Open Forum: Cracking the Code

Arguments

Andre Kudelski has a background in physics and interest in graphical cards and chip design

Supporting facts:

• After his study in physics at EPFL, Andre was interested by graphical cards and chip design.

• He started technology that’s used in AI today early before others, when it was not yet popular.

Topics: Physics, Graphical cards, Chip design

---

Andre Kudelski believes in the importance of thinking outside of the box in securing digital assets

Supporting facts:

• Andre tried to secure elements as video content before many others in the 80s.

• He emphasizes the need to wear the shoes of the ‘bad guy’ to model a different approach.

Topics: Digital Security, Cybersecurity, Innovation

---

Cybercriminals operate in an organized, professional and business-oriented manner

Supporting facts:

• Cybercriminals usually look for easiest way to get a return on investment

• They often target low-hanging fruits i.e., weaker systems

• They only need to be successful once in their attempts while the defenders need to be 100% correct

Topics: Cybercrime, Ransomware, Hacking

---

Hackers make use of AI to create personalized attacks at scale

Supporting facts:

• Hackers identify the behavior of a system beyond its definition and exploit it

• They attempt to predict how a system may react in unknown scenarios

Topics: Artificial Intelligence, Hacking, Cyber Attacks

---

Hackers are often very well-funded and have access to experts for specific needs

Supporting facts:

• Hackers operate in a structured network system

Topics: Hacking, Funding

---

You don’t need a license for cyberphishing

Topics: Cybersecurity, Phishing, Hacking

---

What appears to be a stupid attack may be a test from hackers to identify easy targets

Topics: Cybersecurity, Hacking

---

Non-profit actions can create disturbances for individuals or groups with malicious intent

Supporting facts:

• Journalists pointing out corruption or narcotraffic can trigger disturbances from those involved, despite the journalism being non-profit

Topics: Non-Profit Organizations, Journalism, Corruption, Narcotraffic

---

Overuse of credentials can lead to risk of phishing and security exposure

Supporting facts:

• Each time you ask a credential, you have a probability that someone will be more exposed to phishing

Topics: Security, Cybersecurity, Phishing

---

Cybersecurity needs to be much more user-friendly and intuitive

Supporting facts:

• If you have a service that is asking you to enter credential a few times a day, not only is it something that is not user-friendly, but it’s adding an exposure

Topics: User-experience, Cybersecurity, Intuitive Design

---

Projection of today’s risk into the future is essential for digital natives

Supporting facts:

• Digital natives have a lot of digital information

• Elements protected today may not be protected in the future

Topics: cybersecurity, digital risk, future projection

---

Information storage methods need to consider their long-term security

Supporting facts:

• The race between the good guys and bad guys is fairly balanced for short-term secrets

• For long-term confidential information, like health data, current security measures may be inadequate

Topics: data storage, long-term confidentiality

---

Andre Kudelski disagrees with the idea of insurance companies covering ransomware payments

Supporting facts:

• He states it may not be a good idea for insurance companies to cover the payment of the ransom

Topics: ransomware, cybersecurity, insurance

---

Combining AI and observing what hackers are doing could help create cost-effective cybersecurity solutions

Supporting facts:

• Hackers try to use your energy in order to take advantage. If we use energy of the hacker to take advantage through AI, we could find effective solutions

Topics: AI, Cybersecurity, Hackers

---

Importance of minimizing the consequence of a security breach

Supporting facts:

• Regardless of technology or social strategies, a weakest link can always be found.

• Need to make the aftermath of a potential breach as low impact as possible

Topics: cybersecurity, social engineering, business approach

---

Report

In this analysis, the speakers discussed several key points. Andre Kudelski, who studied physics at EPFL, has a background in graphical cards and chip design. He has been instrumental in developing technology that is now widely used in AI, demonstrating his ability to identify trends before they become popular.

Kudelski emphasizes the importance of thinking outside the box when it comes to securing digital assets. He believes in wearing the shoes of the “bad guy” to model a different and more effective approach. His innovative thinking is evident in his early focus on securing elements such as video content, even before it gained mainstream attention in the 80s.

On the other hand, cybercriminals operate in an organized, professional, and business-oriented manner. They target weaker systems as they seek the quickest and easiest return on their investment. Hackers, on the other hand, utilize artificial intelligence to create personalized and scalable attacks.

