Monthly Archives: October 2019

Home / 2019 / October

How to Prevent Cyber Attacks Effectively

Computer hacker silhouette of hooded man with binary data and network security terms

In a recent destructive phishing attack, a cybercriminal initially hacked the email of an exhibitions firm and then used a spoofed email to trick its client into wiring money to an overseas bank.

This is just one recent example of the many cyber-attacks around the world, and it is certainly not the last.  What can organizations big and small do to  prevent such attacks?

Email: the deadly gateway

Over 91% of all cyber attacks are triggered by email, according to a recent study.  PwC asked 3.5 thousand IT and business leaders worldwide about resilience in order to find out which organizations are prepared to face and recover quickly from a cyber attack, and to and understand their operations.

Organizations deemed to be high “RQ” (resilience quotient)  have shifted their approach from a model of disaster recovery followed by business continuity to one of “resilience by design”. The newer approach involved having real-time views of higher-priority processes in order to allow responders and decision makers to react to incidents with a unified front.

To fight cyber attacks, companies must know in advance, before any actual cyber attack, the severity, nature and length of the disruptions that it can endure. The company must plan for the worst, including getting cyber insurance, putting all its security operations and personnel in place, and leaving no area unguarded– especially its email system.

Tabletop tests

The PwC report stresses that organizations must proactively test their level of preparation, including through “tabletop tests” which are simulations in which to rehearse important communications during attacks and to identify gaps and dependencies in several essential processes.

 

 

Fighting Misinformation, and Editorial Discretion

In September, Twitter closed down thousands of accounts globally which it said were spreading fake news and misinformation.  Twitter’s safety team said that it suspended many accounts in Europe and South America, as well as accounts from China.  Twitter’s move follows a trend among social media companies.  Previously, Facebook removed many fake accounts originating in the Middle East and China as well, on the grounds that they propagated fake news and misinformation.

The Balance: Fighting Misinformation, and Editorial Discretion

One of the significant external challenges that Twitter faces is the rise of political misinformation in advance of national elections in countries around the world.  As a result, the company has increased its focus on removing accounts that spread this misinformation.  Facebook and other social media companies also face this challenge.  The popularity of social media and the ease with which information can be shared on it makes it a prime area for those who wish to “win hearts and minds” with false information designed to look real.  Misinformation like this can threaten the integrity of elections by misleading voters in countries around the world.

As a result, social media platforms find themselves in a quandary:  They find themselves with a moral, and even in some cases, legal, responsibility to prevent their platforms from being used for such malicious purposes.  On the other hand, they claim to be platforms and not editors of information.  The process of weeding out and banning propagators of fake news challenges this definition, as these activities can cross the line into editorial discretion.

 

 

 

Third Party Consultants and Watchdogs: The Highs and the Lows

 

Companies, especially social media companies which navigate heretofore uncharted waters relating to politics, racial tension, and free speech, often benefit from association with independent, third-party organizations that can help keep their policies ethical and steer them in the direction of responsible stewardship.

Twitter was already facing censure and backlash from the government as well as from users when it announced the formation of the Trust and Safety Council in 2016. The Trust and Safety Council was an independent, external group with more than 40 outside experts and groups whose main task was to help “ensure that people feel safe expressing themselves on Twitter.”

Recently, however, some of the safety consultants revealed that Twitter has not been consulting them.

Twitter Trust and Safety Council wants more communication with company executives

Reportedly, the Twitter Trust and Safety Council had a good relationship with the company’s executives during the first two years of its formation, but subsequently, communication between them decreased. They did not have regular calls, or meetings with CEO Jack Dorsey to discuss new policies at the company annual summit.

Some members of the Trust and Safety Council sent a letter sent to Twitter’s leadership, highlighting that they have gone months without any updates from the company.  They wrote that the council had received no warnings about any changes in policy or about product changes, and concluded with a request to discuss the future of the council with the company’s CEO.

Twitter responds to the letter

Twitter responded to the letter stating that its leadership had been discussing ways to improve how the company works with advocates, partners, and experts, and arguing that one small group is not reflective of Twitter’s role worldwide, which is why the company was working to hear from a more diverse range of voices.

Ramifications

When companies like Twitter engage with external groups like the Trust and Safety Council, they get two major benefits:  independent counsel that can steer them away from abusive or damaging policies or practices, thus protecting the public as well as the company; and the public relations benefit of being able to tout these relationships as evidence of the company’s openness and dedication to social responsibility.

Of course, the voluntary nature of the relationship means that the degree of influence that the third parties have can vary greatly.