We took to the exhibition floor at Infosec Europe 2015 armed with ten cool ASCII-art Naked Security T-shirts to put a question to ten visitors.
(The T-shirts were a “thank you” for those who agreed to take part.)
As it happened, one of our participants said he was happy to leave his T-shirt for the next guy, so we ended up with 11 answers.
The question we asked was: What concerns you the most in respect of computer security?
Unfortunately, we don’t have a recording from ten years ago with which to compare these answers.
But we’re pretty sure that, back in 2005, people would have been mostly concerned about “keeping the bad stuff out,” fearing threats like hackers, malware, spam and so on.
Five years ago, at Black Hat 2010 in Las Vegas, people told us they were attending the conference for a slightly more diverse set of reasons, including: malware, SCADA, privacy, and concerns about the cloud.
One upbeat chap, whose attitude we greatly admired, went so far as to say he was aiming for cybervictory, an ambition to which we felt obliged to raise our glasses, literally and figuratively.
But what was the vox pop in 2015?
What are the big issues for our 2015 cybersecurity practioners?
Here, in 90 seconds, is what they told us:
(Audio player above not working? Download MP3 or listen on Soundcloud.)
As you can hear, today’s cybersecurity efforts seem as much concerned with keeping the good stuff in as with keeping the bad stuff out.
We approve.
We think it’s vital to take care of both of those if we’re really serious about cybervictory.
Identity theft
“Lack of Knowledge” or “Not knowing what is going on” has to be the root of practically all other problems; malware, viruses, identity theft, loss of privacy, surveillance etc.
A few moments ago my PC slowed to a crawl. I looked at Resource Monitor and could see that the memory had maxed out. But why? I could see various processes taking resource, but what are they, should they be running, can I disable them? I right-click and select “Search online” and instead of a new tab in FF, Internet Explore gets launched – onto an already maxed out machine!
Oh for the days of DOS, autoexec.bat and config.sys!
Luddite… could not agree more with Lack of Knowledge statement… trebled when applied to upper management in a corporate environment. But even at the base user level, many security concepts are beyond the understanding, or sometimes discipline of the average computer user. (I have to have a different 15 character password for ALL my sites?)
Too many cooks spoil the broth.
If I remember correctly we were worried about things like malware, phishing of online banking details, employee awareness of security, and were starting to think about the implications of employing ‘generation Y’.
My concern is that when the US mandated backdoors get exploited the IOT will be the least secure it has ever been.
What concerns me the most is when the pros start hitting the Mac, it will be PWN central. SO many people think a Mac is safe, when it is the opposite. Even Linux is open for pwnage. But that is why I am now on the Chrome OS as my main computer.