By understanding a system’s behavior beyond its definition, they can predict how it may react in unknown scenarios. Hackers are often well-funded, accessing experts for their specific needs, which makes their attacks potentially more harmful. This emphasizes the need for strong defenses to protect against their activities.

It is important not to underestimate any attack, no matter how small it may seem. Even seemingly insignificant attacks can serve as a starting point for larger and more harmful ones. Thus, vigilance is crucial in addressing potential threats. Non-profit actions, such as exposing corruption or narcotrafficking through journalism, can disrupt individuals or groups with malicious intent.

This highlights the risks faced by those who seek to uncover wrongdoing. The overuse of credentials poses a risk, increasing the probability of falling victim to phishing attacks. User-friendly and intuitive cybersecurity measures can enhance effectiveness and reduce human error.

The concept of “invisible” security emphasizes that the best security is one that goes unnoticed. This proactive approach aims to prevent threats from arising rather than relying solely on reactive measures. The speakers stress the importance of considering future risks, especially for digital natives with vast amounts of information.

Long-term security in information storage methods is crucial as current measures may be inadequate in protecting sensitive data. Quantum technology represents a revolution in the encryption paradigm. It has the potential to render current encryption methods obsolete, jeopardizing archived personal information.

Staying ahead of technological advancements is vital for data security. Regarding ransomware, Andre Kudelski disagrees with insurance companies covering ransom payments. He suggests that insurance companies focus on covering damages and investigating the culprits involved. This approach can deter ransomware and provide better support to affected individuals and businesses.

Combining artificial intelligence with an understanding of hacker behavior is a powerful tool in developing cost-effective cybersecurity solutions. Gaining insights from hackers’ techniques can enhance defenders’ capabilities. Minimizing the consequences of a security breach requires a comprehensive business approach, considering more than just technology or social strategies.

By preparing for weak links in the process, organizations can mitigate the impact of potential breaches. Overall, this analysis provides an extensive overview of various aspects of cybersecurity. It emphasizes the importance of proactive and robust security measures, adapting to emerging technologies, and continuously improving security practices.

Arguments

Anne Cleveland encourages individuals interested in cybersecurity

Supporting facts:

• Anne Cleveland asks those interested in a career in cybersecurity to reach out and join

Topics: Cybersecurity, Career

---

The overall audience either personally experienced or knows someone who has been the target of a cyber attack

Supporting facts:

• Around 50% of audience raised their hands when asked if they’ve been the target of a cyber attack

• All of the audience raised their hands when asked if they know someone who has

Topics: Cyber Attack, Internet Safety

---

Loneliness and artificial intimacy are areas of susceptibility for cyberattacks.

Supporting facts:

• This issue affects both the younger generation and the elderly population.

Topics: Cybersecurity, Artificial intimacy, Loneliness

---

Report

In a recent event, Anne Cleveland encouraged individuals who are interested in a career in cybersecurity to reach out and join the field. This highlights the growing demand for professionals in the cybersecurity industry. It is considered a positive development as it can provide opportunities for individuals to contribute to the field and address the challenges posed by cyber threats.

During the event, it was revealed that around 50% of the audience had experienced being the target of a cyber attack. This alarming statistic showcases the prevalence of cyber attacks and emphasizes the need for robust cybersecurity measures. Furthermore, when asked if they knew someone who had been targeted, every person in the audience raised their hands.

This indicates the significant impact of cyber attacks, not only on individuals but also on their social networks. Another notable point discussed during the event was the susceptibility of individuals in the younger generation and the elderly population to cyber attacks in relation to loneliness and artificial intimacy.

This vulnerability highlights the need for targeted cybersecurity solutions that address the unique challenges faced by different age groups. It suggests that cyber criminals may exploit individuals seeking companionship or connection online, placing them at risk of various forms of cybercrime.

Moreover, it was highlighted that small organisations, including non-profits and social enterprises, face similar risks of cybercrime as larger organisations. This demonstrates that the scale of an organisation does not safeguard it from cyber threats. It underscores the importance of implementing effective cybersecurity measures regardless of the size of the organisation.

Furthermore, it suggests the need for tailored solutions for the social sector to ensure the protection of valuable data and sensitive information. In conclusion, Anne Cleveland’s encouragement to join the field of cybersecurity reflects the growing demand for professionals in the industry.

