Today we meet Eric Vanderburg, a renowned American cybersecurity, storage networking and information technology professional. He is an author, speaker on information security, the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin.
Eric Vanderburg is best known for his deep understanding of privacy, cybersecurity, data protection, and storage. You may enjoy his insight reading his blog Security Thinking Cap or one of the books he has published.
Eric has been interviewed on TV and radio, and we are glad that he accepted to share his thoughts on privacy and security with our readers.
Interview With Eric Vanderburg
Hello Eric, first of all, thanks for your time. You are well known as an information security executive, thought leader and author. Can you tell us more about yourself and your background?
I started in the IT industry about twenty years ago. Back then security meant having a firewall and access control. However, as cyber threats grew, so did the security business and I found myself putting together solutions that involved a host of technological, governance, and human components designed to protect companies, their data, and that of their customers.
I love what I do. Each day brings new challenges and new ideas. People are constantly innovating in cybersecurity, and it is energizing to be a part of it. As Vice President of Cybersecurity at TCDI, I direct professionals in areas such as penetration testing, audit, risk management, cybersecurity analysis, threat management, and incident response. We put together solutions that help protect our customers’ companies and their reputation. The challenges my customers face are real and important.
I have had the opportunity to speak at a wide variety of events to educate others about cyber threats and how they can protect against them. My blog and social media are also avenues I use to share cybersecurity knowledge and to collaborate with other like-minded professionals and organizations.
What are the challenges users are confronted with while surfing the Internet?
Internet users are at risk from malicious code that could infect their machines through phishing messages, compromised websites, or malvertising. This can result in loss of data, ransomware, misuse of resources, theft of data, and identify theft.
Internet user’s privacy is also threatened by sites and services that monitor their activity such as Internet Service Providers (ISP), search engines, social media, and other sites.
Who should be more concerned about cybersecurity?
Everyone has something to lose because we all have an identity.
Additionally, the data housed on our computers is also vulnerable. Those with more to lose will be more concerned with cybersecurity. Those who care more about their identity will also be more concerned about cybersecurity and those with more valuable data will also be more concerned about protecting it.
Unfortunately, some do not pay enough attention to cybersecurity because they feel they do not have enough to protect or that their identity is not very valuable. They realize later, such as when they get a credit check, that their identity is important to them and that it has already been compromised.
What can be the issues related to poor sensitive data management on the Internet?
Poor sensitive data management can result in a loss of intellectual property, loss of business or customer information, financial losses, a loss of employment, and damage to a person’s or company’s reputation. Each of these losses may also be felt by others the individual is associated with such as friends or family.
Recently you have published an article entitled “Privacy is not dead.” Do you think it is possible to adequately protect our sensitive data?
I believe it is possible to adequately protect sensitive data. However, protection comes at a cost. This is both a financial cost and an opportunity cost.
The financial cost comes from the software and other tangible things may need to be purchased to protect data. There will also be restrictions on some things that a person may wish to do if they want to be secure. This represents the opportunity cost.
People need to value their privacy enough to incur these costs. The long-term view realizes that the loss of privacy is far more costly in the end.
How difficult it is for the average Internet user to secure his data?
The average Internet user can secure their data with the right training and the right tools. They need to stay up to date on cyber threats and implement appropriate practices to guard against those threats. It requires vigilance and a genuine concern for their own privacy.
Training should first address secure password techniques. Next, training should focus on social engineering tactics including how to recognize phishing messages, what malvertizing is and what it looks like.
It should next focus on indicators that users should look for to know if malware is on their machine and what to do about malware if it is detected.
Third, users should understand how to browse the web safely including how to know if the data they send is encrypted, what a VPN is and how to use it, and which parts of the net are safe and which are risky.
Lastly, users should be trained on how to keep their computer operating system and software up to date with the latest patches.
The essential tools needed to stay safe online and secure data include antimalware software, personal firewalls, password managers, VPN software, and ad blockers. Some may choose to employ anonymous browsers and data wiping tools as well, but these are not essential.
Do you see more cybersecurity threats coming in the next years?
Cybersecurity threats will only increase in the next few years. The success of many attacks and the money made with these attacks only encourages criminals to continue their activities and increase their scale. New cybercriminals see opportunities to make illegal income as well.
Ransomware and phishing messages will both continue to increase. We are also nearing the holidays when the number of phishing campaigns skyrocket. This is the time to be on guard against the ploys of cybercriminals.
If you had to summarize the best practices to protect our privacy on the Internet, what recommendation would you give to our readers?
Securing data requires “cyber street smarts” and computer hygiene. Cyber street smarts are the sensible precautions to take to keep yourself safe online while computer hygiene a set of basic processes and software to keep a computer safe.
Cyber street smarts include strong password techniques, recognizing phishing messages from legitimate messages, understanding the indicators of an unsafe website, knowing where you can safely go online, and understanding which services to use to protect your personal data while doing activities online.
When you are not busy protecting people privacy, what else do you love to do?
I enjoy spending time with my wife and two children. My wife and I have the pleasure of exploring this wonderful world God gave us together, and we are happy to share those experiences with our children and to relearn some of the simple things from them as well.
In addition to cybersecurity and privacy, I have a passion for history, old books, music, and movies. When I need some time to myself, I can often be found nose deep in a good book or relaxing with a cold drink and a movie.