Cybersecurity Ventures, a leading cybersecurity research platform, reports that cybercrime damages are expected to reach $6 trillion dollars by 2021 and a whopping $10.5 trillion dollars by 2025.
These statistics give us frightening insights into the future of our digital economy and trade. And it concurrently prompts every person on the planet to take cyber security ever more seriously.
Steve Morgan, the founder of Cybersecurity Ventures and Editor-in-Chief at Cybercrime Magazine, further agrees to the fact that cybercrime is soon going to become the next major threat after natural disasters.
Morgan is a renowned cyber security specialist, researcher, and journalist. He has been an active contributor at Forbes, with over 500 publications under his belt. He has also co-authored the book, Women Know Cyber: 100 Fascinating Females Fighting Cybercrime.
Due to his immense knowledge, expertise, and contributions to the cyber security industry, Morgan has been named among LinkedIn’s Top 5 Security Influencers to Follow, the Top 100 Cybersecurity Influencers at RSA Conference, and one of the Top 10 Cybersecurity Journalists to Follow by Onalytica.
Today, we are going to have a conversation with Morgan regarding his journey as a cyber security researcher and specialist and his expert insights into the industry.
Welcome, Steve. Thank you for taking the time out for this interview with us. Let’s start the interview.
Question #1: How did you start your journey as a cyber security expert, and what made you from a role you played as a Director at McAfee to a founder and journalist at Cybersecurity Ventures?
Steve: My high school English teacher thought I should be a writer. It took me a long time to realize he was right. But I wound up in the tech industry when Apple and IBM were shipping the first PCs to market. My Dad tinkered around with a lot of new technology and I caught the bug from him. It was a really exciting time and I learned a lot early in my career. I started up my own business, a network integration firm and grew it for 10 years into a regional provider with 30 plus employees. It was a mashup of the technical work I knew well, and then everything from sales and marketing to you name it – writing too. I always enjoyed writing and would periodically submit an article to an industry periodical. McAfee came calling and I went running in 1995, when they were the quintessential Silicon Valley startup and second fastest growing software company in the world behind Netscape at the time. I was there for nearly 4 years and it was a great ride. The CEO and executive staff had a lot of confidence in me and I had the opportunity to be involved with sales, marketing, professional services, management, and acquisitions. But I always had the itch to do my own thing – and ultimately ventured back out on my own. From my early years in tech up to the time at McAfee, I was involved with cybersecurity – but we didn’t call it that. In the 80’s you just did what needed to be done to secure networks, applications, and data. In the 90’s we started to call it information security. At one point when we started to connect and protect so many other ‘Things’ it evolved to cybersecurity.
Question #2: You co-authored a book, Women Know Cyber: 100 Fascinating Females Fighting Cybercrime, and recently did a podcast on Women in Cyber, what problems do you believe that women are currently facing to make their place in the cyber security industry?
Steve: Too many people look at the glass as being half empty when it comes to women in cybersecurity. An old statistic from nearly 10 years ago still floats around the media stating women hold 11 percent of positions in our industry. So we did some research and updated to 20 percent and the figure has been corroborated by many media outlets, academia, industry associations, and vendors. It is now a de facto industry statistic. I’m hoping to see that move to 50 percent over the next decade. That’s an ambitious goal but I think we have to shoot for the stars. To get there or as far along as possible, the most important thing we need – in my opinion – is role models. So I co-authored a book containing exactly that. The idea is to give young girls and all women thinking about a career in cybersecurity others they can look up to and learn from. The book generated a big following and now we produce a podcast series and numerous media having to do with women in cybersecurity. None of it would be possible without the support of so many women in our field who got behind us – including my co-author Di Freeze.
Question #3: Would you like to share any personal or professional advice to women who aspire to start their career in cyber security?
Steve: Aim high. Network, network, network. There is so much momentum for women in cybersecurity right now. We’ve compiled this list of 50 women in cybersecurity associations and groups to follow. Our @WomenKnowCyber Twitter account has a community numbering around 5,000 right now – the largest of its kind. Reach out and people will reach back to you. I talk to a lot of people in our industry and know this to be true.
