the black market.

The promise of machine learning in cybersecurity lies in its ability to detect as-yet-unknown threats, particularly those that may lurk in networks for long periods of time seeking their ultimate goals. Machine learning technology does this by distinguishing atypical from typical behavior, while noting and correlating a great number of simultaneous events and data points.

Applications used to access Internet resources may contain security vulnerabilities such as memory safety bugs or flawed authentication checks. The most severe of these bugs can give network attackers full control over the computer. Most security applications and suites are incapable of adequate defense against these kinds of attacks.  Here you can learn more about Application Security.

Ransomware is the bane of cybersecurity, IT, data professionals, and executives.  Perhaps nothing is worse than a spreading virus that latches onto customer and business information that can only be removed if you meet the cybercriminal’s egregious demands. And usually, those demands land in the hundreds of thousands (if not millions) of dollars.

In response to Gaetano Albertini

Some governments carry out online surveillance and don’t really allow their citizens to web browse privately. In the UK, the Investigatory Powers Act allows government authorities to legally spy on the browsing and internet use of British citizens.

The cyber-threats to any nation can range from disruption of an agency's networks or information services to the public to cyber-warfare. Depending on the agency, type of cyber-attack, its scope, duration, and effectiveness, the consequences for the online and offline operation of local, federal, or state government components can range from annoying delays in communications to serious damage to infrastructure threatening life or property.

From tweaking web browser extensions and settings, to using VPNs and anonymous search engines; plenty of tools can help you enjoy the fruit of the internet without sacrificing your online privacy.

Some governments carry out online surveillance and don’t really allow their citizens to web browse privately. In the UK, the Investigatory Powers Act allows government authorities to legally spy on the browsing and internet use of British citizens.

In response to Heather Bryant

 I think cybersecurity is already heavy developed, the matter is that most of the people are not ready to pay the price to be protected, because nobody measure the risk with their personal data exposure on the internet, before gets hurt. Is there a way to make people more informed about risks and threats of surfing the Internet ? Advertisments and more videos like that should be promoted !

Absolutely agree, i think every person must have his own internet culture. A simple rules like using incognito browsers, stronger passwords, keeping your software up to date must be followed by all of us. This will not solve the cybersecurity problems at all, but will help users to feel more secure.

In response to Prof. Dr.-Ing. Helga Breitner

Espionage is the oldest game around. Ever since there were groups of adversaries there have been groups who have attempted to spy on one another.  What is arguably a new development is the creation of hacker groups that tend to be financially or politically motivated, that technically are not part of the state but are allowed to exist within the state. Examples where it's suggested these groups are tolerated include Iran, China, Russia and North Korea.

Cyber espionage is a form of cyber attack that steals classified, sensitive data or intellectual property to gain an advantage over a competitive company or government entity.

Espionage is the oldest game around. Ever since there were groups of adversaries there have been groups who have attempted to spy on one another.  What is arguably a new development is the creation of hacker groups that tend to be financially or politically motivated, that technically are not part of the state but are allowed to exist within the state. Examples where it's suggested these groups are tolerated include Iran, China, Russia and North Korea.

Different actors, such as cybersecurity experts versus end users, will manifest a cybersecurity mindset in very different ways. For example, the security experts with such a mindset would be constantly considering ways that a technical system could be breached, as these mental scenarios will lead them to design systems and train users to avoid the problems they anticipate. Users are unlikely to think about how malicious users might try to steal their information, but they are likely to consider ways to keep their equipment and network resources safe from others, if they have a cybersecurity mindset.

In response to Dorothea Petrescu

George,

I think everyone who uses the Internet should at least be aware of the following threats that exist (and hopefully know how to protect themselves): botnet, data breach, mobile banking Trojans, DDoS attack, phishing, ransomware, and spyware.

Dorothea,

DDoS is the only term in your list I was not familiar with.  Thanks to you, now I am.  A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.

George,

I think everyone who uses the Internet should at least be aware of the following threats that exist (and hopefully know how to protect themselves): botnet, data breach, mobile banking Trojans, DDoS attack, phishing, ransomware, and spyware.

I think that we have to be protected by the government as well as by our own awareness.

I think the old name of the Microsoft browser "Internet Explorer" was very cool.

You are always explorig the internet, that is like an unknown land, so you have to proceed with caution

 I think cybersecurity is already heavy developed, the matter is that most of the people are not ready to pay the price to be protected, because nobody measure the risk with their personal data exposure on the internet, before gets hurt. Is there a way to make people more informed about risks and threats of surfing the Internet ? Advertisments and more videos like that should be promoted !

@Rosanne

Broadly speaking, phishing is an attempt to gain information such as usernames, passwords, credit card details or financial records by tricking a target into entering this data through a communication (email, instant message, etc.) that apparently originates from a trusted entity like company, well known web sites or other institution.

Social engineering is that range of confidence tricks based mainly on human psychology and behavior patterns done to manipulate a target into revealing sensitive data or performing actions that will facilitate the aims of the hacker (gaining access to web sites, revealing passwords, account names and other access codes).

This kind of attacks is not only implemented through computer systems. For example, just before an important exam, such as a high school diploma, it is not uncommon to hear people who have the questions prepared for the exam, who receive phone calls from people who try to ask to know the contents of exam tests with the most varied tricks.

The term social engineering was mentioned in the video.  Does anyone know whether it is a synonym for phishing?  I am trying to determine whether the two terms may be related in some way.

The video makes an excellent point on setting the Cybersecurity mind set.  It would be interesting to find out more about ways regular folks, who are not IT savvy, can be educated about the significance of cybersecurity and their role in preventing cybercrime.

It says the presenter is an UNICRI Programme Officer.  Here is a bit information on the organization:  The United Nations Interregional Crime and Justice Research Institute (UNICRI) is one of the five United Nations Research and Training Institutes. The Institute was founded in 1968 to assist the international community in formulating and implementing improved policies in the field of crime prevention and criminal justice.   Its headquarters are located in Turin, Italy.

From what I have seen and heard cyberattacks are pretty common nowadays.  I think every company should have a cybersecurity approach in handling their data.

I find it hard to believe that criminals can attack and hack devices such as toasters, fridges, and monitors.  I wonder if there is an example of such an attack that may have been presented in the news.