The high prevalence of cyber attacks demonstrated by the audience’s experiences and connections underscores the need for robust cybersecurity measures. The susceptibility of individuals in the younger and older age groups to cyber attacks, especially in the context of loneliness and artificial intimacy, highlights the need for targeted solutions.

Lastly, small organisations in the social sector must prioritize cybersecurity to mitigate the risks they face. Overall, the event emphasized the ongoing importance of cybersecurity in addressing the challenges posed by cyber threats and protecting individuals, organisations, and society as a whole.

Arguments

Emerging technologies like AI and quantum computing are changing the threat landscape for organizations

Supporting facts:

• Discussions in Davos during the winter were focused on AI and quantum computing

Topics: Cybersecurity, Artificial intelligence, Quantum computing

---

Organizations need to adopt emerging technologies in a safer manner

Supporting facts:

• The audience member asked about how organizations could improve their adoption of emerging technologies for a safer outcome

Topics: Cybersecurity, Safe adoption of technology, AI, Quantum computing

---

There is a significant delay in outsourcing penetration testing projects

Supporting facts:

• Have to wait four to six months for a penetration testing project

Topics: Cyber Security, Penetration Testing

---

Vulnerabilities could cause the collapse of a whole business

Supporting facts:

• Sometimes you have 200 million clients

• If you get validated, that means collapse of a whole business

Topics: Cyber Security, Business

---

Social engineering is a major vulnerability in cybersecurity

Supporting facts:

• Largest, most impactful hacks often involve social engineering

• Stuxnet hack was enabled through a USB found in the parking lot

Topics: Cybersecurity, Social Engineering, UI design, Product design

---

Thoughtful product design in cybersecurity can help mitigate social engineering attacks

Supporting facts:

• Product design that takes into account end-users and their behaviors can help create more secure systems

Topics: Product Design, Cybersecurity, Social Engineering

---

Report

The discussions at the Davos conference centred around the rapidly changing threat landscape brought about by emerging technologies such as AI and quantum computing. There is growing concern that organisations may not be correctly adopting these technologies, which could lead to potential security vulnerabilities.

One audience member raised a question about what organisations might be getting wrong in their adoption of these technologies. It was argued that organisations need to adopt emerging technologies in a safer manner. The audience member inquired about how organisations could improve their adoption of these technologies for a safer outcome.

This suggests that there is a recognition of the importance of addressing potential security risks associated with the adoption of emerging technologies. Furthermore, it was revealed that there is a significant delay in outsourcing penetration testing projects. This delay can have serious implications, as vulnerabilities could persist for an extended period, increasing the risk of potential cyber attacks.

In some cases, the collapse of an entire business could be attributed to such vulnerabilities. Social engineering was identified as a major vulnerability in cybersecurity. It was highlighted that the largest and most impactful hacks often involve social engineering techniques.

For instance, the Stuxnet hack was made possible through the use of a USB found in a car park. This underscores the need for cybersecurity packages to encompass and address social engineering vulnerabilities. Notably, it was suggested that thoughtful product design can play a crucial role in mitigating social engineering attacks.

By taking into account user behaviours and tendencies, product designers can create more secure systems. This acknowledges that end-users’ behaviours should be considered when designing cybersecurity measures. Overall, the discussions at Davos highlighted the need for organisations to carefully adopt emerging technologies, address potential security vulnerabilities, and consider the role of social engineering in cybersecurity.

Thoughtful product design and an understanding of user behaviours were also emphasised as important factors in creating more secure systems. These insights contribute to a broader understanding of the challenges and opportunities in the evolving landscape of cybersecurity.

Arguments

There isn’t one preordained path to cybersecurity

Supporting facts:

• Kathy Liu studied political science and public policy, not a cyber-focused field

• Her interest in cybersecurity was sparked by electives she took in grad school

• She was initially looking for a way out of corporate finance courses and stumbled upon cybersecurity

Topics: Cybersecurity, Career paths

---

AI technology may enable more realistic phishing attacks

Supporting facts:

• With generative AI, cybercriminals could create extremely believable fake emails and voice messages

• Phishing attacks often exploit artificial intimacy

Topics: AI, phishing attacks, cybersecurity

---

Reestablishing human core in communication can act as a defense against phishing attacks

Supporting facts:

• In our communication habits, there are usually recognizable patterns

• By making everyone aware of these patterns, we can recognize when something is off, like phishing attempts

Topics: phishing attacks, communication, human behavior

---

Diverse voices in the cybersecurity field can help anticipate threats

Supporting facts:

• With a diverse cybersecurity workforce, we could better challenge assumptions, find blind spots, and keep up with diverse forms of cyber attacks

• Inclusive Cyber Project is engaged in bringing diverse voices into cybersecurity

Topics: cybersecurity, diversity, Inclusive Cyber Project

---

Youth are tech savvy but not cyber savvy

Supporting facts:

• Cybersecurity is often perceived as intangible and inaccessible

• Even though youth are considered digital natives, their understanding of cybersecurity is limited

Topics: Youth, Cybersecurity, Technology

---

Increasing accessibility and understanding of cybersecurity among youth

Supporting facts:

• Connect cybersecurity to causes youth care about to increase interest

• Ease of use is essential to get youth interested in cybersecurity

• Introduction of user experience sciences can help create a frictionless adoption of cybersecurity innovations

Topics: Cybersecurity, Youth, Education

---

A balance needs to be struck between cybersecurity and user experience. All friction shouldn’t be removed, as some frictions are beneficial and needed for cybersecurity.

Supporting facts:

• Example of iPhone’s security protocol, i.e., when wrong password is entered three times, it stops further attempts. This control is a part of a healthy friction that advances cybersecurity.

Topics: Cybersecurity, User Experience, Security Controls, Protective Friction

---

AI is going to benefit the asymmetry in favor of the attackers in the short term

Supporting facts:

• attackers will be using AI irresponsibly

Topics: AI, cyber security, attackers

---

AI is going to help talent focus on what’s mission critical in cyber security

Supporting facts:

• AI can automate a lot of what takes a lot of human resources away today

• this can help in focusing on what’s mission critical

Topics: AI, cyber security, human resources

---

The importance of building resilience in cybersecurity

Supporting facts:

• Cybersecurity is about defense in depth

Topics: Cybersecurity, Ransomware, Resilience Architecture, Backups

---

Kathy Liu believes in using art to communicate the messages of cybersecurity in a more positive and engaging way.

Supporting facts:

• There are installations at Davos that communicate messages about climate change through art.

• She is interested in exploring what the cyber representation could look like in art form.

• She prefers communicating about cyber not through fear but through its positive aspects.

Topics: Cybersecurity, Art, Communication

---

Cybersecurity should be interdisciplinary field across the organization

Supporting facts:

• Cybersecurity departments were no longer relegated to the corner of the IT office

Topics: Cybersecurity, Interdisciplinary Approach

---

Report

In the analysis, several key points emerged regarding cybersecurity. Kathy Liu’s interest in cybersecurity was sparked by elective courses she took in grad school, despite not having a background in the field. This highlights the idea that there isn’t only one predefined path to enter the cybersecurity industry.

It is a field that can attract individuals from diverse educational backgrounds. The importance of cybersecurity as a public good accessible to all was emphasized. It was argued that cybersecurity should be seen as a fundamental aspect of society, impacting individuals, businesses, and governments alike.

To increase accessibility, it was suggested to connect cybersecurity to causes that youth care about, such as climate change or healthcare. This can generate interest and engagement among tech-savvy but not yet cyber-savvy younger generations. The need for diversity in the cybersecurity workforce was also highlighted.

Diverse perspectives are important to challenge assumptions, find blind spots, and adapt to diverse forms of cyber attacks. The Inclusive Cyber Project was mentioned as an initiative dedicated to bringing diverse voices into the field. Artificial intelligence (AI) was discussed as a potential tool for both attackers and defenders in cybersecurity.

While AI may enable more realistic phishing attacks, reestablishing human core in communication can act as a defense. Recognizing patterns in communication can help recognise phishing attempts and protect against them. Finding the right balance between cybersecurity and user experience is crucial.

It was acknowledged that some frictions are necessary for cybersecurity, but unnecessary ones should be eliminated to improve user experience. The impact of AI in cybersecurity was explored further. AI can automate tasks and free up human resources for mission-critical aspects.

However, AI may also benefit attackers and give them an advantage in asymmetric cyber warfare. Building resilience in cybersecurity is important. Having backups and resilience architecture can help organizations work through layers of defense, especially against ransomware attacks. The use of art to communicate cybersecurity messages in a positive and engaging way was proposed.

Similar to how installations at Davos communicate messages about climate change, art installations can help raise awareness and understanding of cybersecurity. Lastly, cybersecurity was seen as an interdisciplinary field across organizations, rather than confined to a specific department. Everyone should have a basic understanding of cybersecurity vocabulary and foundations to create a strong cybersecurity culture within organizations.