Question #4: When we were first struck by the pandemic, we saw many reports regarding cybercriminals phishing through fake Covid maps and attachments. Are Covid-related cyber crimes still happening globally? What’s your take on it?
Steve: Cybercriminals thrive on any situation that creates chaos, fear and uncertainty. COVID-19 has created the perfect storm for cybercrime. We are seeing a huge number of phishing scams that are playing into people’s fears around contracting the coronavirus, their careers and financial situation. But I really have to praise a lot of employers who are being proactive and ramping up their security awareness training and phishing simulation programs to get ahead of the problem. Training remote employees on security is mission critical right now.
Question #5: As we see a significant surge in working from home, it has created a significant gap in cyber security, exposing businesses to many threats. What preventive measures would you recommend business to take to fill those gaps?
Steve: Just Do It is all I can say. Companies know exactly what they need to do in order to protect their remote employees – the challenge is the amount of time it takes. Security teams may need additional personnel from other parts of the IT organization to help out. It’s a lot of work to lock down all of your remote endpoints – whether it’s hundreds, thousands, or tens of thousands of them. It’s all relative to the size of an organization and the amount of security personnel they have. Small businesses are the exception and the ones I’m really worried about. They don’t have dedicated security personnel. But I urge them to bite the bullet and get in touch with a local cybersecurity firm who can help. Right now, just as much as COVID-19, cybersecurity – or a lack of it – can be the difference between staying in business versus closing down.
Question #6: Humans are still the weakest link to cyber security and probably it will remain that way. What do you think?
Steve: True. It’s been that way since the first computer and it will always be that way. It is a core truth that we all need to deal with in cybersecurity. There’s no getting around that.
Question #7: You are probably aware of the updated Privacy Policy of WhatsApp and the furious response it has generated on social media. Would you like to comment on it?
Steve: No comment.
Question #8: Talking about WhatsApp, encryption plays an important role in cyber security. Do you also use encryption tools like a VPN for the security of your data and privacy? Would you recommend the same to our fellow readers?
Steve: I won’t comment on what products we use for security here internally. But I will say that we have a chief security officer and we practice what we preach. Yes we have a VPN. And with all other that we do, like most secure organizations, we don’t take anything for granted and continuously think through any potential exposures and solutions.
Question #9: On a final note, would you like to share any cyber security forecast with our readers to give them a heads-up?
Steve: People take statistics the wrong way sometimes. We have shared for the past several years that cybercrime would cost the world $6 trillion annually by 2021. But that was not a gloom and doom prediction. It was more matter of fact to help people understand that cybercrime is rising and organizations need to take it more seriously. But really it’s no different than street crime or any type of crime. If you go back to early civilization there was nowhere near the crime that exists now. Crime grew in proportion to population growth. A certain percentage of people will do bad things. The more people on earth, the more bad things happened. But that doesn’t mean humanity is any worse. With cybercrime we need to look at the population growth to keep things in perspective. Humans on the Internet will triple from 2015 to 2022 and hit 6 Billion. 90 percent of the human population, aged 6 years and older, will be online by 2030 – which is 7.5 billion people. With that in mind, to say that cybercrime damage costs will grow from $6 trillion annually in 2021 to $10.5 trillion in 2025 shouldn’t be so shocking. Notwithstanding, the world will store 200 zettabyes of data by 2025, This includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, on personal computing devices — PCs, laptops, tablets, and smartphones — and on IoT (Internet-of-Things) devices. With this exponential data growth the opportunities — for innovation, and for cybercrime — are incalculable because data is the building block of the digitized economy.
Thank you very much, Steve, for the interview. We believe our readers will benefit from your knowledge and insights. As for our readers, if you guys wish to stay updated with cybersecurity statistics, figures and trends, you can follow Steve at https://SteveOnCyber.com , on Twitter @cybersecuritysf, or LinkedIn.