Gonzalo Álvarez Marañón 8 April, 2020
The average level of professional talks is often so low that people prefer to work than listen. You’ll see this in all kinds of meetings: by the second slide, attendees are already replying to mails or finishing a report. Fortunately, it isn’t the case for all talks: for more than 20 years, TED talks have been bringing a glimmer of hope on this bleak picture. In this entry we bring you the Top 10 TED Talks to Learn about Cybersecurity as well as the guidelines and tricks on how to improve your own presentations.
1. Bruce Schneier: The Security Mirage
Security is both a feeling and a reality. The feeling and the reality of security are certainly related, but it is also true that they are not the same thing. Most of the time, when the perception of security does not match with the reality of security, it is because the perception of risk does not match with the reality of risk.
We do not assess security compromises mathematically by examining the relative probabilities of different events. Instead, we use shortcuts, general rules, stereotypes and biases, generally known as heuristics. These heuristics affect how we think about risks, how we assess the probability of future events, how we consider costs and how we make trade-offs. And when those heuristics fail, our sense of security moves away from the reality of security.
Cryptography guru Bruce Schneier explains some of the cognitive biases behind our poor risk assessment in cybersecurity and how to overcome them.
2. Chris Domas: The 1s and 0s Behind Cyber Warfare
Cybersecurity researcher Chris Domas recounts how a 30-hour session in the lab spent deciphering a binary code led to an epiphany about a better method for humans to process that kind of data. Domas breaks down how the act of translating binary information into a visual abstraction can save researchers tons of time—and potentially save lives.
3. Caleb Barlow: Where Is Cybercrime Really Coming from?
The former vice president at IBM Security proposes to respond to cybercrime with the same collective effort we apply to a health crisis like Covid-19: sharing timely information about who is infected and how the disease is spreading. According to Barlow, we need to democratize risk intelligence data. We need to get public and private organizations to open up and share their private arsenal of information. Cyberattackers are moving fast, so we need to move faster. And the best way to do that is to open up and share data about what is happening. If you don’t share, then you’re part of the problem.
4. Mikko Hypponen: Fighting Viruses, Defending the Internet
It’s been 25 years since the first PC virus (Brain A) hit the net spreading from diskette to diskette. What was once an annoyance has now become a sophisticated tool for crime and espionage. In this talk, Hypponen explains how the economy of cybercrime work.
5. Ralph Langnet: Cracking Stuxnet, a 21st-century Cyber Weapon
When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its unusually high level of sophistication loomed a more troubling mystery: its purpose. Ralph Langner and team identified that Stuxnet was a cyberphysical attack aimed at a specific target. They identified that such target was the Iranian nuclear program (something no one wanted to believe for months) and analysed the exact details of how this attack, or more accurately these two attacks, were meant to work. In this talk you will learn how targeted attacks against critical infrastructure work.
6. Mikko Hypponen: Three Types of Online Attack
There are three major groups of cyberattackers: cybercriminals (who seek to get rich by running illegal online businesses), hacktivists (who seek to protest and change political situations), and governments. Governments seek to spy on and control citizens. Yes, even in Western democracies: Your government is spying on you.
7. Avi Rubin: All Your Devices Can Be Hacked
Cyberattacks go beyond computer damage and data theft. They can also kill. This talk explains how device hacking with actual impact on human lives work: medical devices, vehicles, etc. Any device with software can be vulnerable. It will contain bugs that will be exploited. We can’t forget that all technology must incorporate security.
8. James Lyne: Everyday Cybercrime and What You Can Do about It
Are you aware of what your devices reveal about you? How much security and privacy do you give away in exchange for convenience and usefulness? Malware works because 99% of victims don’t take the most basic precautions. How does malware attack? What can happen to you? And how can you protect yourself? James Lyne will teach it to you over this talk.
9. Lorrie Faith Cranor: What’s Wrong with Your Pa$$w0rd?
To fight against the weaknesses of text-based passwords, both inherent and user-induced, administrators and organizations often establish a set of rules -a password policy- that users must follow when choosing a password. What should a good password look like? After studying thousands of real passwords to figure out the most surprising and common user’s mistakes, Lorrie Cranor has some answers.
10. Finn Myrstad: How Tech Companies Deceive You into Giving up Your Data and Privacy
What’s the point of protecting your home with a lock if anyone can get in through a connected device? Even though you never read the terms and conditions, you check the box saying you did, and Boom! You agree to have your personal information collected and used. Companies put the entire burden on the consumer. Technology will only benefit society if the most basic human rights are respected, such as privacy.