In summary, the analysis highlighted the diverse paths into the cybersecurity field, the importance of accessibility and diversity, the role of AI, the need for resilience, and the potential of art in communication. These insights provide valuable considerations for policymakers, educators, and cybersecurity professionals aiming to enhance cybersecurity practices and raise awareness about its significance.

Arguments

Humanitarian and social impact organizations need to secure not only their own assets but also the sensitive data of vulnerable communities they serve

Supporting facts:

• Woodman began working in cybersecurity in the mid-90s, focusing primarily on encryption

• She later transitioned to focusing on cybersecurity in humanitarian and social impact organizations

Topics: Cybersecurity, Social Impact, Humanitarian Work

---

Nonprofit sector organizations are technologically lagging behind

Supporting facts:

• Nonprofits tend to be not as well resourced as private sector organizations or governments

• Nonprofits use commercial products which, upon being vulnerable, are susceptible to cyberattacks

Topics: Nonprofit organizations, Cybersecurity, Technology

---

Nonprofits rely on products created in other industries for cybersecurity

Supporting facts:

• Nonprofits use commercial products which might be susceptible to attacks

• These products are relied upon hoping they are well-suited to protect commercial enterprises, and with tweaks, the nonprofits

Topics: Cybersecurity, Data protection, Technology

---

Cyber attacks on organizations delivering humanitarian aid can cause disruptions leading to misuse of aid for profit

Supporting facts:

• Organizations often use mapping software to avoid conflict zones, any disruption can divert aid.

• Some people try to offload and sell the aid on the black market for profit.

Topics: Cybersecurity, Humanitarian Aid, Profit

---

Civil society is often poorly positioned to effectively respond to cyber attack risks.

Topics: Civil Society, Cybersecurity

---

AI technology is going to make cybersecurity more complex

Supporting facts:

• AI is being used to launch cyber attacks

Topics: AI, Cybersecurity

---

Organisations need to continue thorough due diligence in combating cybersecurity threats

Supporting facts:

• Due diligence needs to get more thorough to counteract increasing cybersecurity threats

Topics: Cybersecurity, Due diligence

---

Security expertise should be utilized in combating increasing complexity of cybersecurity threats

Supporting facts:

• Security expertise is available in the marketplace

Topics: Cybersecurity, Security Expertise

---

Lauren Woodman wants to start a startup that offers penetration testing

Supporting facts:

• There’s a four to six month wait for penetration testing

Topics: startups, cybersecurity, penetration testing

---

Need to incorporate cybersecurity education in school curriculum.

Supporting facts:

• Even digital natives are not necessarily cybersecurity savvy.

• Her own children have been exposed to the cybersecurity issues due to online schooling.

• One of her children showed concern when a suspicious email was received, illustrating awareness.

Topics: Cybersecurity, Education, Schools, Children

---

Report

In this collection of arguments and stances, the importance of cybersecurity in humanitarian and social impact organizations is highlighted. These organizations need to secure not only their own assets but also the sensitive data of the vulnerable communities they serve.

Lauren Woodman, an expert in the field, emphasises the need for cybersecurity in such organizations, drawing from her experience in transitioning from a focus on encryption to cybersecurity in humanitarian and social impact work. The argument is made that the nonprofit sector lags behind in terms of technology and must address this issue.

Nonprofits, often lacking resources compared to private sector organizations and governments, rely on commercial products that are susceptible to cyberattacks. With their data shared across networks, nonprofits are attractive targets for ransomware attacks. It is crucial for the nonprofit sector to prioritise cybersecurity and actively address cybersecurity risks.

Another concerning aspect highlighted is the potential disruption caused by cyberattacks on organizations delivering humanitarian aid. Organizations rely on mapping software to avoid conflict zones, and any disruption can divert aid. Instances have occurred where people attempt to offload and sell aid on the black market for profit.

This highlights the need for robust cybersecurity measures to ensure aid reaches its intended recipients and is not misused. Civil society is identified as being poorly positioned to effectively respond to cyber attack risks. Cybersecurity threats pose a risk to free speech, justice, and vulnerable populations, and civil society struggles to navigate these challenges.

