Hacking Sesame Street: Growing Our Next Cyber-Experts

Hello! Welcome back to Bits N’ Bytes Cybersecurity.

Happy Computer Science Education Week! With bits of Computer Science and bytes of problem solving, this week proved to be a great success.

In celebration of CS Education Week, Bits N’ Bytes is excited to share the voice of a cybersecurity professional who presents a major problem we have at hand in the cyber field. This week, we welcome Nick Espinosa, CIO and Chief Security Fanatic of cyber-defense firm, Security Fanatics, to share his perspective on the need for our young generation to be fluent in the cybersecurity language of the future, and how our parents can help foster this environment. Even since the age of 9, Nick has been an avid tech-enthusiast himself, landing his first IT job at 15, and founding his own technology company, Windy City Networks, at 19. Now, Nick is an expert in all things security, co-authoring a best-selling cybersecurity book Easy Prey, hosting his own cybersecurity radio-show, and contributing his writing to Forbes. We are excited and honored to feature his voice and share his stories in cybersecurity. Let’s get started!


ANECDOTE

Hacking Sesame Street: The Need for Cybersecurity Education Starts Early

2017 is shaping up to be a rather interesting year. We’ve seen several major breaches with a record number of data exposures. In the first six months alone we had more than 2,200 organizations worldwide declare some kind of breach which a combined total of over six billion records stolen(1). When you consider that globally the internet has about 3.7 billion users total, it’s not hard to realize that we’ve all been exposed online at least once if not more. Add to this number the recent Equifax breach(2), as well as the disclosure by Uber(3), and we can now add hundreds of millions of more sensitive record to the never ending growing total.

I speak quite extensively on this particular subject to audiences from all over the world and inevitably I tell every audience I’m in front of the same thing: If they are going to take away two things from my speech it’s that’s enabling Two Factor Authentication(4) is important to prevent spoofing and hijacking of their online accounts and also that education is the most important factor in helping themselves and those around them against the hackers of the world.

I was hired to hack into a company by a CEO and I was able to break into this company by social engineering an attack against this person’s teenage son. If that’s not telling, I don’t know what is.

Sadly, we are behind in the education arena globally. We have a fast-paced news cycle which makes it impossible to keep up with virtually anything including the latest in Cybersecurity news. Second, we have simply come to expect that breaches and loss of personal data is normal and there is nothing we can do about it. The line that should be drawn in the sand over this issue has long washed away for many and that makes education and awareness rather difficult. In this vein, it’s time for a new methodology and awareness in education.

If we’re being honest here, education for Cybersecurity should be starting at the earliest age possible. Sure, a five-year-old isn’t going to understand encryption, logins and password strength however what they do understand is that they have a unique identity in who they are and that it’s both special and important to them. By virtue of this, educating our children on why it’s important to keep special information private begins to get our kids into the mindset that there is a clear differential between what they can share versus what they keep to themselves. Once we create this foundation for privacy then awareness for the threats to said privacy are more easily enumerated. We have an entire generation of digital natives with no clue that their online experience may not be safe or secure and that’s a problem we have to correct right from the start of their online lives. I actually wrote an article in late 2016 underscoring this exact problem(5). I was hired to hack into a company by a CEO and I was able to break into this company by social engineering an attack against this person’s teenage son. If that’s not telling, I don’t know what is.

We have an entire generation of digital natives with no clue that their online experience may not be safe or secure and that’s a problem we have to correct right from the start of their online lives.

This isn’t just our children’s issue though. We have a situation where adults may be aware of cyberthreats however they have no strategy to deal with it in their own way for themselves or their children. Individuals are not alone though in this problem. Roughly 50% of all national governments worldwide also have no formal Cyberdefense plan according to the U.N. (6)! It’s easy to see why hackers are so successful. We all have a say in the direction this situation takes. If history has taught us anything, though, it’s that in order to fix a deep, global and pervasive issue it takes both time and education. With this in mind it’s time to start and now is much better than tomorrow.

This post was prepared and accomplished by Mr. Nick Espinosa in his personal capacity. The opinions expressed in this article are the author’s own and do not reflect the view of any specific organization.


REFERENCES

1. https://www.riskbasedsecurity.com/2017/07/over-2200-data-breaches-disclosed-so-far-in- 2017-exposing-over-six-billion-records/

2. https://www.nytimes.com/interactive/2017/your-money/equifax-data-breach-credit.html

3. https://www.nytimes.com/2017/11/21/technology/uber-hack.html

4. https://en.wikipedia.org/wiki/Multi-factor_authentication

5. https://www.smartfile.com/blog/the-step-by-step-guide-to-destroying-your-life-a-hackersperspective/

6. http://www.un.org/apps/news/story.asp?NewsID=57119#.WijA3EqnHIV


About the Author: NICK ESPINOSA

Image result for nick espinosaAn expert in cybersecurity and network infrastructure, Nick Espinosa has consulted with clients ranging from small businesses up to the Fortune 100 level. Nick founded Windy City Networks, Inc in 1998 at age 19 and was acquired by BSSi2 LLC in 2013 where he is their CIO. In 2015 Security Fanatics, a Cybersecurity/Cyberwarfare outfit dedicated to designing custom Cyberdefense strategies for medium to enterprise corporations, was launched. A nationally recognized speaker, member of the Forbes Technology Council, regular columnist for Forbes, on the Board of Advisors for Roosevelt University’s Center for Cyber and Information Security, award winning co-author of a bestselling book “Easy Prey”, and host of “The Deep Dive” radio show on 101.3FM WHIW, Nick is known as an industry thought leader and sought after for his advice on the future of technology and how it will impact every day businesses and consumers.

Forbes Articles:

https://www.forbes.com/sites/forbestechcouncil/people/nickespinosa1/

Articles on Smartfile:

smartfile.com/blog/author/nespinosa/

Twitter:

@nickaesp

Facebook:

facebook.com/NickAEsp/

Past radio show episodes:

soundcloud.com/infosecgurus/