Led by moderator Melanie Ensign, security & privacy communications lead at Uber, our media panel featured some of the most renowned cybersecurity journalists around, including Nicole Perlroth from The New York Times, Iain Thomson from The Register and Joseph Menn from Reuters. Gathered at the Merchants Exchange Club in San Francisco, these four engaged in a rousing discussion around cybersecurity trends, just ahead of the cybersecurity industry’s version of the Academy Awards: the annual RSA Conference.
As cyberattacks continue to escalate in frequency and severity, the public awareness around data privacy and security is at an all-time high. This is causing many companies to scramble to comply with regulations like GDPR in order to restore consumer trust. But it wasn’t always this way—in fact, it was quite the opposite. The evolution of cybersecurity is quite fascinating. Up until recently, cybersecurity concerns barely registered as a blip on consumers’ radars. And even before that, journalists who wanted to write seriously about cybersecurity had to write about patch management according to Menn—hardly the newsworthy topics and headlines that result from this industry today.
The tides started to change with the rash of random worms and malware at the turn of this century, according to Thomson. This made consumers cognizant of cybersecurity, despite lacking the knowledge they need to protect themselves. And yet, they remained fairly apathetic about it Perlroth noted—that is, until the recent wave of Russian hacks surrounding the 2016 election. Now people are pissed off and they care.
Still, to ensure that apathy doesn’t creep back into play, it’s important to arm consumers with resources to help protect their private data and devices, as well as frame cybersecurity stories in a digestible manner. Perlroth pointed out three great tips for writing about cybersecurity in order to make people care:
- Offer tips and actionable steps to take
- Don’t be condescending
- Communicate clearly
Of course, now that the public is consciously aware that many companies are scraping their data—something Ensign said is no longer innovative but rather the status quo—the debate about whether you need to sacrifice privacy in order to achieve innovation got our panel and audience riled up. Thomson seemed to sum up this debate perfectly, framing his concern around the commercialization of cybersecurity, privacy and trust for political gain rather than an actual consumer threat.
Beyond that, our powerhouse group of panelists tackled the cybersecurity industry’s most pressing challenges ahead, including why our current threat landscape makes it easier for cybercriminals to target us, the impact on digital advertisers and tech companies using consumer data in light of stricter regulations and the evolving role of cybersecurity vendors as organizations are mandated to deliver this privacy and protection.
At the end of the day, though, it all circles back to the changing attitudes and perspectives of the consumer when it comes to cybersecurity. Questions like how companies collect, use, store and sell private information moving forward aren’t easy ones to answer now that the spotlight is on them more than ever and consumer sentiment is quick to sour. Time will tell how organizations and vendors will adapt to increased consumer scrutiny, but one thing’s for sure: people’s eyes are now open, and they won’t shutter to cybersecurity and privacy concerns until trust is established and maintained.