The growing use of artificial intelligence (AI) in launching cyber attacks is viewed as a factor that will make cybersecurity more complex. The presence of AI technology in cyber attacks adds a new layer of challenge for organizations defending against such threats.

The importance of thorough due diligence and the utilization of security expertise in combating increasing cybersecurity threats is emphasised. Nonprofits rely on products created in other industries for their cybersecurity needs, and as such, due diligence needs to be comprehensive to counteract the rising threat landscape.

Moreover, the need to incorporate cybersecurity education in school curricula is stressed. It is noted that even digital natives are not necessarily cybersecurity-savvy. Woodman herself has personal experience with her children being exposed to cybersecurity issues during online schooling. The inclusion of cybersecurity education aims to empower students to navigate the digital world safely and securely.

Overall, it is concluded that cybersecurity is an essential aspect that must be prioritised in humanitarian and social impact organizations. The nonprofit sector needs to address its technological lag and actively engage in cybersecurity measures. Furthermore, the potential disruptions caused by cyberattacks on organizations delivering humanitarian aid highlight the need for robust cybersecurity measures.

Civil society faces challenges in effectively responding to cyber attack risks, and the use of AI in cyber attacks adds further complexity to the cybersecurity landscape. Thorough due diligence and the utilization of security expertise are crucial in combating increasing cybersecurity threats.

Incorporating cybersecurity education in school curricula is vital to equip students with the necessary skills to navigate the digital world securely. Multilayered, community-wide efforts are encouraged to raise cybersecurity awareness and foster a safer online environment.

Arguments

Cybersecurity is something that every single person and business needs due to the increased integration of the Internet into daily life.

Supporting facts:

• Cybersecurity was never embedded in Internet from the beginning, making it critical now.

• The integration of the Internet into daily life is growing.

Topics: Cybersecurity, Internet, Data Protection

---

Working in cybersecurity provides an opportunity to solve globally important problems.

Supporting facts:

• Cybersecurity issues are global in nature.

• Solving cybersecurity problems requires collaboration with smart people.

Topics: Cybersecurity, Global Challenges, Technology

---

Internet usage and cyberattacks are at an all-time high

Supporting facts:

• Internet usage spiked during COVID and has remained high

• Cyberattacks grew about 30% last year compared to the previous year

Topics: Internet security, Cyber attacks, COVID-19

---

APIs make up over 50% of all internet traffic

Supporting facts:

• Traffic from APIs make up about 57% of all internet traffic

• Five years ago, API traffic was less than 10% of all traffic

Topics: API, Internet traffic, Cybersecurity

---

Many online services are unprotected

Supporting facts:

• Only about a third of online services used through APIs are protected

Topics: API, Internet security, Cybersecurity

---

Cloudflare offers free basic cybersecurity protection to help maintain online voices and ideas

Supporting facts:

• Cloudflare has always had a free service that non-profits, small business owners, students and others can use

• This allows them to do what they need to online with some level of cybersecurity protection

Topics: Cloudflare, Cybersecurity, Free Service

---

Project Galileo supports at-risk public interest sites that might come under attack

Supporting facts:

• Project Galileo is an initiative by Cloudflare, running for eight years

• It helps organizations that might become a target due to the controversial nature of their work

• Sites that report on human rights abuses, LGBTQ rights, and reproductive rights are some examples

Topics: Project Galileo, At-risk Public Interest Sites, Cloudflare

---

Journalists reporting on human right abuses are being hunted

Supporting facts:

• Organizations are working to protect journalists

• A journalist did not reveal his name or country as he was being hunted by death squads

Topics: Human Rights, Journalism, Conflicted areas

---

AI is going to be used to launch more cyber attacks

Supporting facts:

• AI only came up once, but it is an important topic

• Organizations are worried about AI being used for cyber attacks

• People are going to impersonate you and other sorts of things

Topics: AI, cyber attacks, cyber security

---

We need to raise awareness and literacy around these topics

Supporting facts:

• The topic of AI is important and is increasingly being brought up

• It is not only a business leader conversation but also a societal conversation

Topics: AI, cyber literacy, awareness

---

Michelle Zatlyn would start a business that focuses on kindness, people, and bringing people back together

Supporting facts:

• Michelle Zatlyn has been involved in establishing CloudFlare, a company that helps in making the internet more secure and private.

