Cybersecurity [May 03, 2016]


The current approach to cybersecurity is flawed. Effort is spent trying to “educate” users not to click on links in email or to open attachments, when this is exactly how those features were designed to be used. Similarly, users are expected to take responsibility for what their computers are doing, but every software product they use demands the right to go online, upload usage data and download updates, so how would you know that you have become part of a botnet? We need a new approach to cybersecurity.

Lecture Date: Tuesday, 3rd May 2016 – 6:00pm at The Museum of London, 150 London Wall, London, EC2Y 5HN



Lecture Transcript (word file)Lecture Slides (PPT)View/add Comments

7 Responses

  1. Anon

    Unfortunately I was unable to come to your most recent lecture on Cybersecurity. I’ve been looking for the podcast on the Gresham site and here but it does not seem to be available yet. Do you know when it might be posted?

  2. Malcolm J. Blunden

    When entering my name and/or address into a form on a website, I sometimes get told to “correct your name/address”. (Some websites just say “please use English letters”, as if such things are not English]. It usually turns out that it doesn’t like commas, full stops and the like. I assume that this is an attempt to prevent some variety of scripting attack. Is this really necessary; isn’t there a less ham-fisted way to achieve this that will allow entries to be made with proper punctuation?

  3. Eric Sindeu

    Hello sir..I enjoyed your brilliant presentation at the CTO cybersecurity forum 2016 this morning. I’m from cameroon and i’d like to grab some of your knowledge and experience to better prepare my coutry for cyber criminals

  4. Azam Ali

    I read your article and decided to look for term “view all applications communicating on the internet” I was surprised to find “nothing”. You are right most applications demand the right to communicate over the internet yet Microsoft, Antivirus companies and cyber protectors have not yet developed a simple application to show what our PC is doing communicating with the internet.

    I get the feeling, all companies are spying on our data and no one wants us to know what they are fishing from us.

    1. It has been said that “if you are not paying for the service, then the product being sold is you, yourself”. Most companies collect personal data where they can, and either make it hard to opt out, or tempt you to opt in by offering benefits that cost them far less than your personal data is worth to them.

      I believe that every company that collects personal data should be obliged to send you details of what they hold, annually, and to give you the opportunity to have it securely and permenantly deleted.

      If you want to see the traffic on your network, you might look at Wireshark. https://en.wikipedia.org/wiki/Wireshark. It can be downloaded free from https://www.wireshark.org/download.html.

Leave a Reply