World Cybersecurity Forum (1st Quarterly Clubhouse Edition)

We held the first World Cybersecurity Forum this past week and it was a great success!

The World Cybersecurity Forum was a 24-hour event held for the first time this year on Clubhouse! The event featured cyber experts from around the world, and was an event open to all with the mission of demystifying cyber, creating awareness and answering the public’s questions. The World Cybersecurity Forum believes that cybersecurity is EVERYONE’S responsibility.

Organized by Jacqueline Jayne, Security Awareness Advocate at KnowBe4, Jacqueline or, JJ, for short, can be found on LinkedIn. The session aimed to bring the best minds together from around the world to talk about all things cyber. It ran the gamut of cyber topics ranging from Quantum Cryptography to OSINT to privacy to Digital Citizenship, with the speakers being a wonderfully curated, hand-picked selection of industry specialists including: James Azar, James McQuiggan, Heather Lane, Hans Vargas, Angie Vargas, Chris Mattmann, and Roger Grimes. The event also featured a revolving door of industry professionals including Roger Whyte, Andrew Townley, Paul Cummings, Valerie Nielsen, Dane Butzer, Dave Glenn, and Karla Carter offering their knowledge .

Various cybersecurity topics discussed throughout the 24-hour global event included:

OSINT:
James McQuiggan and Heather Lane discussed all things OSINT, to educate the non-tech, non-cyber folks. Phishing, and its various forms SMishing, and Vishing. A handy mnemonic is for “PHishing” think ‘PH’ for “PHony” emails, for “SMishing” think ‘SM’ from “SMS”, and for “Vishing” think “Voice”.
Social engineering, spear-phishing, and whaling were also touched on.

Privacy:
James Azar had some great info on privacy and privacy awareness. The important takeaway here is the importance of being aware of setting configurations and proper control of these configurations. One has to really use a privacy in depth strategy, similar to other “in-depth” strategies, and address privacy at multiple levels in order to ensure a comprehensive, 360-degree strategy addressing multiple points of privacy. Never underestimate the importance of settings!

It’s also important to know that Facebook has the data for many people that don’t even have an account of their own. Just based on their family and friends that may have an account, and who “tag” these people anyway on photos, thus making Facebook “aware” of their existence.

VPNs:
We had to opportunity for audience members to ask and learn about VPNs. The great thing about bringing together a panel of experts is that a learner can listen to the experts weigh and debate their stances on issues. There are many popular options that were brought up including:
NordVPN, ExpressVPN, ProtonVPN, Surfshark, and more. Remember to conduct your consumer research!
The general conclusion for this topic of VPNs was to NOT USE FREE VPNs! In other words, DON’T USE FREE VPNs!

Password Managers:
Password managers can be a useful tool in helping to organize and protect ones online identity by storing multiple passwords for various accounts. Password managers will also generate passwords with customizable settings like password length, upper-case & lower-case options, and the inclusion or exclusion of special characters. One is also able to set controls, like reminders to change passwords after a set duration of time. Users should beware that storing all of their passwords in one place still carries the possibility of risk, and further controls should still be incorporated, such as using multiple password managers, and also not providing all info input fields just because it asks for it.

Quantum Computing:
Roger Grimes gave a thrilling speech on quantum cryptography and next generation cryptography. Some interesting points brought up were the fact that data being sniffed and stolen today, and encrypted with today’s current encryption, would be susceptible to being cracked by quantum computing in the future. While there is debate on just how far off this future may in fact be, there are some who think it’s as soon as just a few years away, if not already here(!), and are raising awareness.
Some steps to take now are isolation, quantum key distribution, and to use keys of at least 256-bits.
For more updates, be sure to follow at NIST as they release final candidates.
Roger Grimes also provided a wealth of information that can be found here:
-Want to understand quantum mechanics and computing better? Try his Quantum Mechanics and Computing Primer!
–Quantum Supremacy Achieved, and What That Means for You, Your Company, and the World
–You Should Start Preparing for the Coming Quantum Crypto Break Now
–A New, Better Way of Thinking About Quantum Decoherence
–Everything You Wanted to Know About Quantum Random Number Generators
–Yes, Of Course Quantum Can Be Hacked

Digital Citizenship:
As the 21st century unfolds we must embrace that fact that our digital lives are becoming more important and ubiquitous with each passing year. This topic may grow in increasing importance over the coming decade. But questions that the current generation of parents, and their offspring, have to address will be novel, possibly awkward, but ultimately necessary in order to deal with these questions that previous generations didn’t have to grapple with. While technology has changed the way humans live since the harnessing of fire, or the invention of the wheel, the frequency and rapid rate at which it is now happening, is cause to pause, and to think about addressing.
We have to address, highlight and answer things like protecting the younger population online. Indeed this starts with the assumption that the parents of this younger population are aware of the basics of online protection themselves, and implementing in their own daily lives. Some are of the opinion that digital citizenship should be right up there with reading, writing, and arithmetic. As with anything, setting the example starts within the home.

Podcasts: There are many podcasts that cater to the cyber professional and the newbie alike. Here’s a rundown:
–Cybersecurity Today by IT World Canada
–Malicious Life
–Darknet Diaries
–CISO Series
–Cybersecurity Saunaf
–The Global Realities of Cybersecurity Podcast

Recommendations:
The World Needs More Cybersecurity Pros, But Millennials Aren’t Interested In The Field via TechRepublic
“Billion Dollar Whale” recommended by Chris Mattmann
Consumer.ftc.gov (America’s Consumer Protection Resource recommended by Roger Whyte)

Fodder for future topics:
-Presidential Order “Right to Repair”
-Linux discussion
-Cyber preparedness kit
-Cybersecurity War: It’s a battlefield out there!
-What is a password?/What’s in a password?
-Wheres the cyber checklist? (general checklist)
-Data Brokers (James didn’t have time to go into.)
-Risk Management & Making Companies Pay for PSAs recommended by Dave Glenn
-IOT/Cyberphysical Systems NIST

Be sure to follow the World Cybersecurity Forum on Clubhouse. And, of course, if you aren’t already, also make sure you’re at following Cybersecurity Is Sexy on Clubhouse!