A new approach to Сyber Security

9183

There is a problem of illiteracy, and, as I think, not only in the Republic of Moldova, but throughout the world, and this is not what most of us usually mean by this. I'm talking about technical illiteracy. We live in a world dominated by gadgets, computers, portable devices, smartphones, but only a very small part of the population knows how these things work. It seems that only those who know how to write codes have the same power just as they used to be in times when those who knew how to write and read over the past centuries dominated the illiterate people.

I don’t think that every citizen needs to become a developer of computer code, but I’m sure that it’s essential for ordinary people to learn the basics of technology, to know not only how to use it in their own interests, but also to prevent others from taking advantage of their technological ignorance and, moreover, to harm them. Education is necessary, and the current state of our cyber security education leaves much to be desired. If we look at the latest cases of cyber-attacks, if the victims knew how to protect themselves, many problems caused by the attackers could be avoided.

In schools, we provide children with various programs, ranging from driving courses and many other disciplines. But children, of course, spend a lot of time on the Internet, interacting with technologies, and I consider it necessary to make maximum efforts if we want to counter the threats that are growing due to technological advances, such as, for example, the Internet of things. These threats must be systematically eliminated; each of us must understand the risks and be responsible for protecting ourselves and our families. The need for education is equally high and for companies in the private sector, entrepreneurs should be aware of security measures. Until recently, these measures were known only to secret agencies; today they have become mandatory for the business environment.

The biggest problem remains the human factor, which is not only the weakest link, but also the most, sometimes, neglected. Bruce Schneier said: "If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology." Cyber security is a problem directly related to people, not just technology. The human factor washes up all technological security measures and, as a result, the training of personnel and the workforce is crucial. It is clear that technology can help us be safe. For example, multifactor, biometric authentication, encryption, and geolocation can prevent criminal attacks and reduce other security threats. But we see that these technological tools may have no effect if an unknown person inserts an infected flash drive into a computer in an institution. Of course, it is much easier to resort to a technological solution when faced with a problem, but heads of institutions, businessmen, politicians must take into account the human factor of security if they want to make progress on technological risks.

Everyone knows the importance of personal hygiene in physiology. The same goes for the health of the Internet, it’s like public health, it’s a shared responsibility, and everyone should take care of their devices and networks if they want to improve their overall security. I think we all have ethical responsibility for this.

The time has come to change the paradigm of our perceptions and attitudes towards security. We should see this as an exercise in public health, and I think that we could apply precisely the public health model that is adaptable, able to respond to a globally changing spectrum of pathogenic microorganisms. There is a need to establish a Hub for Control over Cyber ​​"diseases" to identify and counter threats in cyberspace. This hub could do a lot to counter technological hazards and help improve the health of the networks supporting the country's infrastructure. The need for such a cyber center is that it will play the role of educator, both for the general public and for IT professionals who are directly responsible for the security of information systems and not only. Watch for the purpose of detecting infection in cyberspace. Diagnostics — using methodologies to study the spread of digital viruses and provide technical support for troubleshooting. Immunization - it is important to immunize against threats by updating new systems and software. At the same time, a group of experts will be created in this cyber center to intervene in case of need to treat the affected systems.

At the state level there are institutions responsible for the tasks described above. But such a center is necessary for an epidemiological approach to all of the much more numerous and complex technological risks in order to reach the source of infection with malware, as happened in the case of malaria. For decades, all the efforts of doctors to treat this parasitic disease have been in vain for those who have already been infected. But only after epidemiologists realized that the disease was transmitted by mosquitoes, only then they made real progress in combating this disease.

If we want to experience the progress of our technologies and take advantage of their benefits, we need to develop adaptable security mechanisms, but what is most important, time does not wait.

Albert Einstein at one time said that "it is impossible to solve a problem on the same level at which it arose." Our challenge lies in the lack of correspondence between the ability to solve the problems of the 21st century, possessing the mentality of the 19th. Cooperation between the public and private sectors is becoming increasingly necessary, without it we will not make progress in improving our security. Through this platform and public-private partnerships, cyber security innovations will be encouraged. Here, the main national representatives of this industry and those working in the cyber security ecosystem will come together, and together we will focus on the same issues.