Topics: Startups, Business, Entrepreneurship, Social networking

---

Michelle Zatlyn emphasizes the importance of people in successful business operations

Topics: Business, Management, Human Resources

---

Making cybersecurity accessible and easy to understand is crucial

Supporting facts:

• Cloudflare has focused on making its services easy to sign up with a less than five minute process

• Making cybersecurity easy to understand may require reframing the concept in familiar terms, such as comparing Cloudflare to a personal trainer or a bouncer for the internet

Topics: Cybersecurity, Technology, Ease of use

---

Delivering value for the user is the secret sauce for any budding entrepreneur in cybersecurity

Supporting facts:

• Building something that no one uses has no impact and won’t last in business

• Apple is an example of a company that has effectively combined security and user experience in their iPhone

Topics: Entrepreneurship, Cybersecurity, Value creation

---

Report

The integration of the internet into daily life is rapidly increasing, making cybersecurity a crucial concern for individuals and businesses alike. This is due to the fact that cybersecurity was never embedded in the internet from the beginning, making it critical now as the integration grows.

The importance of cybersecurity is emphasized by the fact that internet usage has spiked during the COVID-19 pandemic and has remained high. Unfortunately, this has led to a significant rise in cyberattacks, with cyberattacks growing about 30% last year compared to the previous year.

Cybersecurity issues are global in nature and require collaboration to solve. It is acknowledged that solving cybersecurity problems necessitates working with smart individuals from various backgrounds. Working in the field of cybersecurity can therefore provide an opportunity to contribute to solving globally important problems.

Michelle Zatlyn, co-founder of Cloudflare, originally planned to pursue a medical career but later discovered her passion for technology and cybersecurity. She views cybersecurity as a means to help people on a large scale. Through her training in science and her love for technology, she recognizes the potential for technology to make a global impact in helping people.

She believes that the internet should be a place for free speech, and Cloudflare works to ensure that voices, even if controversial, are not silenced. Furthermore, the significance of APIs (Application Programming Interfaces) in internet traffic is highlighted. API traffic now makes up about 57% of all internet traffic, a significant increase from five years ago when it constituted less than 10%.

However, only about a third of online services used through APIs are protected, indicating that there is a pressing need for better cybersecurity tools and measures. Cloudflare, as a company, plays a role in addressing cybersecurity concerns. It offers free basic cybersecurity protection to non-profit organizations, small business owners, students, and others, enabling them to maintain some level of cybersecurity protection online.

Additionally, Cloudflare’s Project Galileo initiative provides support to at-risk public interest sites that may become targets due to the controversial nature of their work. This includes sites that report on human rights abuses, LGBTQ rights, and reproductive rights. The increasing use of artificial intelligence (AI) in cyberattacks is identified as a growing concern.

Organizations are worried about AI being used to launch more cyberattacks. However, it is also recognized that AI can be utilized to build better services for protection. Commercial vendors, such as Cloudflare, are using AI to collect data about attackers and develop more efficient cybersecurity measures.

Raising awareness and literacy about AI and cybersecurity topics is deemed important. The conversation surrounding AI is growing, and it is not just limited to business leaders but also extends to societal discussions. It is essential to educate individuals about the risks and benefits associated with AI and to foster understanding in the wider population.

In terms of business operations, Michelle Zatlyn emphasizes the importance of considering social aspects and the physical world, particularly for startups. She believes that successful businesses need to focus on people and kindness, aiming to bring people back together and create a positive impact in society.

Additionally, the accessibility and ease of use of cybersecurity services are crucial for wider adoption. Cloudflare has made efforts to simplify its services, with a quick and straightforward sign-up process. Minimizing language, time, and friction in the cybersecurity workflow is essential to encourage more users to utilize secure systems.

Ultimately, the secret to success in cybersecurity entrepreneurship lies in delivering value to the user. Building something that is not used or does not solve a problem will have no impact and is unlikely to last in the business world.

Companies like Apple serve as examples of combining security and user experience effectively in their products. In conclusion, the rapid integration of the internet into daily life highlights the critical importance of cybersecurity for individuals and businesses. It is a global issue that requires collaboration and smart solutions.

Through the efforts of individuals like Michelle Zatlyn and companies like Cloudflare, progress is being made in protecting online voices, supporting at-risk sites, and raising awareness about cybersecurity. However, there is still much work to be done in developing better tools and measures, promoting AI for positive purposes, and educating the public about AI and cybersecurity topics.

Overall, the focus should be on delivering value to users and ensuring the accessibility and ease of use of cybersecurity services.