Agnes Kirk is the Chief Information Security Officer at the Washington State Office of Cybersecurity. During her presentation, she repeatedly stressed that our expanded use of internet-connected devices translates directly to an expansion in the number of avenues hackers can use to access our private data. This vast array of devices, commonly known as the “internet of things,” now includes everything from TVs and smartphones, to Fitbits, baby monitors, and “smart” refrigerators.
In 2000 there were 360 million internet connections globally. Now, with the “internet of things,” by the year 2020, it’s estimated there will be 20 billion connected devices.
“Every connected device is an opportunity for hackers to steal information,” said Kirk. “As technology has allowed us to be more efficient, and our actions more convenient, it has also made us immeasurably more hackable.”
Kirk says that today, when you look at the entire “internet of things,” 70 percent of those devices have little to no security in them. During the meeting, Kirk also brought up the fact that it is difficult to combat cyberattacks because the landscape of technology and security is every-changing and evolving.
“Things have not gotten any less complicated or any less threatening in the past few years. In fact, [cyberattacks] have become more complex, more sophisticated, and more lucrative.”
The sophistication of these attacks put government organizations, businesses, and critical infrastructure at risk of cyberattack. Kirk brought up the Equifax breach as the most recent large scale and far reaching attack, which compromised 143 million U.S. consumer’s personal data.
Kirk says cybersecurity needs to be treated as a team sport, where each individual “teammate” has their own critical role. For example, the Office of Cybersecurity is in charge of monitoring state networks and responding to security emergencies. At the same time, the public’s role is to become smarter about the links they click, things they post, and the individual security measures they use to protect their data.
As for policy-makers, Kirk says their role is to encourage technology and innovation while also balancing advanced security options to keep Washington residents safe. She advises finding ways to ensure companies protect individual’s rights to privacy, and addressing the aging IT security infrastructure that is becoming increasingly vulnerable to cyberattacks.
Alex Alben, Washington’s Chief Privacy Officer, and his team work with legislature on policies involving security and privacy. At the meeting, he updated the committee on two developments involving smartphones. His team is currently working to update the mobile device policy for state workers by defining rules and standards of how to use the state’s network responsibly. The other topic he is currently focused on is spyware, which refers to mobile apps that allow hackers to read a user’s text messages, listen to calls, and automatically activate the camera on their device, without the user knowing.
“As technology is coming about in ways that we never contemplated, we need to stop and have thoughtful conversations about how we can create the right environment. So the challenge is large, but the best minds coming together will continue to move this conversation forward,” concluded Kirk.